Solved: Re: Connecting physical servers into vCD Networkin...

LooseMoose · ‎11-15-2017

Hello, we run physical RDSH/Citrix servers for some of our clients. In the vCNS word, these connect to the client VLAN tagged on the physical switch ports, which allows them to communicate through to the dvPortGroups in VMware tagged with the same VLAN.

In vCD this is different however. We are using VXLAN's for the Virtual Machines. I know I can pass the VXLAN down through the switches but that's additional licensing I'd rather avoid. My thought instead was retaining a VLAN for physical boxes that connects as an interface to the NSX edge managed by vCD. This will allow traffic to be routed/firewalled through the two networks as needed.

The problem I'm facing is how to get this network into vCD. I played around with External Networks but that's not designed for that. My other option is to attach the VLAN as an interface directly in the NSX management console of vSphere web client however our VMware rep can't tell me what will happen if the edge is redeployed through vCD. There's a chance that it won't know about the interface and will not redeploy with that interface attached.

Unfortunately I'm unable to test this as theres an open ticket for edges not redeploying in vCD 9.

Has anyone done this, or is there a different way to achieve this?

jonathanw · ‎11-19-2017

If all you are trying to do is link physical servers on switch ports to VMs running inside vCD then you don't need to deploy Edge's (or have any routing at all).

You can make VLAN-backed vCenter portgroups available to tenants in vCD via External Networks provisioned in 'Direct' mode to Org VDC networks and everything happily co-exists in the same Layer-2 network.

If you need a different vCD network (e.g. a different Layer 3 network) then you can of course use an Edge gateway to route between networks, you can also deploy an Edge as a bridge linking a VXLAN and VLAN as a single Layer-2 network, but I don't think you need to go this far from what you've described.

View solution in original post

jonathanw · ‎11-19-2017

What's the issue with using External Networks in vCD? - this is exactly what it is designed to do.

Define a VLAN-backed PG in vCenter which spans to the physical switch ports you need for your physical hosts, then provision VMs into the same network in vCD by creating adding the external network to a VDC and creating an Org VDC network backed by the same PG.

The only annoyance in this is the requirement to defined IP settings (at least a single IP address, mask and gateway) when defining the external network in vCD - but these can be dummy values (or you can simply allocate a single unused real address to the pool.

We do this quite commonly when customers have physical equipment in our Datacenters shared with vCloud Director hosted VMs - unless I've misunderstood what you are trying to achieve?

LooseMoose · ‎11-19-2017

Thanks John, I had spoken with our VMware engineers and they suggested this wouldn't work.

When adding the 'External Network' into the Organisation vDC do you add it as a routed network connecting to an existing edge?

So you build the VM's on this external network instead of a VXLAN? Can you not, using this method simply route/firewall between the VXLAN and the VLAN network?

jonathanw · ‎11-19-2017

If all you are trying to do is link physical servers on switch ports to VMs running inside vCD then you don't need to deploy Edge's (or have any routing at all).

You can make VLAN-backed vCenter portgroups available to tenants in vCD via External Networks provisioned in 'Direct' mode to Org VDC networks and everything happily co-exists in the same Layer-2 network.

If you need a different vCD network (e.g. a different Layer 3 network) then you can of course use an Edge gateway to route between networks, you can also deploy an Edge as a bridge linking a VXLAN and VLAN as a single Layer-2 network, but I don't think you need to go this far from what you've described.

All

Connecting physical servers into vCD Networking