source/installguide/locale/pot/managing_networks.pot - cloudstack-documentation - Git at Google

 # SOME DESCRIPTIVE TITLE.
 # Copyright (C) 2014, Apache Software Foundation
 # This file is distributed under the same license as the Apache CloudStack Installation Documentation package.
 # FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
 #
 #, fuzzy
 msgid ""
 msgstr ""
 "Project-Id-Version: Apache CloudStack Installation Documentation 4\n"
 "Report-Msgid-Bugs-To: \n"
 "POT-Creation-Date: 2014-03-31 14:02-0400\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"
 "MIME-Version: 1.0\n"
 "Content-Type: text/plain; charset=UTF-8\n"
 "Content-Transfer-Encoding: 8bit\n"

 #: ../../managing_networks.rst:17
 # fc6be4b2a5ef4daab75e0149886b57ab
 msgid "Managing Networks and Traffic"
 msgstr ""

 #: ../../managing_networks.rst:19
 # e6e873bbde6b490a93904226a79e35e7
 msgid "In a CloudStack, guest VMs can communicate with each other using shared infrastructure with the security and user perception that the guests have a private LAN. The CloudStack virtual router is the main component providing networking features for guest traffic."
 msgstr ""

 #: ../../managing_networks.rst:25
 # 158d9384502741139d4db7ad5d35f129
 msgid "Guest Traffic"
 msgstr ""

 #: ../../managing_networks.rst:27
 # 79038a2139e34806a98fb5dd5d6b1380
 msgid "A network can carry guest traffic only between VMs within one zone. Virtual machines in different zones cannot communicate with each other using their IP addresses; they must communicate with each other by routing through a public IP address."
 msgstr ""

 #: ../../managing_networks.rst:32
 # 23f28e25661d4e449f0498521ff811f4
 msgid "See a typical guest traffic setup given below:"
 msgstr ""

 #: ../../managing_networks.rst:34
 # 3e47df0ab4fe4f7994d946a031909210
 msgid "|guest-traffic-setup.png: Depicts a guest traffic setup|"
 msgstr ""

 #: ../../managing_networks.rst:36
 # 4ddddc3fc73a4867a25fc49b035a99b7
 msgid "Typically, the Management Server automatically creates a virtual router for each network. A virtual router is a special virtual machine that runs on the hosts. Each virtual router in an isolated network has three network interfaces. If multiple public VLAN is used, the router will have multiple public interfaces. Its eth0 interface serves as the gateway for the guest traffic and has the IP address of 10.1.1.1. Its eth1 interface is used by the system to configure the virtual router. Its eth2 interface is assigned a public IP address for public traffic. If multiple public VLAN is used, the router will have multiple public interfaces."
 msgstr ""

 #: ../../managing_networks.rst:47
 # 32df6f633baa46de8a08df89b547bf68
 msgid "The virtual router provides DHCP and will automatically assign an IP address for each guest VM within the IP range assigned for the network. The user can manually reconfigure guest VMs to assume different IP addresses."
 msgstr ""

 #: ../../managing_networks.rst:52
 # 037184db1823493ab1584e55b5275584
 msgid "Source NAT is automatically configured in the virtual router to forward outbound traffic for all guest VMs"
 msgstr ""

 #: ../../managing_networks.rst:56
 # d2daf1fae25745c0a829cd52009d5ac3
 msgid "Networking in a Pod"
 msgstr ""

 #: ../../managing_networks.rst:58
 # 3574c26b40ab456e8286506f92bca83c
 msgid "The figure below illustrates network setup within a single pod. The hosts are connected to a pod-level switch. At a minimum, the hosts should have one physical uplink to each switch. Bonded NICs are supported as well. The pod-level switch is a pair of redundant gigabit switches with 10 G uplinks."
 msgstr ""

 #: ../../managing_networks.rst:64
 # 35d1da6e0db343f2ae916ce0be527d56
 msgid "|networksinglepod.png: diagram showing logical view of network in a pod|"
 msgstr ""

 #: ../../managing_networks.rst:66
 # b7c71c1045954931b9d89bd5843e0306
 msgid "Servers are connected as follows:"
 msgstr ""

 #: ../../managing_networks.rst:70
 # 09e404c4512e44e59345fa1f14899f3d
 msgid "Storage devices are connected to only the network that carries management traffic."
 msgstr ""

 #: ../../managing_networks.rst:75
 # a3a5ebaa022e413da0ffc6bdae7b6465
 msgid "Hosts are connected to networks for both management traffic and public traffic."
 msgstr ""

 #: ../../managing_networks.rst:80
 # bd0d953a458e41eea4bf15edbfb12b2a
 msgid "Hosts are also connected to one or more networks carrying guest traffic."
 msgstr ""

 #: ../../managing_networks.rst:83
 # 28c5e92ff62f49bba80dace0b3ae2fb0
 msgid "We recommend the use of multiple physical Ethernet cards to implement each network interface as well as redundant switch fabric in order to maximize throughput and improve reliability."
 msgstr ""

 #: ../../managing_networks.rst:88
 # d85d232eadb24f49a48d499c5adf81e7
 msgid "Networking in a Zone"
 msgstr ""

 #: ../../managing_networks.rst:90
 # 45168de567df49238a394803bce5aacc
 msgid "The following figure illustrates the network setup within a single zone."
 msgstr ""

 #: ../../managing_networks.rst:92
 # 29289f73fcf54224bc331c5454378f15
 msgid "|networksetupzone.png: Depicts network setup in a single zone|"
 msgstr ""

 #: ../../managing_networks.rst:94
 # df4e8223cc9c4409adf7cc8c71e7a98e
 msgid "A firewall for management traffic operates in the NAT mode. The network typically is assigned IP addresses in the 192.168.0.0/16 Class B private address space. Each pod is assigned IP addresses in the 192.168.\\*.0/24 Class C private address space."
 msgstr ""

 #: ../../managing_networks.rst:99
 # 9886368af88c424183304a4eb31ab641
 msgid "Each zone has its own set of public IP addresses. Public IP addresses from different zones do not overlap."
 msgstr ""

 #: ../../managing_networks.rst:103
 # e924366efd4241009758e8896b3e6669
 msgid "Basic Zone Physical Network Configuration"
 msgstr ""

 #: ../../managing_networks.rst:105
 # 99801fc2693a463386163a5ba924265b
 msgid "In a basic network, configuring the physical network is fairly straightforward. You only need to configure one guest network to carry traffic that is generated by guest VMs. When you first add a zone to CloudStack, you set up the guest network through the Add Zone screens."
 msgstr ""

 #: ../../managing_networks.rst:111
 # 4794c328db1440609a15296cef16b874
 msgid "Advanced Zone Physical Network Configuration"
 msgstr ""

 #: ../../managing_networks.rst:113
 # 627040abff364b5ea8314a3426b65674
 msgid "Within a zone that uses advanced networking, you need to tell the Management Server how the physical network is set up to carry different kinds of traffic in isolation."
 msgstr ""

 #: ../../managing_networks.rst:118
 # 7d82c9b8761a46dda119e356cf26d478
 msgid "Configure Guest Traffic in an Advanced Zone"
 msgstr ""

 #: ../../managing_networks.rst:120
 # 1744b57706544187ae3a8c396a505bf1
 msgid "These steps assume you have already logged in to the CloudStack UI. To configure the base guest network:"
 msgstr ""

 #: ../../managing_networks.rst:125
 # 5aecf3d836d747a884b554bca3fbb83d
 msgid "In the left navigation, choose Infrastructure. On Zones, click View More, then click the zone to which you want to add a network."
 msgstr ""

 #: ../../managing_networks.rst:130
 #: ../../managing_networks.rst:214
 #: ../../managing_networks.rst:1585
 # 0cbb909f14cb492385ca0848aa144676
 # ae580367a0aa4a1186f4e67538afff94
 # af249bda556241b28af1cd321cc15602
 msgid "Click the Network tab."
 msgstr ""

 #: ../../managing_networks.rst:134
 #: ../../managing_networks.rst:218
 #: ../../managing_networks.rst:1589
 # 7c7e182828424070b9c41369469b65f0
 # 2e538d60fc224c08a46491e983daca7e
 # 44ba62fc316b4753a5d2655c5c666a98
 msgid "Click Add guest network."
 msgstr ""

 #: ../../managing_networks.rst:136
 # 15e6873aadaf411c83caf85f0a01dd5e
 msgid "The Add guest network window is displayed:"
 msgstr ""

 #: ../../managing_networks.rst:138
 # 0d02390e218c427e9a53bf85ca53de51
 msgid "|addguestnetwork.png: Add guest network setup in a single zone|"
 msgstr ""

 #: ../../managing_networks.rst:142
 #: ../../managing_networks.rst:4111
 #: ../../managing_networks.rst:4979
 # 0800e2f4123c4dd9a3cf88e6df107406
 # 9e8f926d35dd4062a29482a8ac99cbde
 # 30dd4c879c8f431d96a1941eb88e5443
 msgid "Provide the following information:"
 msgstr ""

 #: ../../managing_networks.rst:146
 # 7604500c996c439089ccdde1d7c025b4
 msgid "**Name**. The name of the network. This will be user-visible"
 msgstr ""

 #: ../../managing_networks.rst:150
 # 360746c957d54a70bd23064f9714bf87
 msgid "**Display Text**: The description of the network. This will be user-visible"
 msgstr ""

 #: ../../managing_networks.rst:155
 # 4c0edf7e62fb438f9f48989672721586
 msgid "**Zone**: The zone in which you are configuring the guest network."
 msgstr ""

 #: ../../managing_networks.rst:159
 # d0157a715ff0417e968114b1c345ed05
 msgid "**Network offering**: If the administrator has configured multiple network offerings, select the one you want to use for this network"
 msgstr ""

 #: ../../managing_networks.rst:164
 # 8821fdb0e3e34d4eb2d879f89ef8265f
 msgid "**Guest Gateway**: The gateway that the guests should use"
 msgstr ""

 #: ../../managing_networks.rst:168
 # 4dc47880e5f541529ad13f5cf0ca522f
 msgid "**Guest Netmask**: The netmask in use on the subnet the guests will use"
 msgstr ""

 #: ../../managing_networks.rst:173
 #: ../../managing_networks.rst:870
 #: ../../managing_networks.rst:1242
 #: ../../managing_networks.rst:1419
 #: ../../managing_networks.rst:1742
 #: ../../managing_networks.rst:3064
 #: ../../managing_networks.rst:3578
 #: ../../managing_networks.rst:4209
 #: ../../managing_networks.rst:4245
 #: ../../managing_networks.rst:5015
 #: ../../managing_networks.rst:5106
 #: ../../managing_networks.rst:5352
 #: ../../managing_networks.rst:5394
 #: ../../managing_networks.rst:6843
 # 84368ab7e8384ed2ae5ecece5835bf18
 # 40ef14b296d343928f7b1af29927beba
 # fd54e59b59e34039ba86fdf384b32bb4
 # d595b9b3106b4a93b86dc8def713e6cf
 # 946c5d37563d43f98c6f39734828f252
 # 8969b38d8d954135bd6fd49ba48540a2
 # 96826bee1eba4ea1bbc5592ab0c19d71
 # b886d197d674421586d115da68f6e823
 # 8a1b58cd366c4d22a2a0ef021bf5439a
 # 8873118788c94bcc91cdcb0412e1f3a9
 # 067481ecae7e42a691ed616190af998f
 # 26e33f314996484ab84cff370047c483
 # 7d0cd95d267b472fb4b0dda772ffc2bc
 # 6ada6497acc04627b1750ff39f3e3b89
 msgid "Click OK."
 msgstr ""

 #: ../../managing_networks.rst:176
 # 92ed55846f3943a0899c3de25a023050
 msgid "Configure Public Traffic in an Advanced Zone"
 msgstr ""

 #: ../../managing_networks.rst:178
 # 915dafcef9e741c2a3aa241af4f416bf
 msgid "In a zone that uses advanced networking, you need to configure at least one range of IP addresses for Internet traffic."
 msgstr ""

 #: ../../managing_networks.rst:182
 # 38eed1230b0548409982c02a9e02c83e
 msgid "Configuring a Shared Guest Network"
 msgstr ""

 #: ../../managing_networks.rst:186
 #: ../../managing_networks.rst:760
 #: ../../managing_networks.rst:1557
 # 029160365cb44beeabf86951b8cabbac
 # 5709f6a0aa4d4e87afbf1cd833e9b2f3
 # 390b3883b39c4ad585199248f00069c2
 msgid "Log in to the CloudStack UI as administrator."
 msgstr ""

 #: ../../managing_networks.rst:190
 #: ../../managing_networks.rst:1354
 #: ../../managing_networks.rst:1561
 # 6b9a0641eccf4c888cb21525be4ed4c4
 # 25eb0f7c27f44e2983c3f49702a6d79b
 # 10241f1af1c84aa7a72d15d48b14b3e9
 msgid "In the left navigation, choose Infrastructure."
 msgstr ""

 #: ../../managing_networks.rst:194
 #: ../../managing_networks.rst:1565
 # 72ac0f8a684a418aa1a522b990724f3c
 # fcdd5db0bcf7487fb69abb38b182c87c
 msgid "On Zones, click View More."
 msgstr ""

 #: ../../managing_networks.rst:198
 #: ../../managing_networks.rst:1569
 # 15ee52a81be94e849e9aebbffd80f86e
 # 572f3b0de37d4cde8ee922ca57357102
 msgid "Click the zone to which you want to add a guest network."
 msgstr ""

 #: ../../managing_networks.rst:202
 #: ../../managing_networks.rst:776
 #: ../../managing_networks.rst:898
 #: ../../managing_networks.rst:1573
 # c8621ca1f0014cab8a2df11d16b6e23b
 # b0ac7488089d4de49ab63d4714a358d1
 # 67983bfccffe4126b74f01d74445a757
 # c54cc238e91a40e88ebec6ac9a67c3b9
 msgid "Click the Physical Network tab."
 msgstr ""

 #: ../../managing_networks.rst:206
 #: ../../managing_networks.rst:1577
 # 819adbe3002443ac81418804a6524958
 # 4f1ac1f461d24c96aac89732394faeb4
 msgid "Click the physical network you want to work with."
 msgstr ""

 #: ../../managing_networks.rst:210
 #: ../../managing_networks.rst:1581
 # bf5520949d574c33956b419b623300af
 # a5e3c030c17040fd843946f7acd71beb
 msgid "On the Guest node of the diagram, click Configure."
 msgstr ""

