Manage external networks

Owned by MS (Unlicensed)
Last updated: Jun 07, 2023
8 min read

Introduction to external networks

External networks belong to a single enterprise and in private cloud they belong at the datacenter infrastructure level. An external network can use any type of network addresses and it requires a network tag.

The IP addresses that you use in external networks may be private or public addresses. So you may use these networks to communicate between VDCs of the same tenant or with networks outside of the platform. You can also define the same network in more than one datacenter in the platform.

An example networking scenario using external networks
An example networking scenario using external networks

In private cloud, when using standard networking (without an SDN integration), you can create external networks in vCenter:

In vCloud Director, you can onboard, create, synchronize, and delete external networks at the the Virtual datacenter level. In vCloud external networks may represent different networks, such as Org vDC networks routed through the Edge.

 

Display external networks

To display external networks in private cloud:

  1. Go to Infrastructure → Private

  2. Select a datacenter and go to Network → External

    External networks in infrastructure view
    Display external networks in infrastructure

To display external networks in vCloud Director

  1. Go to myCloud Virtual datacenters → Network → External. Networks that have been deleted in the provider display in gray text.

For the Networks list:

  • To scroll through the networks, use the page number and arrow buttons at the bottom of the list.

  • To search and filter, in the Search box enter text and wildcards in network names.

On the IP addresses page:

  • To sort by a column, click on the column header.

  • To filter results by any field, enter text in the search box.

  • To navigate through the pages, use the page scroll.

 

Create an external network

External networks belong to a single enterprise and may have public or private IP address ranges used in more than one virtual datacenter.

For vCloud Director, you can manage external networks in the Virtual datacenters view. See VMware vCloud Director integration

 

Before you begin:

  1. To use a network manager or to create the network in vCenter directly, create a device in Abiquo.
    See Manage devices

  2. Define each external network in the network infrastructure (e.g. VLAN in the switch, or network in a network manager), and obtain the network details, such as:

    1. Network address

    2. Gateway

    3. Network tag (e.g. VLAN or VXLAN tag)

 

To create an external network:

  1. Go to Infrastructure → Private

  2. Select a Datacenter and in Servers view, go to Network → External

Click the + add button  and enter the details

 

Field

Value

Field

Value

Name

A name with up to 128 characters

IPv6

IPv6 network. When you create an IPv6 network, the platform does not create any IP addresses.

Strict

For IPv6 networks only, to automatically generate EUI64 IP addresses.

Net. Address

The network address

Netmask (CIDR)

The network mask in CIDR format. For IPv4, from 16 to 30 inclusive, and for IPv6, either 64, 56, or 48

Gateway

The gateway of the network must be within the network range (address and netmask). When you create an IPv4 network, the platform will create an IP address for the gateway.

Tag

The tag of the network in the infrastructure, e.g. VLAN tag

Check

Check tag availability for all racks of the datacenter. You should define each network with the same tag on all racks. Green = available, Yellow = in use, Red = unavailable

View used tags

Display tags in use in external networks

Network service type

The Network Service Type represents a network interface on the hypervisors or a DvSwitch, see Networking guide

Unmanaged

Select to manage IP addresses outside of the platform. E.g. own DHCP server

Enterprise

The owner enterprise that will use this external network

Device

To create external networks on first VM deploy, do not select a device.

To create external networks in vCenter, select the port-group device.

For NSX, select the NSX device.

  • VMs in the external network must allow traffic to the appropriate ports for the virtualization system's connection, e.g. for DHCP

Network interface

For a port-group device, select the virtual distributed switch

Primary DNS

Address of the Primary DNS server

Secondary DNS

Address of the Secondary DNS server

DNS suffix

The default DNS suffix

Restricted

Select so that users require the privileges to Attach NICs in restricted networks and/or Detach NICs from restricted networks

Excluded from firewall

Select to define a network where VM firewall policies will not apply

Static Routes

Select Define to add or delete static routes

 

 

Create static routes 

To add a static route when you create or edit an IPv4 network:

