VMware Cloud Director supports data center group networking backed by NSX.
To create a network across multiple organization VDCs, you first group the VDCs and then create a group network that is shared with them.
Data center group networks backed by NSX provide level-2 network sharing, single active egress point configuration, and distributed firewall (DFW) rules that are applied across a data center group.
- Data center group
- A data center group acts as a cross-VDC router that provides centralized networking administration, egress point configuration, and east-west traffic between all networks within the group. A data center group can contain between one and 16 VDCs that you configure to share an active egress point.
- Availability zone
-
An availability zone represents the compute clusters or compute fault domains that are available to the network. By default, the availability zone is the provider VDC.
Important: Your system administrator must configure the availability zones for group networking with NSX by setting a Compute Provider Scope for the vCenter instance and, optionally, for the provider VDCs backed by the vCenter instance. By default, the compute provider scope of a provider VDC is copied from the vCenter instance which is backing this VDC. A system administrator can differentiate the compute provider scope for the different provider VDCs that are backed by a single vCenter instance. For example, you can have a vCenter instance with a scope Germany and a provider VDC with a scope Munich.Your system administrator can also reconfigure the availability zone to be the network provider scope, which typically represents the underlying vCenter instance with the associated NSX Manager.
- Egress point
- An existing NSX edge gateway that you configure to connect a data center group to an external network.
- Data center group network
- A layer 2 network that is shared across all VDCs in a data center group.
NSX Federation in VMware Cloud Director
Starting with version 10.5, VMware Cloud Director supports NSX federation. As an organization administrator, you can leverage the NSX federation functionality to configure and enforce firewall rules consistently, and manage networking and security across data centers through a single pane of glass view.