vCloud 5.1 brought us many new features and some are very useful. If you look at the Use Cases for these features, you would absolutely love it.
One of such a feature is Sub Allocate IP Pool. While you create External Network in vCloud, you tend to specify a IP Pool which can be used by Organization Network to get the external world connectivity.
Now let us imagine a situation where you have a /24 network entirely allocated to a external network in pool. Your requirement is to use max of 10 of those IP addresses on your Org Network, and you have a 20 of such Org to set up.
In this situation, you did not have a control over the IP allocation to each Organization. That means out of your 254 IP Address, you did not have a control of allocating those IP addresses to your Org Network earlier right? It would have been first come first serve scenario, which means the first Org will take first 10 IP address and then the second one, so on and so forth.
Would you really like it? I mean think about Operational simplification side, a Ops guy may not know which IP address is allocated to which Org unless it is allocated and does not have any control to segregate it.
Now with the release of new vCloud, we have the segregation power of IP into further segment, which is called Sub Allocate IP Pool. Now when you create a new Gateway in your Cloud for your Org Network, you have the option to choose the Sub Allocation and then specify your own range.
Let me help you to visualize this. Look at the picture below:
Now in this example, I have a flat /24 network (10.0.0.0/24) where I have 254 External IP Addresses. Here, I want to segregate the IP Allocation to each Organization and I have chosen Sub Allocation of IP Pool. In this example I have allocated first 100 IP Addresses to Organization X and then another 100 IP Addresses to Organization Y. This way even when you use 10 IP addresses from Org X it will not overlap to the Org Y IP Pool.
An Org Admin then can use this Sub Pool to easily manage their DNAT and SNAT mapping. An example output is like below. Though this example output does not match the above IP Addressing scheme, but that’s OK I guess now 🙂