Network traffic types within Cloud Foundation are isolated from each other through the use of VLANs. Before deploying your SDDC, you must allocate VLAN IDs and IP subnets for each required traffic type.

You must configure the VLAN IDs and IP subnets in your network in order to pass traffic through your network devices. Verify the allocated network information is configured and does not conflict with pre-existing services before starting your Cloud Foundation deployment.

The number and size of the subnets required for a deployment will depend on the number of workload domains created, the number of clusters defined, and the optional components installed.

The following table demonstrates the basic allocation of VLANs and IP subnets for a sample deployment. Utilize this sample to define the actual VLANs and IP subnets according to your environment.

Table 1. Sample VLAN and IP Subnet Configuration
Workload Domain Cluster VLAN Function VLAN ID Subnet Gateway
Management cluster-01 Management 1611
vSphere vMotion 1612 
vSAN 1613
vRealize Suite (Cloud Foundation without AVNs) 1616
Uplink 1 2711
Uplink 2 2712
VI Workload #1 (NSX for vSphere) cluster-01 Management (ESXi) 1711
vSphere vMotion 1712
vSAN 1713
Uplink 1 1716
Uplink 2 1717
cluster-02 Management (ESXi) 1811
vSphere vMotion 1812
vSAN 1813
Uplink 1 1816
Uplink 2 1817
VI Workload #2 (NSX-T with shared NSX-T Edge cluster) cluster-01 Management (ESXi) 1911
vSphere vMotion 1912
vSAN 1913
Hosts TEP 1914
NSX-T Edge TEP 1915
NSX-T Edge Uplink 1 1916
NSX-T Edge Uplink 2 1917

For Cloud Foundation environments that deploy vRealize Suite products to a dedicated VLAN-backed vSphere Distributed Port Group. The IP subnet must be routable to the Cloud Foundation management network and the firewall, if any, between the networks should be disabled or configured per the Cloud Foundation documentation. ICMP traffic between the management network and vRealize network should be permitted.

For Cloud Foundation environments that deploy vRealize Suite products to application virtual networks, see Names and IP Subnets of Application Virtual Networks.

The first NSX-T VI workload domain needs additional VLANs for the NSX-T Edge cluster, which is shared among the other NSX-T VI workload domains. Subsequent NSX-T workload domains will not need these VLANs.