To provide controlled access to an external network, you can add a routed organization VDC network. System administrators and organization administrators can configure network address translation (NAT), firewall, and VPN settings to make specific virtual machines accessible from the external network.

You can add a mix of routed and isolated organization VDC networks to meet the needs of your organization. For example, you can add a network that is associated with an edge gateway and connected to the Internet, while having an isolate network that contains sensitive information.

You can add an IPv4 or IPv6 routed organization VDC network.

Prerequisites

This operation requires the rights included in the predefined Organization Administrator role or an equivalent set of rights.

Procedure

  1. On the Virtual Datacenters dashboard screen, click the card of the virtual data center you want to explore, and select Networks from the left panel.
  2. Click New.
  3. Enter the Organization VDC network settings.

    Option

    Action

    Org VDC

    Select an organization virtual data center from the drop-down menu.

    Name

    Enter a meaningful name for your org VDC network.

    Description

    Enter a description for the Org VDC network.

    Share this network with other VDCs in this organization

    Select this option if you want to make the organization VDC network available to other virtual data centers in the organization.

    One potential use case is when an application within an Organization VDC has a reservation or allocation pool set as the allocation model. In this case, it might not have enough room to run more virtual machines. As a solution, you can create a secondary Organization VDC with pay-as-you-go and run more virtual machines on that network on a temporary basis.

    Note:

    The Organization VDCs must be backed by the same Provider VDC.

    Type

    Select Routed network connecting to an existing edge gateway.

    Edge Gateway

    Select an edge gateway with which to associate the organization VDC network.

    If the organization VDC includes more than one edge gateway, you must select one for this network to connect to. To support another routed network, the Edge Gateway must show a value of at least 1 in the Available Networks column.

    Allow Guest VLAN

    (Optional) To enable tagging of guest VLANs on this network, select this option.

    Interface Type

    Select the interface type from the drop-down menu.

    1. Internal

    2. To extend an organization VDC network, select Subinterface.

      vCloud Director identifies the network to use to extend through L2 VPN. vCloud Director, with the help of NSX network virtualization, will create a trunk interface type for this network.

    3. To create the network on a distributed logical router connected to this edge gateway, select Distributed.

  4. Enter the network gateway Classless Inter-Domain Routing (CIDR) settings.

    Use the format network_gateway_IP_address/subnet_prefix_length, for example, 192.167.1.1/24.

  5. (Optional) To configure the network to use the same DNS settings as the edge gateway, select Use Gateway DNS.

    This option is available only if the gateway has the Use default gateway for DNS relay property enabled.

  6. (Optional) Configure the DNS settings.

    Option

    Action

    Primary DNS

    Enter the IP address for your primary DNS server.

    Secondary DNS

    Enter the IP address for your secondary DNS server.

    DNS Suffix

    Enter your DNS suffix. The DNS suffix is the DNS name without including the hostname.

  7. (Optional) To reserve one or more IP addresses for assignment to virtual machines that require static IP addresses, configure the Static IP Pool for this network.
    1. Enter the address or range of addresses, and click Add.
    2. To add multiple static IP addresses or ranges, repeat this step.