VMware vCloud Director 101: Networking

August 17, 2014
Applications, Cloud

Welcome back to US Signal’s vCloud Director 101 series. In the previous section, Part 2 of vApps, we gave an overview of what networks are. In this post, we will cover the three network type found in the VMware vCloud Director for the US Signal Virtual Data Center environment.

Networking in vCloud Director can be painless with proper planning and an understanding of the basic types of networks available for your use. Knowing what makes each type of network different and how they are best used can make all the difference as you deploy Virtual Machines into your US Signal Resource Pool.

There are three network types that you will work within your US Signal VMware vCloud Director managed Resource Pool. Each of these networks offers specific functionality.

Directly Connected Networks

Directly Connected Networks are the most common type of network you will work with and every Resource Pool comes with at least one. As you might imagine, Directly Connected Networks provide access to the main dedicated Internet connection for the Resource Pool. Virtual Machine NICs that are assigned addresses on a Directly Connected Network are available to be NAT’d to external IPs and can connect to the Internet if configured correctly. Virtual Machines that have NICs assigned to a Directly Connected Network will be able to communicate with other Virtual Machines on the Directly Connected Network regardless of which vApp they reside in, so OS level Firewall considerations must be made if traffic segregation is necessary in your environment. Another option for traffic seclusion would be the use of a vApp Network.

vApp Networks

vApp Networks are, by default, segregated networks that provide connectivity within vApps. vApp Networks are defined and configured within the vApps themselves. vApp Networks are confined to the vApp where they are created. Any Virtual Machine that wants access to communicate with other Virtual Machines on a given vApp network must do so by having a NIC assigned to the vApp Network (and therefore by residing in said vApp). It is important to note that vApp Networks can also be connected to Directly Connected or Isolated Networks and NAT and Firewall rules can be defined to control traffic to and from Virtual Machines assigned to the vApp Network.

Isolated Networks

Isolated Networks are similar to Directly Connected Networks in that once they are created they are available to be assigned to Virtual Machine NICs regardless of the vApp in which they reside. Unlike Directly Connected Networks, Isolated Networks are intended to do like their name says: provide an isolated network within the Resource Pool.

Got all that? Great. Let's move on to Catalog Management.

Go back or skip to the section you're looking for: