5.3. Server Segment¶
Server segment is a service that extends Server Segments. We provide L2 segments (called “Server Segment” below) to interconnect the multiple services that make up Enterprise Cloud.
You can connect the Virtual Machines, vLoad Balancers and Service Interconnect Gateways over the Server Segment and also construct systems with complex network structures.
Note
- The standard is for one Server Segment to be provided
5.3.1. Available Features¶
The following features are available for Server Segment.
| Feature | Overview |
| Server Segments are provided | A feature that uses L2 segments to interconnect the multiple services which make up Enterprise Cloud. |
5.3.2. Server Segments Are Provided¶
The standard is for one Server Segments to be provided. You can specify Server Segments within the ranges listed below for each Data Center.
| Server Segment | Lower Limit | Upper Limit | Setting Unit |
| When using vFirewall | 1 | 24 | 1 |
| When using Integrated Network Appliances | 1 | 24* | 1 |
* Maximum Server Segments which can connect to INA are up to 7.
The following features can be connected using Server Segment.
- Virtual machines provided by Compute Resource
- Virtual machines provided by Compute Resource (Dedicated Device)
- vFirewall that is provided by vFirewall
- vLoad Balancer that is provided by vLoad Balancer
- Service Interconnect Gateway that is provided by Service Interconnectivity
- Colocation Interconnectivity
- Gateway provided by On-Premises Interconnectivity
When you ask for Server Segment, you must specify the following settings.
| Item | Overview |
| Network Appliance | Specify whether or not to connect to vFirewall or Integrated Network Appliance. |
| IP address block for Server Segment | For each Server Segment, you can allocate one IP address block for Server Segment and a prefix length of IP address blocks (any of /29 to /24). |
Important
- You cannot change whether or not to connect to vFirewall or Integrated Network Appliance and the IP address block for Server Segment after the Server Segment has been created.
- If you do not connect the Server Segment to vFirewall, NTT Communications cannot perform Ping monitoring on any device connected to that Server Segment.
The IP address blocks used for Server Segment are divided into the following categories. Please check the explanation of the features of each service for the connection interfaces.
| Category | Overview |
| Available IP address | IP addresses that can be allocated to interfaces that connect to a Server Segment |
| Allocated IP address | IP addresses that have been allocated to interfaces that connect to a Server Segment |
| Reserved IP address | IP addresses that cannot be allocated to interfaces that connect to a Server Segment
* These are excluded from the candidates for allocation when IP addresses are allocated automatically by the system or they are allocated at your discretion. Reserved IP addresses are set by the Customer Portal.
|
You can specify the following Parameters when creating Server Segment. This setting is referenced when the Virtual Machine is created (and when vNIC is reconstructed), and each IP address that is set for the Server Segment that is the connection destination for Primary vNIC is given the initial settings by the Guest OS of the Virtual Machine.
- DNS Server (Primary DNS and Secondary DNS) IP addresses
- Default gateway IP addresses
- DNS suffix
- The parameter setting for each address differs depending on whether customer uses vFirewall or Integrated Network Appliance.
* The IP address that is set for Server Segments that do not connect to the Integrated Network Appliance is “the “broadcast address” of the IP address block for the Server Segment - 1.” For example, if the IP address block is “192.168.0.0/24,” the IP address that is “the “broadcast address” of the IP address block for the Server Segment - 1” will be “192.168.0.254.”
Important
- You can only specify the DNS and default gateway IP address at the time Server Segment is created.
- If IP addresses have not been specified, they will be allocated automatically as shown below.
- DNS Server(Primary DNS、Secondary DNS)IP addresses specified by NTT Communications
- Default GatewayWhen connected to vFirewall or Integrated Network Appliance:Active IP Address of each Network ApplianceWhen not connected to vFirewall or Integrated Network Appliance: IP address specified by NTT Communications
- Restrictions in case of default GW is specified by CustomervFirewall: The IP address which is set as a Default Gateway cannot be assigned to the vNIC of the Virtual Machine.INA: The IP address which is set as a Default Gateway cannot be assigned to the vNIC of the Virtual Machine and Service Interconnectivity Gateway.
* DNS IP address auto assigned by Guest OS Customization is not available for resolver. It is dummy IP address. Customer prepares DNS, please.
- In initial Server Segment setting for Primary vNIC, if vFirewall/INA was not set as default gateway, customer need to set static routing on Guest OS additionally (When returning default gateway to vFirewall/INA manually in Guest OS, it’s unnecessary.). If it is not added, Ping monitoring or OS license activation and so on will no longer be available.
Important
- For details about IP Address blocks for static routing, refer to separate volume “Functional Description (IP Address)”.
- Even if the default gateway is set as vFirewall/INA manually in Guest OS, and the customer manually changed the setting of the default gateway to non- EC vFW, customer also need to set static routing listed below on Guest OS.
Picture: Image of Static Route should be added when “non EC-FW” is set as Default Gateway.
5.3.3. Important Points¶
- The one Server Segment that is provided as standard when you start using the Data Center is always connected to vFirewall or Integrated Network Appliance.
- Server Segment cannot be deleted as long as the template exists on Private Catalog, when Virtual Machine which vNIC connecting the Server Segment is converted.
- There are IP Addresses which cannot be specified as IP address blocks (Non-duplicable IP Address) for Server Segments. Be aware that the IP address bands that cannot be specified differ according to Data Center.
Important
- For details about Non-duplicable IP Address blocks, refer to separate volume “Functional Description (IP Address)”.
- Customer’s carried-in Global IP Address can be assigned to Server Segment.However, please note that there are following restrictions.
- Please apply via Service Order Form when adding Server Segment with Customer’s carried-in Global IP Address.
- The direct Internet transmission is not possible via vFirewall or Integrated Network Appliance when using the Customer’s carried-in Global IP Address. NAT setting is necessary for the Global IP Address provided by NTT Communications.
- If the registered name for IP Address under NIC organization and the representative contractor name of Enterprise Cloud service does not match, the carried-in IP address would be considered as illegal Global IP Address and it cannot be supported. Also, we cannot guarantee the sustainability of the carried-in Global IP Address.
When over 64 Virtual Machine will be made on one Server Segment relevant to the following condition, preliminary setting by NTTCom is needed. So please request in ticket.
- Data Centers in Japan:Server Segment which was added before January 31st 2016.
- Data Centers the others: All Server Segments are target.
Note for Customer Portal available VPN Connectivity user, if Server Segment network address is set as routing information in VPN Gateway, the Server Segment cannot delete directly. Please delete routing information setting in VPN Gateway at first.