The VLAN-backed network pool example (Figure 22) demonstrates how the VLAN networks are created automatically in vSphere and used in vCloud Director.

 

The prerequisites for this configuration are as follows:

The VLAN-backed network pool settings are shown in Figure 23.

 

Cloud Administrator – Two Organizations (Engineering and QE) provisioned.

During the creation of an organization virtual datacenter, you can choose the network pool (VLAN Pool 1) to associate with this virtual datacenter. Multiple and different virtual datacenters within an organization can share the same network pool, but where appropriate they are assigned separate and isolated networks from the pool.

 

Table 14 illustrates that only the direct connect organization virtual datacenter network does not use a network from the network pool. Organization direct connected networks use a bridged connection from the external network requiring IP configuration on the virtual machines that matches the physical network IP configuration.

After the network pool is created and associated with an organization virtual datacenter the network pools can be consumed. Whenever a routed or isolated organization virtual datacenter or vApp network is created, vCloud Director automatically provisions a port group on dvS01 and assigns it a VLAN from the range that was defined for VLAN Pool 1 (300–400). The only thing that needs to be completed by the Administrator is to define the IP address settings for this network, as shown in Figure 24.

 

The VLAN-backed network pool example (Figure 25) leverages 802.1Q VLAN trunk ports to allow the physical switching infrastructure to pass all VLANs configured (300–400) to the ESXi hosts, while still keeping the individual VLANs separated and in separate broadcast domains. The dvSwitch delivers the appropriate Ethernet frames to the appropriate port group based on a match of the VLAN tag on the frame and the VLAN associated with the port group. The dvSwitch port groups remove the VLAN tag from the Ethernet frame and deliver it to the appropriate virtual machine. This architecture is commonly referred to as Virtual Switch Tagging or VST.

This isolation also persists across the physical switching infrastructure, allowing isolated communication between virtual machines connected to the same vCloud Director network even if they are on different ESXi hosts in the vSphere cluster.