Advanced Networking Services Guide
Table Of Contents
- vCloud Air Advanced Networking Services Guide
- Contents
- Preface
- Introducing Advanced Networking Services for vCloud Air
- Advanced Routing for vCloud Air
- Certificate and Security Group Management
- Network Security and Isolation
- Load Balancing
- Secure Access Using Virtual Private Networks
- IP Service Management: NAT and DHCP
- Index
Option Description
ICMP Type
When you select ICMP (an error reporting and a diagnostic utility used
between devices to communicate error information) in the Protocol field,
select the ICMP Type from the drop-down menu. ICMP messages are
identified by the “type” field. By default, the ICMP type is set to “any.”
Translated IP/Range
Type the IP address or a range of IP addresses to which destination
addresses on inbound packets will be translated.
These addresses are the IP addresses of the virtual machine (or machines)
for which you are configuring DNAT so that they can receive traffic from
the external network.
Translated Port/Range
(Optional) Select the port or port range that traffic connects to on the
virtual machines on the internal network.
Source NAT (SNAT) (inside -> outside)
Option Description
Original Source IP/Range
Type the original IP address or range of IP addresses to apply to this rule.
These addresses are the IP addresses of the virtual machine (or machines)
for which you are configuring SNAT so that they can send traffic to the
external network.
Translated Source IP/Range
Type the required IP address. Specifies the IP address to which source
addresses (the virtual machines) on outbound packets are translated to
when they send traffic to the external network.
This address is always the public IP address of the gateway for which you
are configuring the SNAT rule.
6 (Optional) Type a description for the rule.
7 Select Enabled to enable the rule.
8 Select Enable logging to log the address translation.
9 Click OK to save the rule.
What to do next
Add a corresponding edge gateway firewall rule for the SNAT or DNAT rule you just configured. See “Add
an Edge Gateway Firewall Rule,” on page 31.
DHCP Service
The edge gateway supports IP address pooling and one-to-one static IP address allocation. Static IP address
binding is based on the managed object ID and interface ID of the requesting client.
The DHCP service for the edge gateway adheres to the following guidelines:
n
Listens on the edge gateway internal interface for DHCP discovery.
n
Uses the IP address of the internal interface on the edge gateway as the default gateway address for all
clients, and the broadcast and subnet mask values of the internal interface for the container network.
You must restart the DHCP service on client virtual machines in the following situations:
n
You changed or deleted a DHCP pool, default gateway, or DNS server.
n
You changed the internal IP address of the edge gateway instance.
Chapter 7 IP Service Management: NAT and DHCP
VMware, Inc. 69