 #: ../../managing_networks.rst:220
 #: ../../managing_networks.rst:1591
 # 3a1c06a1806443829aced440705c6ebb
 # 035fafb19b594767b275df96c08bffd8
 msgid "The Add guest network window is displayed."
 msgstr ""

 #: ../../managing_networks.rst:224
 #: ../../managing_networks.rst:806
 #: ../../managing_networks.rst:822
 #: ../../managing_networks.rst:856
 #: ../../managing_networks.rst:916
 #: ../../managing_networks.rst:1218
 #: ../../managing_networks.rst:1391
 #: ../../managing_networks.rst:1595
 #: ../../managing_networks.rst:3095
 #: ../../managing_networks.rst:5061
 #: ../../managing_networks.rst:5485
 #: ../../managing_networks.rst:6237
 #: ../../managing_networks.rst:6629
 # 2f740f3f23ab48a29ae3adbaf94c9a76
 # 342b53e57638424dbd3fc25b5de444cc
 # 81cc7e7f5132410a85166b44099c4efd
 # 433cd273bd454f109daafe4144bedce4
 # fbc94c5a87b34f69a0b7ccd2ec2961b8
 # 49a60cbb39104498a256acb82fa540bc
 # d93b5e9a682247d09575b8fed78e8419
 # 17f3af10510b469ab4fa599fdeca5e84
 # 147594fd9398446a9bffe7aa89aa42ae
 # 9d0d76a77389406aa54c77270247fb68
 # 0d313bd3accd40bba047ccbf1b35d224
 # 3daf7170c2984410906999b0b0fa4f3c
 # 2240e232e86f4b3ca8ab2960be6c573b
 msgid "Specify the following:"
 msgstr ""

 #: ../../managing_networks.rst:228
 #: ../../managing_networks.rst:1599
 # 14a5b53bcd874033a8eaa789e7c562d1
 # 2f405f166fd04a0bacf050bb1f4f4250
 msgid "**Name**: The name of the network. This will be visible to the user."
 msgstr ""

 #: ../../managing_networks.rst:233
 #: ../../managing_networks.rst:1604
 # 0f8d2c8170fd4b98bf717c87aef34378
 # 7585c82a0ece4f368233e94f9d3dfa64
 msgid "**Description**: The short description of the network that can be displayed to users."
 msgstr ""

 #: ../../managing_networks.rst:238
 #: ../../managing_networks.rst:1609
 # 99429451759a40f7ba18b278914e39f0
 # 88da596b302847b090b03d4973e86bfd
 msgid "**VLAN ID**: The unique ID of the VLAN."
 msgstr ""

 #: ../../managing_networks.rst:242
 # 00c2912dbf2443aa9b3241c8c5676742
 msgid "**Isolated VLAN ID**: The unique ID of the Secondary Isolated VLAN."
 msgstr ""

 #: ../../managing_networks.rst:247
 #: ../../managing_networks.rst:1621
 # 6d2136a01445425e94f1ff5205af5c28
 # f35050303cac4011bb97763f32382baf
 msgid "**Scope**: The available scopes are Domain, Account, Project, and All."
 msgstr ""

 #: ../../managing_networks.rst:252
 #: ../../managing_networks.rst:1626
 # fe3608c2f3b3416aa62072104aa0fa8e
 # 21c43e42d8d34b4c97f8065f32bdae9e
 msgid "**Domain**: Selecting Domain limits the scope of this guest network to the domain you specify. The network will not be available for other domains. If you select Subdomain Access, the guest network is available to all the sub domains within the selected domain."
 msgstr ""

 #: ../../managing_networks.rst:260
 #: ../../managing_networks.rst:1634
 # 5703f6a9a2db4216aca3b448df168a2a
 # a98df446d79849acbcf910ae486f9f24
 msgid "**Account**: The account for which the guest network is being created for. You must specify the domain the account belongs to."
 msgstr ""

 #: ../../managing_networks.rst:266
 #: ../../managing_networks.rst:1640
 # a1006b86f9414bee862542a9fe33ea89
 # 7431a628570b4f8f941f22c0dbca0d10
 msgid "**Project**: The project for which the guest network is being created for. You must specify the domain the project belongs to."
 msgstr ""

 #: ../../managing_networks.rst:272
 #: ../../managing_networks.rst:1646
 # 8b76a654149140adb4fb77dc2eaa7f03
 # 86babff897704393a7a47fac16fdb6da
 msgid "**All**: The guest network is available for all the domains, account, projects within the selected zone."
 msgstr ""

 #: ../../managing_networks.rst:277
 #: ../../managing_networks.rst:1651
 # abea434f07f34363afcd9c5acb702a37
 # 1367c8fe48974b6b8fcef96e9154b1f5
 msgid "**Network Offering**: If the administrator has configured multiple network offerings, select the one you want to use for this network."
 msgstr ""

 #: ../../managing_networks.rst:283
 #: ../../managing_networks.rst:1657
 # 699e9d5856cb463885a05f687b080247
 # 433ee2c2a4084f46956487e77324431b
 msgid "**Gateway**: The gateway that the guests should use."
 msgstr ""

 #: ../../managing_networks.rst:287
 #: ../../managing_networks.rst:1661
 # ce51526eaf0744f69498878264436b85
 # 45bbdda7a102498a9f476b2cdb175fd2
 msgid "**Netmask**: The netmask in use on the subnet the guests will use."
 msgstr ""

 #: ../../managing_networks.rst:291
 #: ../../managing_networks.rst:1665
 # 6dbeaf06a3e14f82aa81cb65f66d29f5
 # 4eec9a4a29fa4d52a6b4337a8a50155c
 msgid "**IP Range**: A range of IP addresses that are accessible from the Internet and are assigned to the guest VMs."
 msgstr ""

 #: ../../managing_networks.rst:294
 # 6136c512a7fd43cf949e71c315564e8e
 msgid "If one NIC is used, these IPs should be in the same CIDR in the case of IPv6."
 msgstr ""

 #: ../../managing_networks.rst:299
 # 2049d251d6d24864be2401aae7d15eda
 msgid "**IPv6 CIDR**: The network prefix that defines the guest network subnet. This is the CIDR that describes the IPv6 addresses in use in the guest networks in this zone. To allot IP addresses from within a particular address block, enter a CIDR."
 msgstr ""

 #: ../../managing_networks.rst:306
 #: ../../managing_networks.rst:1670
 # 2eb61bdd6e2e4d0fb52eb0f2ab77e5c3
 # eb07ff88c573443cbf65bd9790a02d7e
 msgid "**Network Domain**: A custom DNS suffix at the level of a network. If you want to assign a special domain name to the guest VM network, specify a DNS suffix."
 msgstr ""

 #: ../../managing_networks.rst:312
 #: ../../managing_networks.rst:1676
 #: ../../managing_networks.rst:3133
 #: ../../managing_networks.rst:3172
 #: ../../managing_networks.rst:4450
 # 01a5c1ddc4284bf7bb918c2924b99144
 # 29e37ee9c31a42b3b19bbd29b62699db
 # 5b8546575cc143e6aa6df3a739ec2dd4
 # c9c0a1842e2243cbbfbdd7bda9f8c173
 # 62ad85eee39c492e951ac8ef8cc0f1de
 msgid "Click OK to confirm."
 msgstr ""

 #: ../../managing_networks.rst:315
 # 0ba3f54aff874d7eb78409feb3e574cb
 msgid "Using Multiple Guest Networks"
 msgstr ""

 #: ../../managing_networks.rst:317
 # 9ee699c8fe6347568730b54b7737afe5
 msgid "In zones that use advanced networking, additional networks for guest traffic may be added at any time after the initial installation. You can also customize the domain name associated with the network by specifying a DNS suffix for each network."
 msgstr ""

 #: ../../managing_networks.rst:322
 # cb2cfc8f5dd14b6a8d4c568329b1bc9e
 msgid "A VM's networks are defined at VM creation time. A VM cannot add or remove networks after it has been created, although the user can go into the guest and remove the IP address from the NIC on a particular network."
 msgstr ""

 #: ../../managing_networks.rst:327
 # 044af5c71d054ac780d922e821f138a2
 msgid "Each VM has just one default network. The virtual router's DHCP reply will set the guest's default gateway as that for the default network. Multiple non-default networks may be added to a guest in addition to the single, required default network. The administrator can control which networks are available as the default network."
 msgstr ""

 #: ../../managing_networks.rst:333
 # 0adbfc444f2b4c1db5edbdd5b7d6bbea
 msgid "Additional networks can either be available to all accounts or be assigned to a specific account. Networks that are available to all accounts are zone-wide. Any user with access to the zone can create a VM with access to that network. These zone-wide networks provide little or no isolation between guests.Networks that are assigned to a specific account provide strong isolation."
 msgstr ""

 #: ../../managing_networks.rst:341
 # b7306772cd68452da7fcba1da1f76cb7
 msgid "Adding an Additional Guest Network"
 msgstr ""

 #: ../../managing_networks.rst:345
 #: ../../managing_networks.rst:412
 #: ../../managing_networks.rst:477
 #: ../../managing_networks.rst:508
 #: ../../managing_networks.rst:543
 #: ../../managing_networks.rst:686
 #: ../../managing_networks.rst:1196
 #: ../../managing_networks.rst:1249
 #: ../../managing_networks.rst:1350
 #: ../../managing_networks.rst:1722
 #: ../../managing_networks.rst:1799
 #: ../../managing_networks.rst:2157
 #: ../../managing_networks.rst:3200
 #: ../../managing_networks.rst:3243
 #: ../../managing_networks.rst:3286
 #: ../../managing_networks.rst:3362
 #: ../../managing_networks.rst:3464
 #: ../../managing_networks.rst:3611
 #: ../../managing_networks.rst:3743
 #: ../../managing_networks.rst:4095
 #: ../../managing_networks.rst:4219
 #: ../../managing_networks.rst:4252
 #: ../../managing_networks.rst:4349
 #: ../../managing_networks.rst:4542
 #: ../../managing_networks.rst:4963
 #: ../../managing_networks.rst:5028
 #: ../../managing_networks.rst:5156
 #: ../../managing_networks.rst:5238
 #: ../../managing_networks.rst:5406
 #: ../../managing_networks.rst:5643
 #: ../../managing_networks.rst:5735
 #: ../../managing_networks.rst:5823
 #: ../../managing_networks.rst:5913
 #: ../../managing_networks.rst:6155
 #: ../../managing_networks.rst:6463
 #: ../../managing_networks.rst:6547
 #: ../../managing_networks.rst:6672
 #: ../../managing_networks.rst:6711
 # bbfccf4187ee4d4fbf07e7f4bb88a635
 # 55b4e0f4a10d435781dc67f60c289bcc
 # 448e46420df84abe9fd5e0a98622bd8a
 # 7045e9260e2b41ac88aea79006e38ad5
 # c94a526c0dc04ebba1a701bb33b34bd3
 # 5878e84a00674d17980caa25c5845868
 # 21870457e3e743f78d2afa2427544010
 # c407b2aceffd487888c468b506ec84f2
 # be7946dbd37144e8a9a120d588d4ed8d
 # 57c820671f3e472e80e9758a6875049d
 # 7effce72473246f583a2c6706cf7ae8b
 # 10a47885bc344872bb68acaa38950c56
 # 0e16e2897c2541bdb9a9fe44c7c8c314
 # 69c641cc9e5745699a855b095a3f4234
 # 682913d951a64d7a9672b6c2d8ce61ec
 # b507fdb77c914103931f4382f7e94b6f
 # 69bf185d9530474e9d1e3ac4caccde82
 # 3a12fbb150d4405283cf759bdc0f579c
 # ce1e6561910a4f9b92872de6c4f0fe75
 # 8e6a2cd4f9da4a7da14bd4ff19517c5c
 # 0c0a9fa95a2c4c23affeb329bc18b9cd
 # ba5dc11cd6054bb0842bd0c996926273
 # 0383bb7ab57f403bb4dfdfd3cbe56bad
 # 0ce64e2cda5f451f939117bb581125bb
 # 2e7c7ca911564fd0b55e438fbf85b707
 # 724f938759144bca86466d021cded7cb
 # 3eb23b8ca60f439097e03d61faefe36b
 # a1e4d7e27f0a4bfd89398d6c8e268485
 # 4fdda4830b1d407b8baa1d170ccbd0f5
 # c1fe8cc9534f44f1825f02b028eda7ff
 # 1c6cfb5f62e947c8a05df1bdbca53570
 # 797717e559d24b03951f25f843042245
 # e1e46b9e3b67432eba081e3fa0b0b179
 # 7b6bd9d6ebe042aa817672a63cbdfa37
 # c7d9f6a38d724a9aa8a5caa76ed2d848
 # e6c130b9b73f4034b0e9d9c8a3aaa8dd
 # bdc2624551194b9eadb9cdfdf7403a02
 # c7ca24ebec074700a533736638fefcc0
 msgid "Log in to the CloudStack UI as an administrator or end user."
 msgstr ""

