4. Networking Examples : 4.8 VLAN ORG Network : 4.8.2 Example
4.8.2 Example
The VLAN-backed network pool example demonstrates how the VLAN networks are created automatically in vSphere and used in vCloud Director. The following figure shows the configuration.
Figure 23. VLAN Network Pool Example Configuration
The following are the prerequisites for this configuration:
*vSphere Administrator – A virtual distributed vSwitch that is connected to all vSphere (ESXi) hosts that are in the cluster for the underlying provider virtual datacenter.
*Network Administrator – All physical switch port uplinks to the distributed vSwitch configured as 802.1Q VLAN trunk ports and configured to allow VLANs 300–400 and VLAN 20 for the external network (vcd-ext-20).
*Cloud Administrator – vCloud Director VLAN-backed network pool created with a VLAN ID Range of 300–400.
*Cloud Administrator – (optional) A vCloud Director external network (vcd-ext-20) if external connectivity is needed.
The VLAN-backed network pool settings are shown in the following figure.
Figure 24. VLAN-Backed Network Pool Settings
Cloud Administrator Two Organizations (Engineering and QE) provisioned.
*Engineering organization – “High Engineering PAYG” organization virtual datacenter
*Network 1 “Eng-Ext-Org-Route” organization virtual datacenter routed network
*Engineering organization – “Default Engineering PAYG” organization virtual datacenter
*Network 2 “Eng-Ext-Org-Direct” organization virtual datacenter direct network
*Network 3 “vAppNet-ubu1104” vApp network
*QE organization – “High QE PAYG” organization virtual datacenter
*Network 4 – “QE-Iso-Org” organization virtual datacenter Isolated network
During the creation of an organization virtual datacenter, you can choose the network pool (VLAN Pool 1) to associate with this virtual datacenter. Multiple and different virtual datacenters within an organization can share the same network pool, but they are assigned separate and isolated networks from the pool.
Table 14. vCloud Director Networks
Network Type
Organization Virtual Datacenter
Network Pool
Organization virtual datacenter routed
High Engineering PAYG
VLAN Pool 1
Organization direct
Default Engineering PAYG
vApp NAT
Default Engineering PAYG
VLAN Pool 1
Organization isolated
VLAN Pool 1
Table 14 shows that only the direct connect organization virtual datacenter network does not use a network from the network pool. Organization direct connected networks use a bridged connection from the external network requiring IP configuration on the virtual machines that matches the physical network IP configuration.
After the network pool is created and associated with an organization virtual datacenter the network pools can be consumed. Whenever a routed or isolated organization virtual datacenter or vApp network is created, vCloud Director automatically provisions a port group on dvS01 and assigns it a VLAN from the range that was defined for VLAN Pool 1 (300–400). The only thing that needs to be completed by the Administrator is to define the IP address settings for this network, as shown in the following figure.
Figure 25. Organization Virtual Datacenter Network IP Address Settings
The VLAN-backed network pool (Figure 26) leverages 802.1Q VLAN trunk ports to allow the physical switching infrastructure to pass all VLANs configured (300–400) to the ESXi hosts, while still keeping the individual VLANs separated and in separate broadcast domains. The dvSwitch delivers the appropriate Ethernet frames to the appropriate port group based on a match of the VLAN tag on the frame and the VLAN associated with the port group. The dvSwitch port groups remove the VLAN tag from the Ethernet frame and deliver it to the appropriate virtual machine. This architecture is commonly referred to as Virtual Switch Tagging or VST.
This isolation also persists across the physical switching infrastructure, allowing isolated communication between virtual machines connected to the same vCloud Director network even if they are on different ESXi hosts in the vSphere cluster.
Figure 26. Network Pool Corresponding to vSphere Port Groups