The default setup for gateways and networks varies in vCloud Air depending on which service you purchased—Dedicated Cloud service or Virtual Private Cloud service.

See Types of vCloud Air in vCloud Air User's Guide for information about the service options.

With both services, you configure networks for each virtual data center. Virtual data centers use the VMware vCloud Networking and Securityy Edge Gateway (referred to as “the gateway” in this guide) to provide external network connectivity. The following components comprise the default setup for networks and gateways in vCloud Air.

VMware manages the external network for connectivity to the Intranet. In vCloud Air, customers create and manage networks (utilizing the embedded VXLAN technology).

When you subscribe to a Virtual Private Cloud service, VMware creates your virtual data center for you and adds a gateway to that virtual data center. When you subscribe to a Dedicated Cloud service, you log into the vCloud Air console and create your first virtual data center. When you allocate a public IP address to your virtual data center, vCloud Air creates a gateway in that virtual data center.

By default, a gateway has the following properties:

Compact configuration

High availability enabled

Multi-interface mode enabled

An internal network with an internal IP address and subnet

When you subscribe to the Dedicated Cloud service, you can deploy additional gateways in a virtual data center. When you subscribe to the Virtual Private Cloud service, your virtual data center can have only one gateway.

A gateway supports 10 interfaces, but one interface is reserved for access to the external network. You configure networking for a gateway by using the remaining nine interfaces. If a virtual data center requires additional interfaces for its networking configuration, add additional gateways (only possible for the Dedicated Cloud service).

When you subscribe to the Dedicated Cloud service, you are allocated three public IP addresses to configure access to the Internet. When you subscribe to the Virtual Private Cloud service, you are allocated two public IP addresses. You can purchase additional public IP addresses at any time through your Subscription Services in My VMware.

When VMware creates the virtual data center for your Virtual Private Cloud service or you allocate a public IP address to a virtual data center that you create for your Dedicated Cloud service, the virtual data center has the following networks by default:

DATACENTER_NAME-DEFAULT-ROUTED: a gateway network because it is connected to a gateway and virtual machines on this network can connect to the Internet.

DATACENTER_NAME-DEFAULT-ISOLATED: an internal network that is not connect to a gateway; virtual machines on this network are not reachable through the Internet.

A private IP address pool is assigned to each network.

Default Networks in vCloud Air
Default Networks in vCloud Air

By default, vCloud Air creates a gateway network when you assign a public IP address to a virtual data center or gateway and configures it with the following properties:

Named DATACENTER_NAME-DEFAULT-ROUTED

Connects to the gateway through the public IP address

Created on the 192.168.109.0 subnet

Has the default gateway IP address 192.168.109.1

Has the following networking services enabled or disabled by default:

Firewall: enabled; deny all traffic

DHCP: disabled

NAT: disabled

Static routing: disabled

VPN: disabled

Load balancing: disabled

Important

When you initially add a gateway and gateway network in vCloud Air, you will not be able to connect to any virtual machines added to that network and those virtual machines will not be able to connect to the Internet. By default, gateways are deployed with firewall rules configured to deny all network traffic to and from the virtual machines on the gateway networks. Also, NAT is disabled by default so that gateways are unable to translate the IP addresses of the incoming and outgoing traffic. You must configure firewall and NAT rules on a gateway for the virtual machines on its gateway network to be accessible.

See Add a Firewall Rule and Add a NAT Rule in this guide for information.

An internal network is not connected to a gateway. An internal network has an internal IP address and subnet. Virtual machines attached to an internal network can communicate only with each other.

DHCP is the only service that can be enabled on an internal network. You use DHCP to get IP addresses for your virtual machines. By default, internal networks are created with the following DHCP settings:

Enabled for the internal network

A private IP address range of 192.168.0.101 through 192.168.0.254

A default lease of 1 hour (3600 seconds)

A maximum lease of 2 hour (7200 seconds)

Most often, you will connect your virtual machines to a gateway network; however, you might need to connect virtual machines to an isolated network as shown in the following examples:

To isolate your log servers or database server from direct Internet traffic

To run internal only applications or virtual machines such as applications under development

The following table summarizes the default configuration for gateways and networks in vCloud Air.

Summary of Default Settings for Gateways and Networks in vCloud Air

Feature

Default Settings

DEDICATED CLOUD

VIRTUAL PRIVATE CLOUD

Networking Resources

Logically separated

Logically separated

Gateways

Multiple; created by customer

1; created by VMware

Available Gateway Interfaces

9 per gateway; multiple gateways supported

9 (only 1 gateway supported)

Bandwidth

50 Mbps allocated

1 Gbps burstable

10 Mbps allocated

50 Mbps burstable

Public IP Addresses

3 (can purchase more)

2 (can purchase more)

Available Networks on First Log in

None; created by customer (creating your first gateway adds the default networks)

2 (created by VMware):

Default Isolated (type internal)

Default Routed (type gateway)

GATEWAY NETWORK

INTERNAL NETWORK

Available Networking Services

Firewall: enabled; deny all traffic

DHCP: disabled

NAT: disabled

Static routing: disabled

VPN: disabled

Load balancing: disabled

DHCP: enabled

Internet Access

Yes—through the connection to gateway public IP address

No

IP Address for the Default Gateway

192.168.109.1

192.168.99.1

Subnet

192.168.109.0/24

192.168.99.0/24