 #: ../../managing_networks.rst:349
 #: ../../managing_networks.rst:553
 #: ../../managing_networks.rst:690
 #: ../../managing_networks.rst:1253
 #: ../../managing_networks.rst:2161
 #: ../../managing_networks.rst:3204
 #: ../../managing_networks.rst:3247
 #: ../../managing_networks.rst:3290
 #: ../../managing_networks.rst:3366
 #: ../../managing_networks.rst:3468
 #: ../../managing_networks.rst:4099
 #: ../../managing_networks.rst:4223
 #: ../../managing_networks.rst:4256
 #: ../../managing_networks.rst:4353
 #: ../../managing_networks.rst:4546
 #: ../../managing_networks.rst:4967
 #: ../../managing_networks.rst:5032
 #: ../../managing_networks.rst:5160
 #: ../../managing_networks.rst:5242
 #: ../../managing_networks.rst:5410
 #: ../../managing_networks.rst:5647
 #: ../../managing_networks.rst:5739
 #: ../../managing_networks.rst:5827
 #: ../../managing_networks.rst:5917
 #: ../../managing_networks.rst:6159
 #: ../../managing_networks.rst:6467
 #: ../../managing_networks.rst:6551
 #: ../../managing_networks.rst:6676
 #: ../../managing_networks.rst:6715
 # 542d2aed321d47bdabd1fca487ffd35e
 # e9aad32ba9934dfabf895d86886307b4
 # a64380da9ffa4f209568917d3e2f7ae6
 # f6467d352c5441f3aac59ff1a7e5751e
 # 489eb5a18ecf487089f92e974e4004b2
 # b77e8c3076474667a41f9c643cfb8921
 # 53f468b814a14dc7bc2846e0bb679713
 # b20083aec91a49e38ba1bd1bbd5ca432
 # cc62da2d87294fe59e75b03eab0b30de
 # 89a49e650a154374ac569bb05b88d91f
 # 230865dbd3c4443cb426bb570ee13485
 # 774f364202474a70b77a8561495b3245
 # 0ad7189c21294ef0b43aba32a8bafb7d
 # 726205f734c447d48af0ecd790bd238a
 # fdade5ad8a554d8897cc4e6c27dbc34e
 # 749f818fe9a349f9bb8cb7538cde74f8
 # b444a52f1dd14725bbd9f33966b9b508
 # bdcf2c42e7064f82ade52bd341621f2e
 # b1f4a91afafd4f6e84df0723ead48206
 # 541424f9e38a42d983bb27f87dcd3225
 # b5e9e12abba44624b3b74fc09e0f77fc
 # f392c162ed3241f09fc16f75065cd789
 # 2cd0df6af7ef4a7f9bad72059870b57b
 # e7d42493086e4c04a6545951d4c1ce5b
 # 3f34c206961e4a239714abc14d945f2c
 # d874094ea72f43988a5a4da919c3aae1
 # 0107854a76984dd18cc4256511f643fb
 # 399088fe7776424c8455730cb62a2f94
 # 9eaf23c1feb144f1b0cd1227b0b9ddd1
 msgid "In the left navigation, choose Network."
 msgstr ""

 #: ../../managing_networks.rst:353
 # ffe816f2fabe4d698bc426a2756acbe6
 msgid "Click Add guest network. Provide the following information:"
 msgstr ""

 #: ../../managing_networks.rst:357
 # e493749a1b58441b9f26c0ff3b13b9a7
 msgid "**Name**: The name of the network. This will be user-visible."
 msgstr ""

 #: ../../managing_networks.rst:361
 # e6573973726c48d1a6ddd47d98dfc7d4
 msgid "**Display Text**: The description of the network. This will be user-visible."
 msgstr ""

 #: ../../managing_networks.rst:366
 # 12ce0885bb7f4c36890123d1bdbd6b6d
 msgid "**Zone**. The name of the zone this network applies to. Each zone is a broadcast domain, and therefore each zone has a different IP range for the guest network. The administrator must configure the IP range for each zone."
 msgstr ""

 #: ../../managing_networks.rst:373
 # 6a5f82ef524445d184e3c139994c446f
 msgid "**Network offering**: If the administrator has configured multiple network offerings, select the one you want to use for this network."
 msgstr ""

 #: ../../managing_networks.rst:379
 # d63cb3347919412cb5652d167f3198a0
 msgid "**Guest Gateway**: The gateway that the guests should use."
 msgstr ""

 #: ../../managing_networks.rst:383
 # 1da6215b19f84083aeac888d2ef3bff1
 msgid "**Guest Netmask**: The netmask in use on the subnet the guests will use."
 msgstr ""

 #: ../../managing_networks.rst:388
 #: ../../managing_networks.rst:3947
 # 4a768d89236c43fd9f2c33eab727c4e8
 # a127adae4308423cb1caf2db8966bdc4
 msgid "Click Create."
 msgstr ""

 #: ../../managing_networks.rst:391
 # 21b37eb5b7fe40bd99e0910a9f2bb75a
 msgid "Reconfiguring Networks in VMs"
 msgstr ""

 #: ../../managing_networks.rst:393
 # 476864eb3c9c4bccb394ef84b6e0c94b
 msgid "CloudStack provides you the ability to move VMs between networks and reconfigure a VM's network. You can remove a VM from a network and add to a new network. You can also change the default network of a virtual machine. With this functionality, hybrid or traditional server loads can be accommodated with ease."
 msgstr ""

 #: ../../managing_networks.rst:399
 # 9e97bafcd742424d921d811f3230a213
 msgid "This feature is supported on XenServer, VMware, and KVM hypervisors."
 msgstr ""

 #: ../../managing_networks.rst:402
 #: ../../managing_networks.rst:1517
 # f34aa270088a4613b0a44df4357afc8f
 # 8bd7a92ac32d4a2a929c8af17d3fb170
 msgid "Prerequisites"
 msgstr ""

 #: ../../managing_networks.rst:404
 # 145ab5ecce044608b4b9656676c6cfc7
 msgid "Ensure that vm-tools are running on guest VMs for adding or removing networks to work on VMware hypervisor."
 msgstr ""

 #: ../../managing_networks.rst:408
 # 5a51c1312ebb4557a8603954294917c7
 msgid "Adding a Network"
 msgstr ""

 #: ../../managing_networks.rst:416
 #: ../../managing_networks.rst:481
 #: ../../managing_networks.rst:512
 # ecf6574c795f4768b731ef450b7ae607
 # 3b1c880a36ab4788a672d34d01ef6a4c
 # 49f1a64bc600489b90f669ff77ba9059
 msgid "In the left navigation, click Instances."
 msgstr ""

 #: ../../managing_networks.rst:420
 #: ../../managing_networks.rst:485
 #: ../../managing_networks.rst:516
 # 338fcbaeb8724ead9106c34112c862d9
 # bca3b4caf62d4663b33417eb7edaf223
 # f31277b33b9e4e2f9793e5a8ca4d7bb5
 msgid "Choose the VM that you want to work with."
 msgstr ""

 #: ../../managing_networks.rst:424
 #: ../../managing_networks.rst:489
 #: ../../managing_networks.rst:520
 # 156d65dc581c4df498395e309bc7cbde
 # e5d8801dfa004ca1b93351677c983d89
 # 469dea7ab2094639b3d9a2299529fc07
 msgid "Click the NICs tab."
 msgstr ""

 #: ../../managing_networks.rst:428
 # 1bd7e90630f144b2b08248a827e64b0b
 msgid "Click Add network to VM."
 msgstr ""

 #: ../../managing_networks.rst:430
 # 049059a7b43d4efc989e4fcd813e6e1c
 msgid "The Add network to VM dialog is displayed."
 msgstr ""

 #: ../../managing_networks.rst:434
 # 5c99fc8205ef493dbab49c0599061a45
 msgid "In the drop-down list, select the network that you would like to add this VM to."
 msgstr ""

 #: ../../managing_networks.rst:437
 # 901988536d184641ac9d5ecaaee03ee2
 msgid "A new NIC is added for this network. You can view the following details in the NICs page:"
 msgstr ""

 #: ../../managing_networks.rst:442
 # 8d071d6df54845d6a56e7d96321dd7e8
 msgid "ID"
 msgstr ""

 #: ../../managing_networks.rst:446
 # ba92b68db3fc48ae810bd43616abc87a
 msgid "Network Name"
 msgstr ""

 #: ../../managing_networks.rst:450
 # eefe16e33001458591bb721f9e964a32
 msgid "Type"
 msgstr ""

 #: ../../managing_networks.rst:454
 #: ../../managing_networks.rst:4332
 #: ../../managing_networks.rst:4458
 # ce7e7d2354fc48ccb97e1c2917007397
 # 35a3d8a7cc444f7289fff5b3f02731e3
 # 906d6bce91f745de9cc8eb362260b17b
 msgid "IP Address"
 msgstr ""

 #: ../../managing_networks.rst:458
 #: ../../managing_networks.rst:4462
 # 07c404d90b444084935108a2905f8147
 # aa4cc5b288b14a26b34b3cd819e6be4e
 msgid "Gateway"
 msgstr ""

 #: ../../managing_networks.rst:462
 # da3675e2aed24eb681d8601910102496
 msgid "Netmask"
 msgstr ""

 #: ../../managing_networks.rst:466
 # 48374307b68a4eff88c1778ea7bd9380
 msgid "Is default"
 msgstr ""

 #: ../../managing_networks.rst:470
 # 2777d60a7bf14a35bd37af5f0ac55458
 msgid "CIDR (for IPv6)"
 msgstr ""

 #: ../../managing_networks.rst:473
 # 84f9d9b60c4e4ce4a509cad5b0900a5b
 msgid "Removing a Network"
 msgstr ""

 #: ../../managing_networks.rst:493
 # 707d137eb0aa4adaa497aff9a413ad06
 msgid "Locate the NIC you want to remove."
 msgstr ""

 #: ../../managing_networks.rst:497
 # c2a07f20886b47be83f065291dfee6fb
 msgid "Click Remove NIC button. |remove-nic.png: button to remove a NIC|"
 msgstr ""

 #: ../../managing_networks.rst:501
 #: ../../managing_networks.rst:533
 # b23abd4aac6242bdbc3f97acc2666a90
 # 8f8b04c7921a441ba8480683014b9864
 msgid "Click Yes to confirm."
 msgstr ""

 #: ../../managing_networks.rst:504
 # 4f9e35dc3f614384a7505c4161fffaac
 msgid "Selecting the Default Network"
 msgstr ""

 #: ../../managing_networks.rst:524
 # 40b332e2efca44c092058585a0004200
 msgid "Locate the NIC you want to work with."
 msgstr ""

 #: ../../managing_networks.rst:528
 # 3d3dc6ede8e440efab9778ab27669811
 msgid "Click the Set default NIC button. |set-default-nic.png: button to set a NIC as default one.|"
 msgstr ""

 #: ../../managing_networks.rst:536
 # f0c74bc7df3d400bac208e03ca7e454d
 msgid "Changing the Network Offering on a Guest Network"
 msgstr ""

 #: ../../managing_networks.rst:538
 # bd0f96f469b24f7cb9efc0e11835fc56
 msgid "A user or administrator can change the network offering that is associated with an existing guest network."
 msgstr ""

 #: ../../managing_networks.rst:547
 # 746637ea703149eab979289dea055956
 msgid "If you are changing from a network offering that uses the CloudStack virtual router to one that uses external devices as network service providers, you must first stop all the VMs on the network."
 msgstr ""

 #: ../../managing_networks.rst:557
 #: ../../managing_networks.rst:694
 # b06f831436614c7799e92f02062dd02e
 # b2aef771f9cb4102849882e08921deda
 msgid "Click the name of the network you want to modify."
 msgstr ""

 #: ../../managing_networks.rst:561
 # 8fe0c8047dd941648bdb27d5c4d46d64
 msgid "In the Details tab, click Edit. |EditButton.png: button to edit a network|"
 msgstr ""

 #: ../../managing_networks.rst:566
 # 38ce91cfac534d3d8ce2d2be8ac4d9db
 msgid "In Network Offering, choose the new network offering, then click Apply."
 msgstr ""

 #: ../../managing_networks.rst:569
 # 0c9082cd84904f30a842d0296519899f
 msgid "A prompt is displayed asking whether you want to keep the existing CIDR. This is to let you know that if you change the network offering, the CIDR will be affected."
 msgstr ""

 #: ../../managing_networks.rst:573
 # 395368811c93495691bd4e308ae0bbc4
 msgid "If you upgrade between virtual router as a provider and an external network device as provider, acknowledge the change of CIDR to continue, so choose Yes."
 msgstr ""

 #: ../../managing_networks.rst:579
 # ee09bef0f4f84d41a949984dce97934e
 msgid "Wait for the update to complete. Don’t try to restart VMs until the network change is complete."
 msgstr ""

 #: ../../managing_networks.rst:584
 # 7c315c696ed54f5197595376cdd7d0c0
 msgid "If you stopped any VMs, restart them."
 msgstr ""

 #: ../../managing_networks.rst:587
 # 92b286db05494a3f9d6591a9f2ccfc6a
 msgid "IP Reservation in Isolated Guest Networks"
 msgstr ""

 #: ../../managing_networks.rst:589
 # 67ed578463354e849af5ed40418159aa
 msgid "In isolated guest networks, a part of the guest IP address space can be reserved for non-CloudStack VMs or physical servers. To do so, you configure a range of Reserved IP addresses by specifying the CIDR when a guest network is in Implemented state. If your customers wish to have non-CloudStack controlled VMs or physical servers on the same network, they can share a part of the IP address space that is primarily provided to the guest network."
 msgstr ""

 #: ../../managing_networks.rst:597
 # d38381f1dad148afb7aeed5ee6e6db41
 msgid "In an Advanced zone, an IP address range or a CIDR is assigned to a network when the network is defined. The CloudStack virtual router acts as the DHCP server and uses CIDR for assigning IP addresses to the guest VMs. If you decide to reserve CIDR for non-CloudStack purposes, you can specify a part of the IP address range or the CIDR that should only be allocated by the DHCP service of the virtual router to the guest VMs created in CloudStack. The remaining IPs in that network are called Reserved IP Range. When IP reservation is configured, the administrator can add additional VMs or physical servers that are not part of CloudStack to the same network and assign them the Reserved IP addresses. CloudStack guest VMs cannot acquire IPs from the Reserved IP Range."
 msgstr ""

 #: ../../managing_networks.rst:611
 # 3031b1a715ff422bad8de1f97adc2db7
 msgid "IP Reservation Considerations"
 msgstr ""

 #: ../../managing_networks.rst:613
 # c57c48d3a65e474c89a99952e65a6a40
 msgid "Consider the following before you reserve an IP range for non-CloudStack machines:"
 msgstr ""

 #: ../../managing_networks.rst:618
 # 05c140f272754cfb9d21597b9c778fc5
 msgid "IP Reservation is supported only in Isolated networks."
 msgstr ""

 #: ../../managing_networks.rst:622
 # f5211c450a014b0a8d335434d84aa391
 msgid "IP Reservation can be applied only when the network is in Implemented state."
 msgstr ""

 #: ../../managing_networks.rst:627
 # 6add1277df044450bce332b364de119b
 msgid "No IP Reservation is done by default."
 msgstr ""

 #: ../../managing_networks.rst:631
 # 0847da9c049c4c0da2a6eac963931b02
 msgid "Guest VM CIDR you specify must be a subset of the network CIDR."
 msgstr ""

 #: ../../managing_networks.rst:635
 # 36a9bbd09feb416ca7f9ccca3c54eefb
 msgid "Specify a valid Guest VM CIDR. IP Reservation is applied only if no active IPs exist outside the Guest VM CIDR."
 msgstr ""

