Starting with version 10.2, VMware Cloud Director supports data center group networking backed by NSX.

To create a network across multiple organization VDCs, you first group the VDCs and then create a group network that is shared with them.

Data center group networks backed by NSX provide level-2 network sharing, single active egress point configuration, and distributed firewall (DFW) rules that are applied across a data center group.

Data center group
A data center group acts as a cross-VDC router that provides centralized networking administration, egress point configuration, and east-west traffic between all networks within the group. A data center group can contain between one and 16 VDCs that you configure to share an active egress point.
Availability zone
An availability zone represents the compute clusters or compute fault domains that are available to the network. By default, the availability zone is the provider VDC.
Important: Your system administrator must configure the availability zones for group networking with NSX by setting a Compute Provider Scope for the vCenter Server instance and, optionally, for the provider VDCs backed by the vCenter Server instance. By default, the compute provider scope of a provider VDC is copied from the vCenter Server instance which is backing this VDC. A system administrator can differentiate the compute provider scope for the different provider VDCs that are backed by a single vCenter Server instance. For example, you can have a vCenter Server instance with a scope Germany and a provider VDC with a scope Munich.
Your system administrator can also reconfigure the availability zone to be the network provider scope, which typically represents the underlying vCenter Server instance with the associated NSX Manager.
Egress point
An existing NSX edge gateway that you configure to connect a data center group to an external network.
Data center group network
A layer 2 network that is shared across all VDCs in a data center group.