  1. Select the Define checkbox. 

  2. Enter the details of the static route. 
    For example, to add a static route to the network/netmask 1.1.1.0/24 via the gateway/next hop 10.10.100.1

    1. Enter the destination Netmask, e.g. 255.255.255.0 (the above screenshot may differ)

    2. Enter the destination Network ID, e.g. 1.1.1.0

    3. Enter the Gateway IP, which is the next hop on your network, e.g. 10.10.100.1 

  3. Click Save and the platform will add the static routes to the VM network configuration. 

 

Add IP addresses

To add IP addresses to your network:

  1. Go to Infrastructure → Private 

  2. Select Datacenter and go to servers view → Network → External or Public

  3. Click the +add button

  4. Complete the dialog

Enter the Number of IPs to create and the From IP address (the first in the range). The From IP address must be a new address that does not already exist in the network. After creating the first IP address, the platform will try to create the other IPs and it will skip any existing IP addresses. 

For example, if you have IP addresses in network 30.30.30.30, which are 30, 33, and 34 and then you request 3 new IPs from 30.30.30.31. The new IPs created should be as follows: 31, 32, 35. 

30.30.30.30

30.30.30.31

30.30.30.32

30.30.30.33

30.30.30.34

30.30.30.35

When you add IPv6 addresses on strict networks, you don't need to set the starting address. On non-strict IPv6 networks, Abiquo recommends that you create an automatic IP address, or you can enter a From IP address manually.

 

Make IP addresses available

After you create public, external, or NAT IP addresses, they will be available to users for their virtual datacenters.  

We recommend that you should make unavailable any IP addresses that will be used for administration purposes, for example, the IPv4 gateway network address.

To edit the available IP addresses:

  1. Go InfrastructurePrivate

  2. Select the datacenter and go to servers view

  3. Go to Network and select the network type

  4. Click Available IPs

  5. The Edit network dialog for Available IPs will open and by default, all IPs are in the Available column

  • To move an IP, select it and click a single arrow button

  • To move all IPs in the direction of the arrows, use the double arrow buttons

 

Make an external network the default

You can make an external network the default for:

Modify an external network

To modify an external network:

  1. On the External page, select the network in the Networks list

  2. Click the pencil edit button

You can modify the following fields if there are no VMs deployed in the network.

Field

Description

Field

Description

Name

The name of the external or unmanaged network

Gateway

IPv4 only. The gateway of the network must be an IP address inside the range defined by the network address and the network mask

Tag

The VLAN or VXLAN tag to use for this network

Network service type

The network service type is label for a group of network interfaces on the hypervisors that this network will use. See About network service types

Enterprise

The enterprise that will use this network

Device

The device pointing to the network virtualization system for the SDN integration

Restricted

Select to restrict this network so that only users with the privileges to manage NICs in restricted networks can use these addresses on VMs

 

You can modify these fields at any time but the changes will only apply to VMs deployed after the changes are made.

Field

Description

Field

Description

Primary DNS

The address of the primary DNS server for your network

Secondary DNS

The address of the secondary DNS server for your network

DNS suffix

The DNS suffix for your network

 

Delete an external network

Before you begin, check that there are no VMs using IP addresses from this network. You cannot delete an external network if any of its IP addresses are in use on VMs.

To delete an external network:

  1. Select it in the Networks list on the External page

  2. Click the trash bin delete button.

If an onboarded network has been deleted in the provider, its name will display in light gray text. If a VM is using an IP from this network, then you cannot deploy the VM.

If there are no VMs using the IPs of an external network that was already deleted in the provider, to delete the network in the platform, select it and click the delete button.

 

How to put an IP on a deny list

In private cloud, to prevent tenants from obtaining and/or using an IP address, you can quarantine it, which is similar to putting it on a deny list.

To change quarantine status:

  1. Select one or more IP addresses

  2. Click the quarantine (!) symbol and confirm

Selected IPs that were not in quarantine will be put into quarantine. Selected IPs that were already in quarantine will be removed from quarantine. 

Pages related to networking

Copyright © 2006-2024, Abiquo Holdings SL. All rights reserved