 #: ../../managing_networks.rst:638
 # 191010bd30424f3aa12cf309a48dcfc4
 msgid "You cannot apply IP Reservation if any VM is alloted with an IP address that is outside the Guest VM CIDR."
 msgstr ""

 #: ../../managing_networks.rst:643
 # e4b8dc3735d4441ebf832418538d5833
 msgid "To reset an existing IP Reservation, apply IP reservation by specifying the value of network CIDR in the CIDR field."
 msgstr ""

 #: ../../managing_networks.rst:646
 # 8281e4ae0c6a4374b25bfef4f7e74405
 msgid "For example, the following table describes three scenarios of guest network creation:"
 msgstr ""

 #: ../../managing_networks.rst:650
 # 9f714ae7b5f346bc87da5182136d41e5
 msgid "Case"
 msgstr ""

 #: ../../managing_networks.rst:650
 #: ../../managing_networks.rst:3846
 #: ../../managing_networks.rst:4293
 #: ../../managing_networks.rst:4393
 #: ../../managing_networks.rst:4587
 #: ../../managing_networks.rst:5144
 #: ../../managing_networks.rst:5193
 #: ../../managing_networks.rst:5451
 #: ../../managing_networks.rst:5776
 #: ../../managing_networks.rst:5863
 #: ../../managing_networks.rst:5954
 #: ../../managing_networks.rst:6196
 #: ../../managing_networks.rst:6588
 # 43eb64da7dd14977948b1fd136c81c4f
 # ba69ebf50fa04e628494a63c71ee09be
 # 6e509570aefc4ed58372df0bae71f59e
 # e02ce26c53d447cab48c5987becb6178
 # 372de59b30db4b00a1a4a4503aecb29d
 # 0efc90dc789a42219e0e1821921c3a3b
 # 2f722e4bc54941bf9ac18e34ec89ea21
 # 0f4f84fccf1c4879a9ec6691a4abb447
 # 04c82a1485db4a52a0c4fae3e4018e41
 # 8788d910542844b09ae66506304063dc
 # e65e4e6cdcba4f138e43047ff9d3bed6
 # 23d809b6aa20458dacb898b0e8b4d1da
 # cd520efc8baa4344b57bd33b0fa5254d
 msgid "CIDR"
 msgstr ""

 #: ../../managing_networks.rst:650
 # 63125858003344c0b965da2ac922cf02
 msgid "Network CIDR"
 msgstr ""

 #: ../../managing_networks.rst:650
 # c3c99ba5184c4c9194605bb04a547f39
 msgid "Reserved IP Range for Non-CloudStack VMs"
 msgstr ""

 #: ../../managing_networks.rst:650
 # 0e5c1cae0f4d4f06851e27a50273b95c
 msgid "Description"
 msgstr ""

 #: ../../managing_networks.rst:652
 #: ../../managing_networks.rst:5146
 # 2e71a7acd08543168d74d2c0d03e0c39
 # d06565ec0d634d848669aa19d123d59a
 msgid "1"
 msgstr ""

 #: ../../managing_networks.rst:652
 #: ../../managing_networks.rst:653
 #: ../../managing_networks.rst:654
 # bd4f28e5c83943d8882e2012659415bf
 # 249137a9387145d0ac514e9000be76cd
 # d7c4b09246fb4bfeb5649c2cf6e23d30
 msgid "10.1.1.0/24"
 msgstr ""

 #: ../../managing_networks.rst:652
 #: ../../managing_networks.rst:652
 #: ../../managing_networks.rst:654
 #: ../../managing_networks.rst:654
 # 2f9cc88264fb4285bfa3149ea04b26a5
 # d74122c1ce754a1999acc721dfe12491
 # 3e1cad272521413bb73ebf025861f357
 # c9bd04abf9984e3d82a008b15823df6f
 msgid "None"
 msgstr ""

 #: ../../managing_networks.rst:652
 # 672d94082a534891849650884d4c25d0
 msgid "No IP Reservation."
 msgstr ""

 #: ../../managing_networks.rst:653
 #: ../../managing_networks.rst:5147
 # 7f31ca61138545d19f53bfea0156930f
 # f11cfcf719bc4813a691abc48eef0c50
 msgid "2"
 msgstr ""

 #: ../../managing_networks.rst:653
 # 8e804381dca64c3ab199583ca238a7e8
 msgid "10.1.1.0/26"
 msgstr ""

 #: ../../managing_networks.rst:653
 # 042cf084bef6418fa9d8ee1a00593e8a
 msgid "10.1.1.64 to 10.1.1.254"
 msgstr ""

 #: ../../managing_networks.rst:653
 # 2094d73c4b004d18b9b1c3be4ac72e10
 msgid "IP Reservation configured by the UpdateNetwork API with guestvmcidr=10.1.1.0/26 or enter 10.1.1.0/26 in the CIDR field in the UI."
 msgstr ""

 #: ../../managing_networks.rst:654
 # 769561dd7e454a58b571d069407bc84f
 msgid "3"
 msgstr ""

 #: ../../managing_networks.rst:654
 # 99819f9f881049da88cf236d227fbcce
 msgid "Removing IP Reservation by the UpdateNetwork API with guestvmcidr=10.1.1.0/24 or enter 10.1.1.0/24 in the CIDR field in the UI."
 msgstr ""

 #: ../../managing_networks.rst:659
 # af64fa9a0d594bf6aba58e557fb64ef2
 msgid "Limitations"
 msgstr ""

 #: ../../managing_networks.rst:663
 # b133ecb14f0743c5aad172cbec921f69
 msgid "The IP Reservation is not supported if active IPs that are found outside the Guest VM CIDR."
 msgstr ""

 #: ../../managing_networks.rst:668
 # 9c8183bbe2aa4950a96b3f707269281c
 msgid "Upgrading network offering which causes a change in CIDR (such as upgrading an offering with no external devices to one with external devices) IP Reservation becomes void if any. Reconfigure IP Reservation in the new re-implemeted network."
 msgstr ""

 #: ../../managing_networks.rst:674
 # a6037f7354694b7fa3df7eab35ce68a3
 msgid "Best Practices"
 msgstr ""

 #: ../../managing_networks.rst:676
 # 1402bdfed0e642a5bc411cad728d629f
 msgid "Apply IP Reservation to the guest network as soon as the network state changes to Implemented. If you apply reservation soon after the first guest VM is deployed, lesser conflicts occurs while applying reservation."
 msgstr ""

 #: ../../managing_networks.rst:682
 # 9d8b936d8d924b3e9610e79cea49d7ed
 msgid "Reserving an IP Range"
 msgstr ""

 #: ../../managing_networks.rst:698
 # 43313d5d032c4bc1ae00497086042bf1
 msgid "In the Details tab, click Edit. |edit-icon.png: button to edit a network|"
 msgstr ""

 #: ../../managing_networks.rst:701
 # 4b6443793ca64ed7b71e9dacebc772c6
 msgid "The CIDR field changes to editable one."
 msgstr ""

 #: ../../managing_networks.rst:705
 # 170900f4419c40d3ae77ba9cee3b6fff
 msgid "In CIDR, specify the Guest VM CIDR."
 msgstr ""

 #: ../../managing_networks.rst:709
 # 1fccea99506b441bba9fd6fbc76dd995
 msgid "Click Apply."
 msgstr ""

 #: ../../managing_networks.rst:711
 # c0734e33a8844d90aac6295573540aee
 msgid "Wait for the update to complete. The Network CIDR and the Reserved IP Range are displayed on the Details page."
 msgstr ""

 #: ../../managing_networks.rst:715
 # aad0613e9913469fb756198fc0170632
 msgid "Reserving Public IP Addresses and VLANs for Accounts"
 msgstr ""

 #: ../../managing_networks.rst:717
 # 6e44df38576d4f5e99903f26a9db1253
 msgid "CloudStack provides you the ability to reserve a set of public IP addresses and VLANs exclusively for an account. During zone creation, you can continue defining a set of VLANs and multiple public IP ranges. This feature extends the functionality to enable you to dedicate a fixed set of VLANs and guest IP addresses for a tenant."
 msgstr ""

 #: ../../managing_networks.rst:723
 # 8da4bb7270e845baa41435d7a8dc2897
 msgid "Note that if an account has consumed all the VLANs and IPs dedicated to it, the account can acquire two more resources from the system. CloudStack provides the root admin with two configuration parameter to modify this default behavior—use.system.public.ips and use.system.guest.vlans. These global parameters enable the root admin to disallow an account from acquiring public IPs and guest VLANs from the system, if the account has dedicated resources and these dedicated resources have all been consumed. Both these configurations are configurable at the account level."
 msgstr ""

 #: ../../managing_networks.rst:733
 # 37e6f49f8b53452a8036407ad381ea12
 msgid "This feature provides you the following capabilities:"
 msgstr ""

 #: ../../managing_networks.rst:737
 # 671086ca87b14ae28c39b69fd8046953
 msgid "Reserve a VLAN range and public IP address range from an Advanced zone and assign it to an account"
 msgstr ""

 #: ../../managing_networks.rst:742
 # 404fcaa9d1b848d2ab247cce5350c281
 msgid "Disassociate a VLAN and public IP address range from an account"
 msgstr ""

 #: ../../managing_networks.rst:746
 # bd85bcf3d9394066af54e1e703ae3cf7
 msgid "View the number of public IP addresses allocated to an account"
 msgstr ""

 #: ../../managing_networks.rst:750
 # 01799c3a9b364c51b97d539c849d3394
 msgid "Check whether the required range is available and is conforms to account limits."
 msgstr ""

 #: ../../managing_networks.rst:753
 # 7716c7ee6e9a4c68bacaaafbba51a78c
 msgid "The maximum IPs per account limit cannot be superseded."
 msgstr ""

 #: ../../managing_networks.rst:756
 # 8f2fa2619671428980abde283469e00d
 msgid "Dedicating IP Address Ranges to an Account"
 msgstr ""

 #: ../../managing_networks.rst:764
 #: ../../managing_networks.rst:886
 #: ../../managing_networks.rst:2974
 # d7a82a1208db4208961df5b2bda98eb3
 # 3ac411dc4da74e0689c3e931f08d5c59
 # c74ad6e9cbee4ff685cef4af6c1a1c8a
 msgid "In the left navigation bar, click Infrastructure."
 msgstr ""

 #: ../../managing_networks.rst:768
 #: ../../managing_networks.rst:890
 # ad2d0d358fab46f69cc0e2834d1025b5
 # 06d4cbfaa106459eb58d6d9bb34a92a1
 msgid "In Zones, click View All."
 msgstr ""

 #: ../../managing_networks.rst:772
 #: ../../managing_networks.rst:894
 #: ../../managing_networks.rst:2982
 # 04e17439a9d04d8c92bace413127ce77
 # e40c006773b9414cbe8dd42bb69472d4
 # 03828d4d48bf4770bdc2328f34b55100
 msgid "Choose the zone you want to work with."
 msgstr ""

 #: ../../managing_networks.rst:780
 # b2f55880ae154ea5a38880eeeb515690
 msgid "In the Public node of the diagram, click Configure."
 msgstr ""

 #: ../../managing_networks.rst:784
 # 790579c6465f4bf88b03caf31b04e907
 msgid "Click the IP Ranges tab."
 msgstr ""

 #: ../../managing_networks.rst:786
 # 9136b3e4ca934c23806bbc7ca0ff01e5
 msgid "You can either assign an existing IP range to an account, or create a new IP range and assign to an account."
 msgstr ""

 #: ../../managing_networks.rst:791
 # be977158780a4bfca4232fc7d2573dd7
 msgid "To assign an existing IP range to an account, perform the following:"
 msgstr ""

 #: ../../managing_networks.rst:795
 # c85643e60bae4ce7a7341f72ed356343
 msgid "Locate the IP range you want to work with."
 msgstr ""

 #: ../../managing_networks.rst:799
 # 8c760073c6e140c98957ae64117cd375
 msgid "Click Add Account |addAccount-icon.png: button to assign an IP range to an account.| button."
 msgstr ""

 #: ../../managing_networks.rst:802
 # 5907d0ab73b04589b7fba68c857ad361
 msgid "The Add Account dialog is displayed."
 msgstr ""

 #: ../../managing_networks.rst:810
 # d84f7b0e62b043939a4656f457f829e7
 msgid "**Account**: The account to which you want to assign the IP address range."
 msgstr ""

 #: ../../managing_networks.rst:815
 # 54ea232ef7544939989c85cf78823ab4
 msgid "**Domain**: The domain associated with the account."
 msgstr ""

 #: ../../managing_networks.rst:817
 # cac430d036924f38a9290dde3665c841
 msgid "To create a new IP range and assign an account, perform the following:"
 msgstr ""

 #: ../../managing_networks.rst:826
 # d50191ed42ad44ee95f6167032a30c65
 msgid "**Gateway**"
 msgstr ""

 #: ../../managing_networks.rst:830
 # 13d287dfefa145e3bf443ca11ed78fa2
 msgid "**Netmask**"
 msgstr ""

 #: ../../managing_networks.rst:834
 # 2e49c1a58f4a4bfa87d30c1c449df1e3
 msgid "**VLAN**"
 msgstr ""

 #: ../../managing_networks.rst:838
 # 8ebc180647e6488db6d7419f0c96d969
 msgid "**Start IP**"
 msgstr ""

 #: ../../managing_networks.rst:842
 # 39bbcd6bce9c4acdb1dde4c134d36aee
 msgid "**End IP**"
 msgstr ""

 #: ../../managing_networks.rst:846
 # c9ff42e89acd482b839c78ede4bf72a2
 msgid "**Account**: Perform the following:"
 msgstr ""

 #: ../../managing_networks.rst:850
 # 4e8c15e78f4040da8818c60242a385f7
 msgid "Click Account."
 msgstr ""

 #: ../../managing_networks.rst:852
 # 4d16eeb78e534a4aba7b7c05c335d94a
 msgid "The Add Account page is displayed."
 msgstr ""

 #: ../../managing_networks.rst:860
 # 4fcbdb024f3c4d0e916309194ccf9796
 msgid "****Account****: The account to which you want to assign an IP address range."
 msgstr ""

 #: ../../managing_networks.rst:865
 #: ../../managing_networks.rst:930
 # 5dd4ec70717a455cb3eae0f191b2c338
 # e1b99db893e94523a9c9c6c2dca5e50a
 msgid "****Domain****: The domain associated with the account."
 msgstr ""

