1. Manage networks
1.1. Limit Public IP bandwidths for a VDC
This document describes how to set a bandwidth limit in a virtual datacenter for each public IP using quality of service (QoS) traffic shaping parameters.
You can also limit the bandwidth of NAT IPs. See Limit bandwidth of NAT IPs with QoS
This feature applies to public IPs in infrastructure and managed by NSX in vCenter and vCenter clusters.
Privilege: Manage bandwidth limit for public IPs
During an upgrade or when you create a virtual datacenter, the public IP bandwidth limit is disabled.
To use QoS, edit the limit to set a value. The platform will apply the value when you deploy or reconfigure a VM to use a public IP.
To edit the bandwidth limit:
Select the virtual datacenter
Go to Network → QoS
Click the pencil edit button
To activate the bandwidth limit in a specific direction, select the Enabled checkbox for that direction
For the Average, enter the amount of bandwidth, in bits per second, that each public IP in the virtual datacenter can use
For the Peak, enter the maximum bandwidth in bits per second that each public IP in the virtual datacenter can use
For the Burst size, enter the amount of data that can be transmitted at the peak bandwidth rate in bytes. A burst bonus accumulates when traffic is below the Average value and this bandwidth can be used for bursts
To register changes that were made outside the platform, save existing public IP bandwidth values.
In the API, to register changes, send a POST request with the existing values.
This feature sets the limits when you deploy or reconfigure a VM to use a public IP.
If you deploy a VM and the platform cannot configure the limit, then the deploy will fail and roll back. If you reconfigure a VM and try to add a public IP, and the limit fails, then the platform will roll back the reconfigure and delete the public IP address.
If you are working with multiple VMs and there are different switches involved, then the platform will make a best effort to update all of the VMs, and log any errors.
1.2. Reserve private IPs
2. Manage NAT
3. Manage firewalls
3.1. Introduction to firewalls
3.2. Display firewall policies
3.3. Synchronize firewall policies
3.4. Create a firewall policy
3.5. Create a firewall policy in GCP
In GCP, the platform can create firewall rules in virtual datacenters or in global networks, to later attach to VMs.
Privileges: Manage firewall, Manage global networks
To create a new firewall, do these steps:
Go to Virtual datacenters → Network → Firewalls OR
Go to myCloud → Global → select the GCP provider → Network → FirewallsClick the Add button
Enter the firewall details and select the direction
For the Name, see the Google cloud entity naming conventions. See Google Cloud Platform integration
For the Direction, select
INGRESSfor incoming traffic orEGRESSfor outgoing trafficFor Sources or Targets, enter a list of comma separated values in CIDR format
For Priority, the default is 1000 and lower numbers have higher priority
Go to Inbound or Outbound and add firewall rules
Optionally, select from predefined Common protocols OR
Enter Protocols and enter a list of Ports, separated by commas, and/or a port range, separated with a dash (e.g. 80,8000-8009)
After you finish adding rules, click Save
The platform will create your firewall in the provider.