I was asked by a customer how to use a VXLAN network as an external network in vCloud Director. I thought there was already written blog article about it bud did not find any. So writing the answer here will benefit hopefully others as well.
Why?
First questions would be why would you do it? Aren’t vCloud Director external networks supposed to be the way to connect internal vCloud networks (usually VXLAN based) to the external world via VLAN based networks through a Edge Gateway device? Yes, but there are a few use cases for use of VXLAN network as an external network.
- Usage of different virtual edge router other than vShield Edge that supports needed features (IPv6, dynamic routing protocols). In picture below you see virtual Fortigate router in place of vShield Edge. The router is deployed manually and its internal interface is connected to a VXLAN network (again created manually) which acts as external network that is directly connected to OrgVDC network. This helps saving VLANs which are usually scarce resource in service provider environment.
- Service network spanning multiple pods crossing L3 boundaries. Each pod (cluster) has its own L2 networking so VLAN cannot span all clusters. However VXLAN can. So service network (for example syslog or monitoring network) can be used by any VM in any rack. See this article how to secure such network in multitenant environment.
How?
Although you can easily manually create a VXLAN network directly in vShield Manager (or in vSphere Web Client if you use NSX) you will not see the VXLAN portgroup in vCloud Director GUI.
The fix is simple. vCloud Director is filtering out all portgroups that start with ‘vxw’ string. Rename the portgroup in vCenter Server (remove the string) and you will be able to select the portgroup as an External Network.
Tom Fojta's Blog 
Good post Tom…I’ve asked the vCloud Product team if this was going to change in SP releases…not currently in 5.6.3 but will be available in the next release early next year.
PS. Not sure why, but you have blocked me on Twitter…can’t even follow you…
Still an issue here i’ve just picked up.
vCD wont let you create multiple External Networks with the same VLAN ID…which is what all these VirtualWire PortGroups carry.
So, because the VXLAN Transport VLAN is the same the vCD GUI is not letting me create this External Network.
The idea would be to create lots of these External Networks with this VLAN ID that vORG Networks can hook back into…
Is there a way around this? Can we have the same VLAN used multiple times without vCD having a whinge?
Yes, you need to allow external overlapping networks in General System Settings.
I’ve just seen that option…however I get an error trying to enable it
Cannot turn off elasticity for Allocation Pool OrgVdcs. All the Allocation Pool OrgVdcs cannot be accomodated on the primary cluster of their PVDCs.
Doesn’t seem related but I can’t check the Overlapping options without that popping up.
The vCloud Product guys mentioned a DB flag that can be set as well…i’ll chase up and respond.
This is strange. Maybe a bug? Which VCD version is it?
Looks like it was a bug in the 5.5.2 GA + releases…got a case going to rectify.