 #: ../../managing_networks.rst:874
 #: ../../managing_networks.rst:1919
 #: ../../managing_networks.rst:3411
 #: ../../managing_networks.rst:3511
 #: ../../managing_networks.rst:3667
 #: ../../managing_networks.rst:3899
 #: ../../managing_networks.rst:5623
 # 222bcd68057f4097804636cc658bae40
 # 583b09f47740445cae14b167a426c0d5
 # d8184c325cbe4e2989e1772dd91acd0b
 # b8bdf6dd077f48bab5be9a342447e9d8
 # 221e41362cdb48c1b692cef19b0a8218
 # f241bee872c34bcfa7d43b4601e1cb48
 # 95df29e50c984e798847dc985a455395
 msgid "Click Add."
 msgstr ""

 #: ../../managing_networks.rst:877
 # 6f5ed4ecaf104ec089964163e1e6884f
 msgid "Dedicating VLAN Ranges to an Account"
 msgstr ""

 #: ../../managing_networks.rst:881
 # 1d96f022bb0641f591f869dcdef945de
 msgid "After the CloudStack Management Server is installed, log in to the CloudStack UI as administrator."
 msgstr ""

 #: ../../managing_networks.rst:902
 #: ../../managing_networks.rst:1367
 # b7387ff7ac314fabb59c5c8adb95d64c
 # 09557ffae33041df84505184339ead4d
 msgid "In the Guest node of the diagram, click Configure."
 msgstr ""

 #: ../../managing_networks.rst:906
 # fcf27305c8cf42bcaea54b6e0d583e74
 msgid "Select the Dedicated VLAN Ranges tab."
 msgstr ""

 #: ../../managing_networks.rst:910
 # 67395673dcac45fd95c09509e40ab195
 msgid "Click Dedicate VLAN Range."
 msgstr ""

 #: ../../managing_networks.rst:912
 # ab0efa84cce7484aa1483aa86e7458e3
 msgid "The Dedicate VLAN Range dialog is displayed."
 msgstr ""

 #: ../../managing_networks.rst:920
 # 79112ed3b43d4ac9b8ffd92e5be692f1
 msgid "****VLAN Range****: The VLAN range that you want to assign to an account."
 msgstr ""

 #: ../../managing_networks.rst:925
 # a99491d184b347ae9692f3140f8507e1
 msgid "****Account****: The account to which you want to assign the selected VLAN range."
 msgstr ""

 #: ../../managing_networks.rst:933
 # fcc09f716f8d4237b77cc161171a4261
 msgid "Configuring Multiple IP Addresses on a Single NIC"
 msgstr ""

 #: ../../managing_networks.rst:935
 # a94a3710f1234c97836f59a5a07db667
 msgid "CloudStack provides you the ability to associate multiple private IP addresses per guest VM NIC. In addition to the primary IP, you can assign additional IPs to the guest VM NIC. This feature is supported on all the network configurations—Basic, Advanced, and VPC. Security Groups, Static NAT and Port forwarding services are supported on these additional IPs."
 msgstr ""

 #: ../../managing_networks.rst:942
 # 494be8c0259840fb84fb26e96d13a908
 msgid "As always, you can specify an IP from the guest subnet; if not specified, an IP is automatically picked up from the guest VM subnet. You can view the IPs associated with for each guest VM NICs on the UI. You can apply NAT on these additional guest IPs by using network configuration option in the CloudStack UI. You must specify the NIC to which the IP should be associated."
 msgstr ""

 #: ../../managing_networks.rst:949
 # 925a5eb75fe04c35bfd19b1ac2f44b7e
 msgid "This feature is supported on XenServer, KVM, and VMware hypervisors. Note that Basic zone security groups are not supported on VMware."
 msgstr ""

 #: ../../managing_networks.rst:953
 # 5ac573ae5f4345aeb143a5fcc101524d
 msgid "Use Cases"
 msgstr ""

 #: ../../managing_networks.rst:955
 # 872874841bbe414a88684eb2a0045657
 msgid "Some of the use cases are described below:"
 msgstr ""

 #: ../../managing_networks.rst:959
 # d5c27060797b4aee9174ebb56ffef918
 msgid "Network devices, such as firewalls and load balancers, generally work best when they have access to multiple IP addresses on the network interface."
 msgstr ""

 #: ../../managing_networks.rst:965
 # 24ce123387844169a49487bc30845b7a
 msgid "Moving private IP addresses between interfaces or instances. Applications that are bound to specific IP addresses can be moved between instances."
 msgstr ""

 #: ../../managing_networks.rst:971
 # 0c37cb7a4c434f399e9d45b1c2e472e9
 msgid "Hosting multiple SSL Websites on a single instance. You can install multiple SSL certificates on a single instance, each associated with a distinct IP address."
 msgstr ""

 #: ../../managing_networks.rst:976
 #: ../../managing_networks.rst:6315
 # d4f7b4962530468a906a498acca4bae2
 # 3da7bf4ad1544749bab36764d2d447ef
 msgid "Guidelines"
 msgstr ""

 #: ../../managing_networks.rst:978
 # d6caf12c9309436d9de8f99f9c7543c3
 msgid "To prevent IP conflict, configure different subnets when multiple networks are connected to the same VM."
 msgstr ""

 #: ../../managing_networks.rst:982
 # 16aeec8d7d974a11ab5270669432a394
 msgid "Assigning Additional IPs to a VM"
 msgstr ""

 #: ../../managing_networks.rst:986
 # 034b4e6e920d4b1b819935e74e2b858c
 msgid "Log in to the CloudStack UI."
 msgstr ""

 #: ../../managing_networks.rst:990
 # 6a36c11f314b4a73ae436cedecc70f5e
 msgid "In the left navigation bar, click Instances."
 msgstr ""

 #: ../../managing_networks.rst:994
 # a8208d3a66ae4646bb1c56d1ecb10311
 msgid "Click the name of the instance you want to work with."
 msgstr ""

 #: ../../managing_networks.rst:998
 # 3614c5b73e634141848b9ffd09823e34
 msgid "In the Details tab, click NICs."
 msgstr ""

 #: ../../managing_networks.rst:1002
 # 9ddaf912d7f64aa791244c3f89f4f87e
 msgid "Click View Secondary IPs."
 msgstr ""

 #: ../../managing_networks.rst:1006
 # 41a35e39fad3445a94b912212054ec76
 msgid "Click Acquire New Secondary IP, and click Yes in the confirmation dialog."
 msgstr ""

 #: ../../managing_networks.rst:1009
 # 966f02979ce94ebfad48594d314843e6
 msgid "You need to configure the IP on the guest VM NIC manually. CloudStack will not automatically configure the acquired IP address on the VM. Ensure that the IP address configuration persist on VM reboot."
 msgstr ""

 #: ../../managing_networks.rst:1013
 # 6f93e046959a4ebd9133806cbf00c179
 msgid "Within a few moments, the new IP address should appear with the state Allocated. You can now use the IP address in Port Forwarding or StaticNAT rules."
 msgstr ""

 #: ../../managing_networks.rst:1018
 # 584ea105deaf4c149e1f4a22e7c76f9c
 msgid "Port Forwarding and StaticNAT Services Changes"
 msgstr ""

 #: ../../managing_networks.rst:1020
 # 66fa989a4cf444159810d5b86fe29d71
 msgid "Because multiple IPs can be associated per NIC, you are allowed to select a desired IP for the Port Forwarding and StaticNAT services. The default is the primary IP. To enable this functionality, an extra optional parameter 'vmguestip' is added to the Port forwarding and StaticNAT APIs (enableStaticNat, createIpForwardingRule) to indicate on what IP address NAT need to be configured. If vmguestip is passed, NAT is configured on the specified private IP of the VM. if not passed, NAT is configured on the primary IP of the VM."
 msgstr ""

 #: ../../managing_networks.rst:1030
 # d56668f88c1b4778956f3e78eb0af4f3
 msgid "About Multiple IP Ranges"
 msgstr ""

 #: ../../managing_networks.rst:1032
 # a425fadff6f24df8a703773e76e1da84
 msgid "The feature can only be implemented on IPv4 addresses."
 msgstr ""

 #: ../../managing_networks.rst:1034
 # 085d7bcb306c4df9b4bcb062fa965779
 msgid "CloudStack provides you with the flexibility to add guest IP ranges from different subnets in Basic zones and security groups-enabled Advanced zones. For security groups-enabled Advanced zones, it implies multiple subnets can be added to the same VLAN. With the addition of this feature, you will be able to add IP address ranges from the same subnet or from a different one when IP address are exhausted. This would in turn allows you to employ higher number of subnets and thus reduce the address management overhead. To support this feature, the capability of ``createVlanIpRange`` API is extended to add IP ranges also from a different subnet."
 msgstr ""

 #: ../../managing_networks.rst:1045
 # a916ea5fa2a3442cac9346d464c33b3c
 msgid "Ensure that you manually configure the gateway of the new subnet before adding the IP range. Note that CloudStack supports only one gateway for a subnet; overlapping subnets are not currently supported."
 msgstr ""

 #: ../../managing_networks.rst:1049
 # 0cb128b2b4964c4c94d50a7d4f4c113d
 msgid "Use the ``deleteVlanRange`` API to delete IP ranges. This operation fails if an IP from the remove range is in use. If the remove range contains the IP address on which the DHCP server is running, CloudStack acquires a new IP from the same subnet. If no IP is available in the subnet, the remove operation fails."
 msgstr ""

 #: ../../managing_networks.rst:1055
 # 5c50556940324ae1a2c2f33b4e3be74c
 msgid "This feature is supported on KVM, xenServer, and VMware hypervisors."
 msgstr ""

 #: ../../managing_networks.rst:1058
 # 86f5b04f9bf84ff4a0162e548a43ed45
 msgid "About Elastic IP"
 msgstr ""

 #: ../../managing_networks.rst:1060
 # 1abc932ae33e4097ad9d5a7c01466858
 msgid "Elastic IP (EIP) addresses are the IP addresses that are associated with an account, and act as static IP addresses. The account owner has the complete control over the Elastic IP addresses that belong to the account. As an account owner, you can allocate an Elastic IP to a VM of your choice from the EIP pool of your account. Later if required you can reassign the IP address to a different VM. This feature is extremely helpful during VM failure. Instead of replacing the VM which is down, the IP address can be reassigned to a new VM in your account."
 msgstr ""

 #: ../../managing_networks.rst:1069
 # 6f92b16714d4455c9c0d07422b7a5278
 msgid "Similar to the public IP address, Elastic IP addresses are mapped to their associated private IP addresses by using StaticNAT. The EIP service is equipped with StaticNAT (1:1) service in an EIP-enabled basic zone. The default network offering, DefaultSharedNetscalerEIPandELBNetworkOffering, provides your network with EIP and ELB network services if a NetScaler device is deployed in your zone. Consider the following illustration for more details."
 msgstr ""

 #: ../../managing_networks.rst:1077
 # 1917b806df094374b24b204ab96801f8
 msgid "|eip-ns-basiczone.png: Elastic IP in a NetScaler-enabled Basic Zone.|"
 msgstr ""

 #: ../../managing_networks.rst:1079
 # 3b1d323c9feb4e9ba7ca76be6aaad6b2
 msgid "In the illustration, a NetScaler appliance is the default entry or exit point for the CloudStack instances, and firewall is the default entry or exit point for the rest of the data center. Netscaler provides LB services and staticNAT service to the guest networks. The guest traffic in the pods and the Management Server are on different subnets / VLANs. The policy-based routing in the data center core switch sends the public traffic through the NetScaler, whereas the rest of the data center goes through the firewall."
 msgstr ""

 #: ../../managing_networks.rst:1088
 # d73486cd06ff42a3b7ae00d650f94b85
 msgid "The EIP work flow is as follows:"
 msgstr ""

 #: ../../managing_networks.rst:1092
 # c76961037d5e4684aae701d14e8628ef
 msgid "When a user VM is deployed, a public IP is automatically acquired from the pool of public IPs configured in the zone. This IP is owned by the VM's account."
 msgstr ""

 #: ../../managing_networks.rst:1098
 # 113a0b56fa5c4d588763310f3344c045
 msgid "Each VM will have its own private IP. When the user VM starts, Static NAT is provisioned on the NetScaler device by using the Inbound Network Address Translation (INAT) and Reverse NAT (RNAT) rules between the public IP and the private IP."
 msgstr ""

 #: ../../managing_networks.rst:1103
 # 26464e6616334eba867bfbedcd8b9b32
 msgid "Inbound NAT (INAT) is a type of NAT supported by NetScaler, in which the destination IP address is replaced in the packets from the public network, such as the Internet, with the private IP address of a VM in the private network. Reverse NAT (RNAT) is a type of NAT supported by NetScaler, in which the source IP address is replaced in the packets generated by a VM in the private network with the public IP address."
 msgstr ""

 #: ../../managing_networks.rst:1107
 # c24df2c0e244417bac058ee69288159e
 msgid "This default public IP will be released in two cases:"
 msgstr ""

 #: ../../managing_networks.rst:1111
 # e69a190aa6ff4094a1376bbd1a48c806
 msgid "When the VM is stopped. When the VM starts, it again receives a new public IP, not necessarily the same one allocated initially, from the pool of Public IPs."
 msgstr ""

 #: ../../managing_networks.rst:1117
 # ae09bc75005442799a101c13ee164cfe
 msgid "The user acquires a public IP (Elastic IP). This public IP is associated with the account, but will not be mapped to any private IP. However, the user can enable Static NAT to associate this IP to the private IP of a VM in the account. The Static NAT rule for the public IP can be disabled at any time. When Static NAT is disabled, a new public IP is allocated from the pool, which is not necessarily be the same one allocated initially."
 msgstr ""

 #: ../../managing_networks.rst:1125
 # 85b2631843ed40888b2ca7fe400962fd
 msgid "For the deployments where public IPs are limited resources, you have the flexibility to choose not to allocate a public IP by default. You can use the Associate Public IP option to turn on or off the automatic public IP assignment in the EIP-enabled Basic zones. If you turn off the automatic public IP assignment while creating a network offering, only a private IP is assigned to a VM when the VM is deployed with that network offering. Later, the user can acquire an IP for the VM and enable static NAT."
 msgstr ""

