Connect the SDDC and external sites via a Direct Connect.

Enables high-speed connections between external sites and the SDDC.

Utilizes private links.

Direct Connect may cost more compared to VPN connections.

Create a Transit VPC.

Allows for VPC to VPC communication.

The Transit VPC is an additional resource to deploy.

Static routes must be configured in the Transit VPC.

Dedicate a /16 CIDR block to each SDDC.

A /16 is required for deploying the maximum number of ESXi hosts.

The CIDR block can not be changed post-deployment.

Requires careful subnet planning.

Each SDDC requires unique CIDR blocks.

Use Traffic Groups to increase the available north/south bandwidth available in the SDDC.

Traffic Groups are the only way to deploy more edges into the SDDC and increase the available north/south bandwidth.

Traffic Groups require at least four ESXi hosts in the first vSphere Cluster.

Deploy a Virtual Router when workloads require route peering.

Allows workloads that require route peering to be deployed.

The Virtual Router is deployed and managed as a user workload.

SNAT must be configured on the Virtual Router to allow external connectivity outside this routing context unless the Virtual Router is also creating a Global Routing Fabric.

Deploy a Virtual Router per SDDC and Customer VPC when a Global Network Fabric is required.

Allows for the administration of one logical routing fabric.

The Virtual Router is deployed and managed as a user workload.

Routed traffic will be encapsulated twice, once in the GRE Tunnel and then again in the Geneve Overlay.