A VMware Cloud Director external network provides an uplink interface that connects networks and virtual machines in the system to a network outside of the system, such as a VPN, a corporate intranet, or the public Internet. Only a system administrator can create an external network.

If you have more than one vCenter Server instance registered to the system, you can create multiple external networks, each backed either by a vSphere network, an NSX segment that is configured either with a VLAN or an overlay transport zone.

VMware Cloud Director supports IPv4 and IPv6 external networks. Dual-stack external networks are not supported.

Note: The range of IP addresses that you define when you create the external network are allocated either to an edge gateway or to the virtual machines that are directly connected to the network. Because of this, the IP addresses must not be used outside of VMware Cloud Director.

External Networks Backed by vSphere Networks

This type of external networks can be backed either by a single vSphere network, or by multiple vSphere networks.

  • External networks backed by a single vSphere instance.

    To provide each consumer of the external network with a non-overlapping set of IP addresses on the vSphere network, the system administrator must configure the IP ranges on the underlying VLAN manually.

  • External networks backed by multiple vSphere networks.

    An external network can be backed by multiple vSphere networks. This approach can simplify the IP address management in VMware Cloud Director. You can modify the properties of an external network to change its network backings.

    External networks backed by multiple vSphere networks have several constraints.

    • A network can have at most one backing vSphere network on each VMware Cloud Director instance registered to the system.
    • All backing network switches must be of the same type, either vSphere Distributed Switch or standard switch.
    • Each network must be on a different switch.

External networks backed by an NSX Segment

An external network can be backed by an imported NSX segment that is configured either with a VLAN or an overlay transport zone. In NSX, segments are virtual layer 2 domains. A segment was earlier called a logical switch.

Provider Gateways

In VMware Cloud Director 10.5, tier-0 gateways are replaced by provider gateways. See Provider Gateways.