 #: ../../managing_networks.rst:1134
 # 94a57e6c08fb4beeb2cc92ada6ed0e19
 msgid "For more information on the Associate Public IP option, see the Administration Guide."
 msgstr ""

 #: ../../managing_networks.rst:1137
 # 51ff3fc654054203b273f9c148ae18b5
 msgid "The Associate Public IP feature is designed only for use with user VMs. The System VMs continue to get both public IP and private by default, irrespective of the network offering configuration."
 msgstr ""

 #: ../../managing_networks.rst:1139
 # 83364c7e0dd94f759842ac386a8cac79
 msgid "New deployments which use the default shared network offering with EIP and ELB services to create a shared network in the Basic zone will continue allocating public IPs to each user VM."
 msgstr ""

 #: ../../managing_networks.rst:1144
 # 342239c2715c475b88c10804e3612a51
 msgid "Portable IPs"
 msgstr ""

 #: ../../managing_networks.rst:1147
 # dd5fc98d73bc4d75beeb09ce0439d181
 msgid "About Portable IP"
 msgstr ""

 #: ../../managing_networks.rst:1149
 # 89820f26aa2645078ccb72b82efc9dfe
 msgid "Portable IPs in CloudStack are region-level pool of IPs, which are elastic in nature, that can be transferred across geographically separated zones. As an administrator, you can provision a pool of portable public IPs at region level and are available for user consumption. The users can acquire portable IPs if admin has provisioned portable IPs at the region level they are part of. These IPs can be use for any service within an advanced zone. You can also use portable IPs for EIP services in basic zones."
 msgstr ""

 #: ../../managing_networks.rst:1158
 # bd4cf0b29f8b41b3b03e37f656c52501
 msgid "The salient features of Portable IP are as follows:"
 msgstr ""

 #: ../../managing_networks.rst:1162
 # 855ab24aced14fa18033b90699abf066
 msgid "IP is statically allocated"
 msgstr ""

 #: ../../managing_networks.rst:1166
 # 7e45d53e50814ec584c37135e430715f
 msgid "IP need not be associated with a network"
 msgstr ""

 #: ../../managing_networks.rst:1170
 # f4869a8c48e8434ea57e20c6cc65cf55
 msgid "IP association is transferable across networks"
 msgstr ""

 #: ../../managing_networks.rst:1174
 # 2f9e4bbd9a5c4a61957b15982551f2e9
 msgid "IP is transferable across both Basic and Advanced zones"
 msgstr ""

 #: ../../managing_networks.rst:1178
 # ea6d679d393d4bcfa494249d365ba374
 msgid "IP is transferable across VPC, non-VPC isolated and shared networks"
 msgstr ""

 #: ../../managing_networks.rst:1182
 # afa26b14dffe40119ee655d8132db452
 msgid "Portable IP transfer is available only for static NAT."
 msgstr ""

 #: ../../managing_networks.rst:1187
 # 671509538e074821aee5d282b4fd3822
 msgid "Before transferring to another network, ensure that no network rules (Firewall, Static NAT, Port Forwarding, and so on) exist on that portable IP."
 msgstr ""

 #: ../../managing_networks.rst:1192
 # a10fe6016ca4432d9466323adc5feafa
 msgid "Configuring Portable IPs"
 msgstr ""

 #: ../../managing_networks.rst:1200
 # 323070f73d46451b97228b1b4aadaa54
 msgid "In the left navigation, click Regions."
 msgstr ""

 #: ../../managing_networks.rst:1204
 # 428125e4de8d4140af2bbdfcd4ecc332
 msgid "Choose the Regions that you want to work with."
 msgstr ""

 #: ../../managing_networks.rst:1208
 # eed1d708ff224966a3d021ab2bc33aa6
 msgid "Click View Portable IP."
 msgstr ""

 #: ../../managing_networks.rst:1212
 # abc03c1eb418441fb10a7cf6beb37fea
 msgid "Click Portable IP Range."
 msgstr ""

 #: ../../managing_networks.rst:1214
 # 595f33e914024c0a86540527bc370258
 msgid "The Add Portable IP Range window is displayed."
 msgstr ""

 #: ../../managing_networks.rst:1222
 # ca11f239cc8449a6817014a3adcd61a0
 msgid "**Start IP/ End IP**: A range of IP addresses that are accessible from the Internet and will be allocated to guest VMs. Enter the first and last IP addresses that define a range that CloudStack can assign to guest VMs."
 msgstr ""

 #: ../../managing_networks.rst:1229
 # 6c64c167231b40a68bfe26799c8054c3
 msgid "**Gateway**: The gateway in use for the Portable IP addresses you are configuring."
 msgstr ""

 #: ../../managing_networks.rst:1234
 # 83455a09e71a4eccb3755e02bd14515c
 msgid "**Netmask**: The netmask associated with the Portable IP range."
 msgstr ""

 #: ../../managing_networks.rst:1238
 # 7b8fbceeaf074302abbd838f0e2849bf
 msgid "**VLAN**: The VLAN that will be used for public traffic."
 msgstr ""

 #: ../../managing_networks.rst:1245
 # d850eac9d4014f0dab3417fab28601f7
 msgid "Acquiring a Portable IP"
 msgstr ""

 #: ../../managing_networks.rst:1257
 #: ../../managing_networks.rst:3208
 #: ../../managing_networks.rst:3251
 #: ../../managing_networks.rst:3294
 #: ../../managing_networks.rst:3370
 # 3262a0725955438a99e78981176d092f
 # 701bcf108f834cdc9c4ea748e804dab0
 # 2859adde9cb44f6e970e1a0651717bed
 # e93c68f572f04989afefcb87f1716ec4
 # 5efad310be724f029a2e40ffd479c432
 msgid "Click the name of the network where you want to work with."
 msgstr ""

 #: ../../managing_networks.rst:1261
 #: ../../managing_networks.rst:2170
 #: ../../managing_networks.rst:3212
 #: ../../managing_networks.rst:3255
 #: ../../managing_networks.rst:3298
 #: ../../managing_networks.rst:3374
 #: ../../managing_networks.rst:3784
 # 305ab6c53fda46d8adf4a49df4f72b73
 # 3186a0f1dbbd4b36afd65ce287083ef4
 # 77cf6faa7c404c33bddce8721952e2e2
 # 6fbd7a5b4b7e4fe684956b795c3516f8
 # 6662b46aca0349ffb4f7db65473cf5a4
 # e6ede01e32f44d8d9eb51185ac8cca93
 # c003065bf88441dc838fb6ff067c1d46
 msgid "Click View IP Addresses."
 msgstr ""

 #: ../../managing_networks.rst:1265
 #: ../../managing_networks.rst:3216
 # 3cb9985604264815812c496744d99e7a
 # b3b02650cb5849d29899feb56b041267
 msgid "Click Acquire New IP."
 msgstr ""

 #: ../../managing_networks.rst:1267
 #: ../../managing_networks.rst:3218
 # 0fd88d76e0454a0aafadff6be75ab526
 # 25404011fc7044529f48e7fb157f04ed
 msgid "The Acquire New IP window is displayed."
 msgstr ""

 #: ../../managing_networks.rst:1271
 #: ../../managing_networks.rst:3222
 # ead81d2ea1984be4874b71915d73fe10
 # 6fe5747d6b7547a8918070f73c52cc78
 msgid "Specify whether you want cross-zone IP or not."
 msgstr ""

 #: ../../managing_networks.rst:1275
 # d4620b5751e246e48d4c00aca1d4a8f3
 msgid "Click Yes in the confirmation dialog."
 msgstr ""

 #: ../../managing_networks.rst:1277
 #: ../../managing_networks.rst:3230
 # 99771ddd9716455ba6a961284174f20b
 # 1ff8f2a384d445a8ba816f2443f9a096
 msgid "Within a few moments, the new IP address should appear with the state Allocated. You can now use the IP address in port forwarding or static NAT rules."
 msgstr ""

 #: ../../managing_networks.rst:1282
 # e9a2afafc0df48bcba35924913d45e73
 msgid "Transferring Portable IP"
 msgstr ""

 #: ../../managing_networks.rst:1284
 # 65ca926473184157a1cfd41612675661
 msgid "An IP can be transferred from one network to another only if Static NAT is enabled. However, when a portable IP is associated with a network, you can use it for any service in the network."
 msgstr ""

 #: ../../managing_networks.rst:1288
 # 8afb23c700a44791bb6a9fa4690d1649
 msgid "To transfer a portable IP across the networks, execute the following API:"
 msgstr ""

 #: ../../managing_networks.rst:1295
 # 55a1869308ee4aed849674dc2535b805
 msgid "Replace the UUID with appropriate UUID. For example, if you want to transfer a portable IP to network X and VM Y in a network, execute the following:"
 msgstr ""

 #: ../../managing_networks.rst:1304
 # 3afd351582954a49b746d509abba4eac
 msgid "Multiple Subnets in Shared Network"
 msgstr ""

 #: ../../managing_networks.rst:1306
 # 9a2eae7b8f84440f90cd0402d4ed0d76
 msgid "CloudStack provides you with the flexibility to add guest IP ranges from different subnets in Basic zones and security groups-enabled Advanced zones. For security groups-enabled Advanced zones, it implies multiple subnets can be added to the same VLAN. With the addition of this feature, you will be able to add IP address ranges from the same subnet or from a different one when IP address are exhausted. This would in turn allows you to employ higher number of subnets and thus reduce the address management overhead. You can delete the IP ranges you have added."
 msgstr ""

 #: ../../managing_networks.rst:1317
 #: ../../managing_networks.rst:2885
 #: ../../managing_networks.rst:3426
 # 344b838f0b0841728cb18a682c1962e2
 # ca130580b3e848d59bbd0823702a71ad
 # 9d4bbe7d6b854394bcbb260e68f1226a
 msgid "Prerequisites and Guidelines"
 msgstr ""

 #: ../../managing_networks.rst:1321
 # 231696a9da0c47e5be1d4fec098a8b7f
 msgid "This feature can only be implemented:"
 msgstr ""

 #: ../../managing_networks.rst:1325
 # e11af27c4f9b4a68aa2b824c8d51ef26
 msgid "on IPv4 addresses"
 msgstr ""

 #: ../../managing_networks.rst:1329
 # 89a310c9cc9a4cc0b046da60d4db626f
 msgid "if virtual router is the DHCP provider"
 msgstr ""

 #: ../../managing_networks.rst:1333
 # 2f901469d8a547669181457a79ea3825
 msgid "on KVM, xenServer, and VMware hypervisors"
 msgstr ""

 #: ../../managing_networks.rst:1337
 # 07ac9be1fbd949109da3f8269a75cd31
 msgid "Manually configure the gateway of the new subnet before adding the IP range."
 msgstr ""

 #: ../../managing_networks.rst:1342
 # fd0dee06ed544e709ea404a01e2141a4
 msgid "CloudStack supports only one gateway for a subnet; overlapping subnets are not currently supported"
 msgstr ""

 #: ../../managing_networks.rst:1346
 # cfe0f1c81e094655b1cf2158397f8beb
 msgid "Adding Multiple Subnets to a Shared Network"
 msgstr ""

 #: ../../managing_networks.rst:1358
 # 2239434247834913b8b23dab3f7f896d
 msgid "On Zones, click View More, then click the zone to which you want to work with.."
 msgstr ""

 #: ../../managing_networks.rst:1363
 # 52b4f5c3dc6c4c96a91c21e53b5f6ba7
 msgid "Click Physical Network."
 msgstr ""

 #: ../../managing_networks.rst:1371
 # d545de9168774122b8d39fe9b88db0f9
 msgid "Click Networks."
 msgstr ""

 #: ../../managing_networks.rst:1375
 # 201b95be96f741419b7a53c915e3da38
 msgid "Select the networks you want to work with."
 msgstr ""

 #: ../../managing_networks.rst:1379
 # b1dafa11c6dd48aaba7215933fc61640
 msgid "Click View IP Ranges."
 msgstr ""

 #: ../../managing_networks.rst:1383
 # 962df84772504a178c0760d6862328be
 msgid "Click Add IP Range."
 msgstr ""

 #: ../../managing_networks.rst:1385
 # a8c9f66de4e84e56882ecb276ca04e41
 msgid "The Add IP Range dialog is displayed, as follows:"
 msgstr ""

 #: ../../managing_networks.rst:1387
 # ae7f538d814144019a90e1b0ac6f4a3d
 msgid "|add-ip-range.png: adding an IP range to a network.|"
 msgstr ""

 #: ../../managing_networks.rst:1393
 #: ../../managing_networks.rst:5063
 # 0884d274eba74f889ae1c3abffff98dd
 # 03a1c57fd13d4fdb9f6c63ec4afcc907
 msgid "All the fields are mandatory."
 msgstr ""

 #: ../../managing_networks.rst:1397
 #: ../../managing_networks.rst:5081
 # 8da5ac3902824555b54847009a765ed7
 # fe107d12592248a982087f39da19a41a
 msgid "**Gateway**: The gateway for the tier you create. Ensure that the gateway is within the Super CIDR range that you specified while creating the VPC, and is not overlapped with the CIDR of any existing tier within the VPC."
 msgstr ""

 #: ../../managing_networks.rst:1404
 #: ../../managing_networks.rst:5098
 # d23bd452fc4d46579356f5ede9152d95
 # af646832ee3f44ebaa1213c5db09bb4a
 msgid "**Netmask**: The netmask for the tier you create."
 msgstr ""

 #: ../../managing_networks.rst:1406
 #: ../../managing_networks.rst:5100
 # 86f10e90777a4711964d8a8df3a0e45c
 # 04b52f8b675747ee8a9c73e86c123710
 msgid "For example, if the VPC CIDR is 10.0.0.0/16 and the network tier CIDR is 10.0.1.0/24, the gateway of the tier is 10.0.1.1, and the netmask of the tier is 255.255.255.0."
 msgstr ""

 #: ../../managing_networks.rst:1412
 # 3bdc377e66c842a4a3f09450a0832e67
 msgid "**Start IP/ End IP**: A range of IP addresses that are accessible from the Internet and will be allocated to guest VMs. Enter the first and last IP addresses that define a range that CloudStack can assign to guest VMs ."
 msgstr ""

 #: ../../managing_networks.rst:1422
 # b6a0de7ae6b643a3b425583d43f6163e
 msgid "Isolation in Advanced Zone Using Private VLAN"
 msgstr ""

