5. vCloud Resource Design : 5.5 vCloud Networking : 5.5.2 Network Pools
   
5.5.2 Network Pools
Network pools contain network definitions used to instantiate private or routed organization and vApp networks. Networks created from network pools must be isolated at Layer 2.
*The following types of network pools are available:
*vSphere port group-backed network pools are backed by pre-provisioned port groups, distributed port groups, or third-party distributed switch port groups.
*Virtual Extensible LAN (VXLAN) network pools use a Layer 2 over Layer 3 MAC in UDP encapsulation to provide scalable, standards based traffic isolation across Layer 3 boundaries. (requires distributed switch)
*VLAN-backed network pools are backed by a range of pre-provisioned VLAN IDs. This assumes all VLANs specified are trunked into the vCloud environment (requires distributed switch).
*vCloud Director Network Isolation-backed (VCD-NI) network pools are backed by vCloud isolated networks. A vCloud isolated network is an overlay network uniquely identified by a fence ID implemented through encapsulation techniques that span hosts and provides traffic isolation from other networks (requires distributed switch).
Table 12 compares the options for a network pool.
Table 12. Network Pool Options
Consideration
vSphere Port Group Backed
VXLAN Backed
VLAN-Backed
vCloud Network Isolation-Backed
How it works
Isolated port groups must be created and exist on all hosts in cluster.
*Multicast address is mapped to a VXLAN segment ID for isolation.
*Virtual machine to virtual machine traffic is tunneled over a Layer 3 network by a VTEP (ESXi hosts).
*Node learning done via multicast, not broadcast.
*Uses range of available, VLANs dedicated for vCloud.
*Network isolation relies on inherent VLAN isolation.
Creates an overlay network (with fence ID) within a shared transport network.
Advantages
N/A
*Does not rely on VLAN IDs for isolation.
*Works over any Layer 3 multicast-enabled network.
*No “distance” restrictions, managed by multicast radius.
*Best network performance.
*vCloud Director creates port groups as needed.
*Scalable to create thousands of networks per transport network.
*More secure than VLAN backed option due to VCD enforcement.
*vCloud Director creates port groups as needed.
Disadvantages
*Requires manual creation and management of port groups.
*Possible to use a port group that is in fact not isolated.
End-to-end multicast required
*VLANs are a limited commodity (4096 max).
*Requires used VLANs to be configured on all associated physical switches.
*Scoped to a single virtual datacenter and vCenter Server
Overhead required to perform encapsulation.