Secure, reliable operation of VMware Cloud Director depends on a secure, reliable network that supports forward and reverse lookup of host names, a network time service, and other services. Your network must meet these requirements before you begin installing VMware Cloud Director.

The network that connects the VMware Cloud Director servers, the database server, the vCenter Server systems, and the NSX components, must meet several requirements:
IP addresses
Starting with VMware Cloud Director 10.4, the console proxy uses the same IP address and port as the REST API. The console proxy and REST API use a single certificate. Because of the unified access point, customizing the VMware Cloud Director public console proxy address is no longer necessary.
Note: VMware Cloud Director 10.4.1 and later do not support the legacy implementation of the console proxy feature.
In VMware Cloud Director 10.4, if you want to use the legacy implementation with a dedicated console proxy access point, you can enable the LegacyConsoleProxy feature from the Feature Flags settings menu under the Administration tab of the VMware Cloud Director Service Provider Admin Portal. To enable the LegacyConsoleProxy feature, your installation or deployment must have console proxy settings configured in a previous version and transferred through a VMware Cloud Director upgrade. After enabling or deactivating the feature you must restart the cells.
Note: The legacy implementation requires each VMware Cloud Director server to support two different SSL endpoints and the VMware Cloud Director appliance uses its eth0 IP address with custom port 8443 for the console proxy service. For more information, see the VMware Cloud Director 10.3 version of this document.
Network Time Service

You must use a network time service such as NTP to synchronize the clocks of all VMware Cloud Director servers, including the database server. The maximum allowable drift between the clocks of synchronized servers is 2 seconds.

For the VMware Cloud Director appliance deployments, the NFS server used for the transfer share must use a network time service such as NTP to synchronize its clock with that of the VMware Cloud Director appliances. The maximum allowable drift between the clocks of synchronized servers is 2 seconds.

Server Time Zones
All VMware Cloud Director servers, including the NFS server used for the transfer share and the database server, must be configured to be in the same time zone.
Host Name Resolution
All host names that you specify during installation and configuration must be resolvable by DNS using forward and reverse lookup of the fully qualified domain name or the unqualified hostname. For example, for a host named vcloud.example.com, both of the following commands must succeed on a VMware Cloud Director host:
nslookup vcloud
nslookup vcloud.example.com
In addition, if the host vcloud.example.com has the IP address 192.168.1.1, the following command must return vcloud.example.com:
nslookup 192.168.1.1

The hostnames of the VMware Cloud Director cells must not contain any underscores.

Reverse DNS lookup of the eth0 IP address is required for the appliance. The following command must succeed in your environment:
host -W 15 -R 1 -T <eth0-IP-address>