Create Content

Description

This article describes how to add a VLAN to a Network Domain in an MCP 2.0 Data Center location.

For an overview of Attached vs. Detached VLANs, see Introduction to Cloud Network Domains and VLANs.

Prerequisites:

  1. You must have deployed a Network Domain in order to deploy a VLAN. See: How to Deploy a Network Domain in a MCP 2.0 Data Center Location
  2. You are permitted a maximum of 30 VLANs per Network Domain.
  3. VLAN names for an Organization must be unique within a Data Center. 
    1. You cannot have multiple VLANs with the same name in the same Data Center, even if they are on different Network Domains.
  4. The proposed IPv4 range form the VLAN must not overlap with:
    1. The IPv4 range used by another VLAN on the same Network Domain
    2. A NAT external IP address on the same Network Domain
    3. A Virtual Listener IP address on the same Network Domain
  5. The proposed IPv4 range for the VLAN must not have the following in use by an existing Node or NAT internal IP address on the same Network Domain:
    1. The Network Address (x.x.x.0) at the start of the proposed VLAN range
    2. The Broadcast Address (x.x.x.255) at the end of the VLAN range 
    3. If VLAN will use LOW IP Addressing, the x.x.x.1-x.x.x.5 at the start of the VLAN range (i.e. in the first octet)
    4. If VLAN will use HIGH IP Addressing, the x.x.x.252-x.x.x.254 at the end of the VLAN range (i.e. in the last octet)
    5. See Introduction to IP Addressing in MCP 2.0
  6. If non-RFC 1918 space is used:
    1. The use of a non-RFC 1918 VLAN range if a Public IPv4 within that range is currently being used on a "public" IPv4 block on the same Network Domain is not permitted.
    2. The use of a non-RFC 1918 IPv4 address that is part of the transit subnet for the same Network Domain is not permitted.
    3. The non-RFC 1918 VLAN range cannot overlap with the Network Domain's SNAT Address
    4. The non-RFC 1918 range cannot overlap with restricted space as defined in Introduction to IP Addressing in MCP 2.0
    5. VLAN IP range cannot 'cross boundaries' between RFC 1918 and non-RFC 1918 addresses.
  7. The following specific CIDR blocks/IP prefixes cannot be used:
    1. 10.0.0.0/8
    2. 172.16.0.0/12
    3. 192.168.0.0/16
      Note: This limitation is for these specific blocks only. Smaller blocks (such as 192.168.0.0/24) are permitted
  8. For Attached VLANs:
    1. Size can be from /28 (16 IP addresses) though /16 (64K IP addresses)
    2. If you deploy a Small Size VLAN { /25 (128 IP addresses), /26 (64 IP addresses), /27 (32 IP addresses), /28 (16 IP addresses), be aware:
      1. They can not be expanded once deployed. 
      2. High Gateway addressing is NOT available for small size VLANs
      3. For more information on Small Size VLANs, see Introduction to Cloud Network Domains and VLANs
  9. For Detached VLANs:
    1. Deploying a Detached VLAN can only be done on an Enterprise Network Domain (not allowed with Essentials/Advanced)
    2. Size can be from /30 (4 IP addresses) though /16 (64K IP addresses)
    3. You must provide the IPv4 Gateway Address, which defines the gateway that will be inserted in the Guest OS as the Internet Gateway when deploying a server using Guest OS Customization whose primary NIC is on the Detached VLAN
    4. The IPv4 Gateway Address can be ANY valid IPv4 address (i.e. it does NOT have to be on the VLAN range) except:
      1. The Network Address (x.x.x.0) at the start of the range of the Detached VLAN on the Network Domain
        1. Specifically, the Private IPv4 Network Address provided as the input for this function
      2. The Broadcast Address (x.x.x.255) at the end of the range of Detached VLAN on the Network Domain
        1. Specifically, last IP address in the range defined by the Private IPv4 Network Address and Private IPv4 Prefix Size provided as the input for this function
    5. For more information on Detached VLANs, see Introduction to Cloud Network Domains and VLANs

Solution:

  1. From the Home page, click on the MCP 2.0 Data Center which contains the Network Domain where you want to create a new VLAN:


  2. The Data Center dashboard will be displayed. Click on the Network Domain where you want to create the new VLAN:


  3. The Network Domain dashboard will be displayed. Click on the VLANs and Servers tab to expand the menu:


  4. Click on the Add VLAN button on the right side of the screen:


  5.  The Add New VLAN dialog will be displayed:


  6. Fill out the Add New VLAN form with the requested information:

    • VLAN Name - Enter a name for your VLAN
      • Note: The Name must be unique for the Data Center. You cannot have multiple VLANs with the same name in a Data Center.
    • VLAN Description - Enter an optional description for your VLAN
    • Type - Select the Type
      • Attached - The default VLAN, which is attached to the Network Domain's routing capabilities
      • Detached VLANs are not connected to the Network Domains routing capabilities and exist as a 'standalone' VLAN (this means it cannot communicate with other VLANs, the public internet or CPNC).
    • Private IPv4 Address Range - Choose the RFC 1918 IPv4 range from the provided list of options or select Non-RFC 1918 Address and enter the desired IPv4 address. For more information on IPv4 addresses, see: Introduction to IP Addressing in MCP 2.0 
      • Note: Hover your mouse over the info icon  next to Non-RFC1918 Address to see a popup with the list of "protected" IP ranges that cannot be used. Note this list does not include the prohibited transit VLAN IP range.
    • Network Address -  Enter the desired network address
    • Subnet Mask - Select the subnet mask
      • Note: Changing the Subnet Mask will expand the number of IPs available on a VLAN. 
        Select a different subnet mask from the drop-down menu to display the allotted amount of IPs (Hosts) in the blue "info" section.
      • Note: Once a Subnet Mask has been expanded, it cannot be decreased.
      • Note: Small size VLANs cannot be expanded.
    • For Attached VLANs:
      • IPv4 Gateway Addressing - Choose whether you want Low or High IPv4 Gateway Addressing. Hover your mouse over the info icon  to see a pop-up that explains the difference. The quick summary is that unless you have a need to use x.x.x.1 through x.x.x.5 at the start of the VLAN range for NIC IP addresses, you should choose the default setting of "Low". If you do choose a High VLAN, it will be distinguished by the High VLAN icon  displayed after the Subnet Mask.
        • Note: If you select High IPv4 Gateway Addressing, the VLAN size cannot be expanded once it is deployed!
        • Note: High Gateway Addressing is NOT available for small size VLANs { /25 (128 IP addresses), /26 (64 IP addresses), /27 (32 IP addresses), /28 (16 IP addresses)}
      • For Detached VLANs:
        • IPv4 Gateway Address - This address will be inserted in the Guest OS as the Internet Gateway when deploying a server using Guest OS Customization whose primary NIC is on the Detached VLAN. Note the IPv6 gateway address cannot be specified here as the system has not yet assigned the IPv6 range.
        • You can update both IPv4 and IPv6 Gateway Addresses for a Detached VLAN as described in How to View, Edit, Detach, Attach or Delete a VLAN on a Cloud Network Domain
  7. Click Deploy. The system will display a confirmation message:


  8. The system will display the deployment progress:

    Note: This step will take several moments to complete.
    Note: The Manage gear will not be accessible until the deployment has completed.


  9. Once the deployment has finished, the system will display a success message:


  10. The Deploy VLAN progress bar will disappear, but the VLAN will remain in the VLAN pool and the Manage gear will be accessible:

    Note: In rare cases, it is possible for an add VLAN attempt to fail. Either REASON_10 or REASON_20 indicate a non-recoverable failure occurred when attempting to create the VLAN. If this situation occurs, you must open a support case to address the issue. Until the issue is addressed, any additional attempts to add or delete Cloud Networks (MCP 1.0) or Cloud Network Domains (MCP 2.0) or VLANs (MCP 2.0) in the same Geographic Region will fail and you will receive the message that another network operation is in progress. You can generate an Administrator Log report to view the error code. See: How to View an Administrator Logs Report