 #: ../../managing_networks.rst:1424
 # 4f75858c33ec4279a864c4b208e29b2b
 msgid "Isolation of guest traffic in shared networks can be achieved by using Private VLANs (PVLAN). PVLANs provide Layer 2 isolation between ports within the same VLAN. In a PVLAN-enabled shared network, a user VM cannot reach other user VM though they can reach the DHCP server and gateway, this would in turn allow users to control traffic within a network and help them deploy multiple applications without communication between application as well as prevent communication with other users’ VMs."
 msgstr ""

 #: ../../managing_networks.rst:1435
 # 2b100ae9fa4e4eaea15ed0c9c965697f
 msgid "Isolate VMs in a shared networks by using Private VLANs."
 msgstr ""

 #: ../../managing_networks.rst:1439
 # 72cb21f4bdaa4f6c88f7f1253969f497
 msgid "Supported on KVM, XenServer, and VMware hypervisors"
 msgstr ""

 #: ../../managing_networks.rst:1443
 # 64e4f6f904e145cc94c88300b2f6f1ec
 msgid "PVLAN-enabled shared network can be a part of multiple networks of a guest VM."
 msgstr ""

 #: ../../managing_networks.rst:1447
 # 39b527fd98914ef4ae1f7cd5d5a083c3
 msgid "About Private VLAN"
 msgstr ""

 #: ../../managing_networks.rst:1449
 # ffcf29c6500a4e3a897fefd357efafa1
 msgid "In an Ethernet switch, a VLAN is a broadcast domain where hosts can establish direct communication with each another at Layer 2. Private VLAN is designed as an extension of VLAN standard to add further segmentation of the logical broadcast domain. A regular VLAN is a single broadcast domain, whereas a private VLAN partitions a larger VLAN broadcast domain into smaller sub-domains. A sub-domain is represented by a pair of VLANs: a Primary VLAN and a Secondary VLAN. The original VLAN that is being divided into smaller groups is called Primary, which implies that all VLAN pairs in a private VLAN share the same Primary VLAN. All the secondary VLANs exist only inside the Primary. Each Secondary VLAN has a specific VLAN ID associated to it, which differentiates one sub-domain from another."
 msgstr ""

 #: ../../managing_networks.rst:1462
 # dadf77ad95da46d29d655fa1b5c88836
 msgid "Three types of ports exist in a private VLAN domain, which essentially determine the behaviour of the participating hosts. Each ports will have its own unique set of rules, which regulate a connected host's ability to communicate with other connected host within the same private VLAN domain. Configure each host that is part of a PVLAN pair can be by using one of these three port designation:"
 msgstr ""

 #: ../../managing_networks.rst:1471
 # 338ab35c29694e549d0f63e57cf3ecfc
 msgid "**Promiscuous**: A promiscuous port can communicate with all the interfaces, including the community and isolated host ports that belong to the secondary VLANs. In Promiscuous mode, hosts are connected to promiscuous ports and are able to communicate directly with resources on both primary and secondary VLAN. Routers, DHCP servers, and other trusted devices are typically attached to promiscuous ports."
 msgstr ""

 #: ../../managing_networks.rst:1481
 # 1eb75b61178b4a8da29196b19e0755f1
 msgid "**Isolated VLANs**: The ports within an isolated VLAN cannot communicate with each other at the layer-2 level. The hosts that are connected to Isolated ports can directly communicate only with the Promiscuous resources. If your customer device needs to have access only to a gateway router, attach it to an isolated port."
 msgstr ""

 #: ../../managing_networks.rst:1489
 # 3c344baffb3649a3a99b4762947818ae
 msgid "**Community VLANs**: The ports within a community VLAN can communicate with each other and with the promiscuous ports, but they cannot communicate with the ports in other communities at the layer-2 level. In a Community mode, direct communication is permitted only with the hosts in the same community and those that are connected to the Primary PVLAN in promiscuous mode. If your customer has two devices that need to be isolated from other customers' devices, but to be able to communicate among themselves, deploy them in community ports."
 msgstr ""

 #: ../../managing_networks.rst:1499
 # a10ac6622d024e57899b845f7e847140
 msgid "For further reading:"
 msgstr ""

 #: ../../managing_networks.rst:1503
 # 5efde3c2b6894bd387b0f388d8bdeae3
 msgid "`Understanding Private VLANs <http://www.cisco.com/en/US/docs/switches/lan/catalyst3750/software/release/12.2_25_see/configuration/guide/swpvlan.html#wp1038379>`__"
 msgstr ""

 #: ../../managing_networks.rst:1508
 # 02596ab9a4bd47daaed6a4272e786d9a
 msgid "`Cisco Systems' Private VLANs: Scalable Security in a Multi-Client Environment <http://tools.ietf.org/html/rfc5517>`__"
 msgstr ""

 #: ../../managing_networks.rst:1513
 # 886e828c09384218b5bd4f8cd224d968
 msgid "`Private VLAN (PVLAN) on vNetwork Distributed Switch - Concept Overview (1010691) <http://kb.vmware.com>`__"
 msgstr ""

 #: ../../managing_networks.rst:1521
 # 6cb7c445963a491caff15981fe0b4ce4
 msgid "Use a PVLAN supported switch."
 msgstr ""

 #: ../../managing_networks.rst:1523
 # f7f97cd16eb24ff588d513c2d34ff289
 msgid "See `Private VLAN Catalyst Switch Support Matrix <http://www.cisco.com/en/US/products/hw/switches/ps708/products_tech_note09186a0080094830.shtml>`__\\ for more information."
 msgstr ""

 #: ../../managing_networks.rst:1529
 # 09e5467647fd4eb6af74a6c1cb65b159
 msgid "All the layer 2 switches, which are PVLAN-aware, are connected to each other, and one of them is connected to a router. All the ports connected to the host would be configured in trunk mode. Open Management VLAN, Primary VLAN (public) and Secondary Isolated VLAN ports. Configure the switch port connected to the router in PVLAN promiscuous trunk mode, which would translate an isolated VLAN to primary VLAN for the PVLAN-unaware router."
 msgstr ""

 #: ../../managing_networks.rst:1537
 # 3eb08525c8114e1fade9c52b44c14c59
 msgid "Note that only Cisco Catalyst 4500 has the PVLAN promiscuous trunk mode to connect both normal VLAN and PVLAN to a PVLAN-unaware switch. For the other Catalyst PVLAN support switch, connect the switch to upper switch by using cables, one each for a PVLAN pair."
 msgstr ""

 #: ../../managing_networks.rst:1544
 # e9c74dd366ef45f1be1d0793986d7f73
 msgid "Configure private VLAN on your physical switches out-of-band."
 msgstr ""

 #: ../../managing_networks.rst:1548
 # 2ecc130e165749aba238d52a9a7f2486
 msgid "Before you use PVLAN on XenServer and KVM, enable Open vSwitch (OVS)."
 msgstr ""

 #: ../../managing_networks.rst:1550
 # 030698129200435e9f708d7cb120c98b
 msgid "OVS on XenServer and KVM does not support PVLAN natively. Therefore, CloudStack managed to simulate PVLAN on OVS for XenServer and KVM by modifying the flow table."
 msgstr ""

 #: ../../managing_networks.rst:1553
 # f6a73d4d4c73444dbf0a403921b5aa74
 msgid "Creating a PVLAN-Enabled Guest Network"
 msgstr ""

 #: ../../managing_networks.rst:1613
 # 740911b6b7d14c93bb243f861cbde303
 msgid "**Secondary Isolated VLAN ID**: The unique ID of the Secondary Isolated VLAN."
 msgstr ""

 #: ../../managing_networks.rst:1616
 # 33d01a6c72b3484991970c439ebe1b80
 msgid "For the description on Secondary Isolated VLAN, see `Section 15.14.1, “About Private VLAN” <#about-pvlan>`__."
 msgstr ""

 #: ../../managing_networks.rst:1679
 # 2c24eb1bc100495989166e76788319c0
 msgid "Security Groups"
 msgstr ""

 #: ../../managing_networks.rst:1682
 # d331348078ea4de8a8dc8471c9cc3cce
 msgid "About Security Groups"
 msgstr ""

 #: ../../managing_networks.rst:1684
 # f34bf064d0114b288f2f55f17a25f84a
 msgid "Security groups provide a way to isolate traffic to VMs. A security group is a group of VMs that filter their incoming and outgoing traffic according to a set of rules, called ingress and egress rules. These rules filter network traffic according to the IP address that is attempting to communicate with the VM. Security groups are particularly useful in zones that use basic networking, because there is a single guest network for all guest VMs. In advanced zones, security groups are supported only on the KVM hypervisor."
 msgstr ""

 #: ../../managing_networks.rst:1693
 # 5e82a09d657a4767acec9f22d782de51
 msgid "In a zone that uses advanced networking, you can instead define multiple guest networks to isolate traffic to VMs."
 msgstr ""

 #: ../../managing_networks.rst:1695
 # 79f27644dfcf4cf788bba960a7f3b5bf
 msgid "Each CloudStack account comes with a default security group that denies all inbound traffic and allows all outbound traffic. The default security group can be modified so that all new VMs inherit some other desired set of rules."
 msgstr ""

 #: ../../managing_networks.rst:1700
 # baa28941d5194fae811bbd88c61df125
 msgid "Any CloudStack user can set up any number of additional security groups. When a new VM is launched, it is assigned to the default security group unless another user-defined security group is specified. A VM can be a member of any number of security groups. Once a VM is assigned to a security group, it remains in that group for its entire lifetime; you can not move a running VM from one security group to another."
 msgstr ""

 #: ../../managing_networks.rst:1707
 # de98d0c1571a4cc18032b6472947663b
 msgid "You can modify a security group by deleting or adding any number of ingress and egress rules. When you do, the new rules apply to all VMs in the group, whether running or stopped."
 msgstr ""

 #: ../../managing_networks.rst:1711
 # 6e7dbedd8ee140e1ad567e65c7ff552d
 msgid "If no ingress rules are specified, then no traffic will be allowed in, except for responses to any traffic that has been allowed out through an egress rule."
 msgstr ""

 #: ../../managing_networks.rst:1716
 # 50b80901d7c24d66a23e838b0f4293d3
 msgid "Adding a Security Group"
 msgstr ""

 #: ../../managing_networks.rst:1718
 # f870c727a4ba4b5fafdca88cc7a4b660
 msgid "A user or administrator can define a new security group."
 msgstr ""

 #: ../../managing_networks.rst:1726
 #: ../../managing_networks.rst:1803
 # 2bd568db435b4894a6594bdabb71b71f
 # ec651383a1084a9bb247059b0cb38cc8
 msgid "In the left navigation, choose Network"
 msgstr ""

 #: ../../managing_networks.rst:1730
 # 20641ac9b26d48a8a2af8025a38b3550
 msgid "In Select view, choose Security Groups."
 msgstr ""

 #: ../../managing_networks.rst:1734
 # 3b8b48dea99749bf821c45bf85f5edce
 msgid "Click Add Security Group."
 msgstr ""

 #: ../../managing_networks.rst:1738
 # da5c74165969469d9c2395eaaa3f94e6
 msgid "Provide a name and description."
 msgstr ""

 #: ../../managing_networks.rst:1744
 # cebb13c23de64a278615d79e7d92b3bc
 msgid "The new security group appears in the Security Groups Details tab."
 msgstr ""

 #: ../../managing_networks.rst:1748
 # b0f1a7c4f9d74d0cbf905c6ce03546b8
 msgid "To make the security group useful, continue to Adding Ingress and Egress Rules to a Security Group."
 msgstr ""

 #: ../../managing_networks.rst:1752
 # 0c59765ee0c64629952434a87beb9d81
 msgid "Security Groups in Advanced Zones (KVM Only)"
 msgstr ""

 #: ../../managing_networks.rst:1754
 # 33c22ff2d84d4c149fb2a3ba75f8689f
 msgid "CloudStack provides the ability to use security groups to provide isolation between guests on a single shared, zone-wide network in an advanced zone where KVM is the hypervisor. Using security groups in advanced zones rather than multiple VLANs allows a greater range of options for setting up guest isolation in a cloud."
 msgstr ""

 #: ../../managing_networks.rst:1760
 # 0d98099524ba4909b604a7399ffc1bd8
 msgid "Limitations: The following are not supported for this feature:"
 msgstr ""

 #: ../../managing_networks.rst:1764
 # cfee500d52ad40699096b1a8e4e389c1
 msgid "Two IP ranges with the same VLAN and different gateway or netmask in security group-enabled shared network."
 msgstr ""

 #: ../../managing_networks.rst:1769
 # 6246185f1f154f93875963e698243930
 msgid "Two IP ranges with the same VLAN and different gateway or netmask in account-specific shared networks."
 msgstr ""

 #: ../../managing_networks.rst:1774
 # 1d7c154fd0c34eaf9711d6ec05f84dee
 msgid "Multiple VLAN ranges in security group-enabled shared network."
 msgstr ""

 #: ../../managing_networks.rst:1778
 # d31b3ceda7e84ff09119957ddcbbdf2b
 msgid "Multiple VLAN ranges in account-specific shared networks."
 msgstr ""

 #: ../../managing_networks.rst:1780
 # 6eeb1f2182894bc383d39cb1f701fb27
 msgid "Security groups must be enabled in the zone in order for this feature to be used."
 msgstr ""

 #: ../../managing_networks.rst:1784
 # d9c879f6880c426dbe5cc14699e86c87
 msgid "Enabling Security Groups"
 msgstr ""

 #: ../../managing_networks.rst:1786
 # 6038307bd32f4032b2cf2283627e5084
 msgid "In order for security groups to function in a zone, the security groups feature must first be enabled for the zone. The administrator can do this when creating a new zone, by selecting a network offering that includes security groups. The procedure is described in Basic Zone Configuration in the Advanced Installation Guide. The administrator can not enable security groups for an existing zone, only when creating a new zone."
 msgstr ""

 #: ../../managing_networks.rst:1795
 # 9239428930ac475c8787a1fa5c7b5852
 msgid "Adding Ingress and Egress Rules to a Security Group"
 msgstr ""

 #: ../../managing_networks.rst:1807
 # 1dabe90dfbf742b1ad863dda6a7370cf
 msgid "In Select view, choose Security Groups, then click the security group you want ."
 msgstr ""

 #: ../../managing_networks.rst:1812
 # 14c6cdb0f76f4e5bafb8a8247c89a3f5
 msgid "To add an ingress rule, click the Ingress Rules tab and fill out the following fields to specify what network traffic is allowed into VM instances in this security group. If no ingress rules are specified, then no traffic will be allowed in, except for responses to any traffic that has been allowed out through an egress rule."
 msgstr ""

 #: ../../managing_networks.rst:1820
 # dbc6db6a8f164564b90b36fb8600f6c4
 msgid "**Add by CIDR/Account**. Indicate whether the source of the traffic will be defined by IP address (CIDR) or an existing security group in a CloudStack account (Account). Choose Account if you want to allow incoming traffic from all VMs in another security group"
 msgstr ""

 #: ../../managing_networks.rst:1828
 # c7404bcf0635456b924a7d4461860444
 msgid "**Protocol**. The networking protocol that sources will use to send traffic to the security group. TCP and UDP are typically used for data exchange and end-user communications. ICMP is typically used to send error messages or network monitoring data."
 msgstr ""

 #: ../../managing_networks.rst:1835
 # 553fb9fc05c647d38e4c15f2ccbb5123
 msgid "**Start Port, End Port**. (TCP, UDP only) A range of listening ports that are the destination for the incoming traffic. If you are opening a single port, use the same number in both fields."
 msgstr ""

 #: ../../managing_networks.rst:1841
 # f1ac0dd3df2a46ad8b321cc49981a565
 msgid "**ICMP Type, ICMP Code**. (ICMP only) The type of message and error code that will be accepted."
 msgstr ""

 #: ../../managing_networks.rst:1846
 # 4b14903d5adb4c9a8301a393218c0fe9
 msgid "**CIDR**. (Add by CIDR only) To accept only traffic from IP addresses within a particular address block, enter a CIDR or a comma-separated list of CIDRs. The CIDR is the base IP address of the incoming traffic. For example, 192.168.0.0/22. To allow all CIDRs, set to 0.0.0.0/0."
 msgstr ""

 #: ../../managing_networks.rst:1854
 # c1561e01a67747a699e6e8f0b8d265a1
 msgid "**Account, Security Group**. (Add by Account only) To accept only traffic from another security group, enter the CloudStack account and name of a security group that has already been defined in that account. To allow traffic between VMs within the security group you are editing now, enter the same name you used in step 7."
 msgstr ""

 #: ../../managing_networks.rst:1860
 # 04916ecc9b4840d8804edbc1bb1bc4f7
 msgid "The following example allows inbound HTTP access from anywhere:"
 msgstr ""

 #: ../../managing_networks.rst:1862
 # 10d3ac32eaec4653a69e66dd007f355a
 msgid "|httpaccess.png: allows inbound HTTP access from anywhere|"
 msgstr ""

 #: ../../managing_networks.rst:1866
 # f0c00b232e4347b19d537a01dae35eac
 msgid "To add an egress rule, click the Egress Rules tab and fill out the following fields to specify what type of traffic is allowed to be sent out of VM instances in this security group. If no egress rules are specified, then all traffic will be allowed out. Once egress rules are specified, the following types of traffic are allowed out: traffic specified in egress rules; queries to DNS and DHCP servers; and responses to any traffic that has been allowed in through an ingress rule"
 msgstr ""

 #: ../../managing_networks.rst:1877
 # 0e14fad2168c4e78b9fc5a5da9f303f4
 msgid "**Add by CIDR/Account**. Indicate whether the destination of the traffic will be defined by IP address (CIDR) or an existing security group in a CloudStack account (Account). Choose Account if you want to allow outgoing traffic to all VMs in another security group."
 msgstr ""

 #: ../../managing_networks.rst:1885
 # 1a02e526bf804681aaddd5d1f0ed1ce9
 msgid "**Protocol**. The networking protocol that VMs will use to send outgoing traffic. TCP and UDP are typically used for data exchange and end-user communications. ICMP is typically used to send error messages or network monitoring data."
 msgstr ""

 #: ../../managing_networks.rst:1892
 # b0ec41fcd32641b3944750fc36979e9a
 msgid "**Start Port, End Port**. (TCP, UDP only) A range of listening ports that are the destination for the outgoing traffic. If you are opening a single port, use the same number in both fields."
 msgstr ""

 #: ../../managing_networks.rst:1898
 # f1360ae9661b4df29243b766c0bb4aa2
 msgid "**ICMP Type, ICMP Code**. (ICMP only) The type of message and error code that will be sent"
 msgstr ""

 #: ../../managing_networks.rst:1903
 # 350a113cb8dd4f31994777cc4fb0bd62
 msgid "**CIDR**. (Add by CIDR only) To send traffic only to IP addresses within a particular address block, enter a CIDR or a comma-separated list of CIDRs. The CIDR is the base IP address of the destination. For example, 192.168.0.0/22. To allow all CIDRs, set to 0.0.0.0/0."
 msgstr ""

 #: ../../managing_networks.rst:1911
 # 0a29a66f07214b4db9dde4958f6b9ce8
 msgid "**Account, Security Group**. (Add by Account only) To allow traffic to be sent to another security group, enter the CloudStack account and name of a security group that has already been defined in that account. To allow traffic between VMs within the security group you are editing now, enter its name."
 msgstr ""

 #: ../../managing_networks.rst:1922
 # 9703c00d7003480993587ff39b757c8e
 msgid "External Firewalls and Load Balancers"
 msgstr ""

 #: ../../managing_networks.rst:1924
 # f80e67cfaf2b4e8ba6fe5e89961f1604
 msgid "CloudStack is capable of replacing its Virtual Router with an external Juniper SRX device and an optional external NetScaler or F5 load balancer for gateway and load balancing services. In this case, the VMs use the SRX as their gateway."
 msgstr ""

 #: ../../managing_networks.rst:1930
 # ae5fe8317334469fadbdb5e10bfb6484
 msgid "About Using a NetScaler Load Balancer"
 msgstr ""

 #: ../../managing_networks.rst:1932
 # e93ff8055f5c45e397a20a5eec844c9d
 msgid "Citrix NetScaler is supported as an external network element for load balancing in zones that use isolated networking in advanced zones. Set up an external load balancer when you want to provide load balancing through means other than CloudStack’s provided virtual router."
 msgstr ""

 #: ../../managing_networks.rst:1937
 # b35f57f9209f4a39bca7644428cc5471
 msgid "In a Basic zone, load balancing service is supported only if Elastic IP or Elastic LB services are enabled."
 msgstr ""

 #: ../../managing_networks.rst:1939
 # 432354c2478043e585e3be569496f81f
 msgid "When NetScaler load balancer is used to provide EIP or ELB services in a Basic zone, ensure that all guest VM traffic must enter and exit through the NetScaler device. When inbound traffic goes through the NetScaler device, traffic is routed by using the NAT protocol depending on the EIP/ELB configured on the public IP to the private IP. The traffic that is originated from the guest VMs usually goes through the layer 3 router. To ensure that outbound traffic goes through NetScaler device providing EIP/ELB, layer 3 router must have a policy-based routing. A policy-based route must be set up so that all traffic originated from the guest VM's are directed to NetScaler device. This is required to ensure that the outbound traffic from the guest VM's is routed to a public IP by using NAT.For more information on Elastic IP, see `Section 15.11, “About Elastic IP” <#elastic-ip>`__."
 msgstr ""

 #: ../../managing_networks.rst:1953
 # c55b5331d1654661ba6a8b891a476d7b
 msgid "The NetScaler can be set up in direct (outside the firewall) mode. It must be added before any load balancing rules are deployed on guest VMs in the zone."
 msgstr ""

 #: ../../managing_networks.rst:1957
 # 820e88370085451ab81b601ac5092dac
 msgid "The functional behavior of the NetScaler with CloudStack is the same as described in the CloudStack documentation for using an F5 external load balancer. The only exception is that the F5 supports routing domains, and NetScaler does not. NetScaler can not yet be used as a firewall."
 msgstr ""

 #: ../../managing_networks.rst:1962
 # bd46111da3364f82a10dafe9f0493719
 msgid "To install and enable an external load balancer for CloudStack management, see `Section 13.5.4, “External Guest Load Balancer Integration (Optional)” <#external-guest-lb-integration>`__."
 msgstr ""

 #: ../../managing_networks.rst:1966
 # 3d1489d6890045afa4bf8363cde00c85
 msgid "The Citrix NetScaler comes in three varieties. The following table summarizes how these variants are treated in CloudStack."
 msgstr ""

 #: ../../managing_networks.rst:1970
 # 2927f19bf6bb4d3bb378a8577b25625a
 msgid "NetScaler ADC Type"
 msgstr ""

 #: ../../managing_networks.rst:1970
 # 2b1a2bad59464e32bb278dabdccd5e47
 msgid "Description of Capabilities                    CloudStack Supported Features"
 msgstr ""

 #: ../../managing_networks.rst:1972
 # 39c4c063dc7a4318a25731f69953f77f
 msgid "MPX"
 msgstr ""

 #: ../../managing_networks.rst:1972
 # ea198bf147554fa7a44f413842a7cf5b
 msgid "Physical appliance. Capable of deep packet inspection. Can act as application firewall and load balancer."
 msgstr ""

 #: ../../managing_networks.rst:1972
 # a333a75371ca4e3bbcf547d8ad6f5c02
 msgid "In advanced zones, load balancer functionality fully supported without limitation. In basic zones, static NAT, elastic IP (EIP), and elastic load balancing (ELB) are also provided."
 msgstr ""

 #: ../../managing_networks.rst:1973
 # 3ed6562f8db44f62838fe4626dfc5b42
 msgid "VPX"
 msgstr ""

 #: ../../managing_networks.rst:1973
 # ddd9e04881a14b22854e0d68d62da1fd
 msgid "Virtual appliance. Can run as VM on XenServer, ESXi, and Hyper-V hypervisors. Same functionality as MPX."
 msgstr ""

 #: ../../managing_networks.rst:1973
 # 6d6c6be8254042c58f42881bf458f16a
 msgid "Supported on ESXi and XenServer. Same functional support as for MPX. CloudStack will treat VPX and MPX as the same device type."
 msgstr ""

 #: ../../managing_networks.rst:1974
 # 5c01f29af8d747a8bd66543d6871ebff
 msgid "SDX"
 msgstr ""

 #: ../../managing_networks.rst:1974
 # 242fb2a841c945aa93d42db46483f206
 msgid "Physical appliance. Can create multiple fully isolated VPX instances on a single appliance to support multi-tenant usage"
 msgstr ""

 #: ../../managing_networks.rst:1974
 # 18dac2747b4240b4a97a950679f07e9b
 msgid "CloudStack will dynamically provision, configure, and manage the life cycle of VPX instances on the SDX. Provisioned instances are added into CloudStack automatically – no manual configuration by the administrator is required. Once a VPX instance is added into CloudStack, it is treated the same as a VPX on an ESXi host."
 msgstr ""

 #: ../../managing_networks.rst:1978
 # ac9fa52a18d4459aa785bbf9fa582470
 msgid "Configuring SNMP Community String on a RHEL Server"
 msgstr ""

 #: ../../managing_networks.rst:1980
 # 3f04d5be0b624710a9353ea54e5f6cd4
 msgid "The SNMP Community string is similar to a user id or password that provides access to a network device, such as router. This string is sent along with all SNMP requests. If the community string is correct, the device responds with the requested information. If the community string is incorrect, the device discards the request and does not respond."
 msgstr ""

 #: ../../managing_networks.rst:1986
 # ae292ca0b1c54168812d01ef32f1ab3f
 msgid "The NetScaler device uses SNMP to communicate with the VMs. You must install SNMP and configure SNMP Community string for a secure communication between the NetScaler device and the RHEL machine."
 msgstr ""

 #: ../../managing_networks.rst:1992
 # 6a8596f21b7440bfb1f7c8eb2bfc8628
 msgid "Ensure that you installed SNMP on RedHat. If not, run the following command:"
 msgstr ""

 #: ../../managing_networks.rst:2001
 # e86f60a54a14414296b44f545df45ecb
 msgid "Edit the /etc/snmp/snmpd.conf file to allow the SNMP polling from the NetScaler device."
 msgstr ""

 #: ../../managing_networks.rst:2006
 # c7ae2f4b80e448589a7324e9160cc098
 msgid "Map the community name into a security name (local and mynetwork, depending on where the request is coming from):"
 msgstr ""

 #: ../../managing_networks.rst:2009
 # 82d2e1366fcb407292043214ee132fd0
 msgid "Use a strong password instead of public when you edit the following table."
 msgstr ""

 #: ../../managing_networks.rst:2017
 # a60077478293466090acdec3a98361b3
 msgid "Setting to 0.0.0.0 allows all IPs to poll the NetScaler server."
 msgstr ""

 #: ../../managing_networks.rst:2021
 # dde16e249ba84f859fe076f1169b118b
 msgid "Map the security names into group names:"
 msgstr ""

 #: ../../managing_networks.rst:2033
 # 74b3e712da4d47a3b29ca52d3fe14e7d
 msgid "Create a view to allow the groups to have the permission to:"
 msgstr ""

 #: ../../managing_networks.rst:2041
 # d114649652ac478097b5ba7219ecd9b1
 msgid "Grant access with different write permissions to the two groups to the view you created."
 msgstr ""

 #: ../../managing_networks.rst:2052
 # 35e6d3349499465981e06188c2545f91
 msgid "Unblock SNMP in iptables."
 msgstr ""

 #: ../../managing_networks.rst:2060
 # 06ec2d8329bb44eca854ac9124a54ac2
 msgid "Start the SNMP service:"
 msgstr ""

 #: ../../managing_networks.rst:2068
 # 620bd58e847546af8ec5eee6f1df392f
 msgid "Ensure that the SNMP service is started automatically during the system startup:"
 msgstr ""

 #: ../../managing_networks.rst:2076
 # 459a59b07c9a487bb876fb3570027f56
 msgid "Initial Setup of External Firewalls and Load Balancers"
 msgstr ""

 #: ../../managing_networks.rst:2078
 # bcccbb4ccd2742e988440761c1c97c3d
 msgid "When the first VM is created for a new account, CloudStack programs the external firewall and load balancer to work with the VM. The following objects are created on the firewall:"
 msgstr ""

 #: ../../managing_networks.rst:2084
 # b2a4387bb61a40b2a674374748325e75
 msgid "A new logical interface to connect to the account's private VLAN. The interface IP is always the first IP of the account's private subnet (e.g. 10.1.1.1)."
 msgstr ""

 #: ../../managing_networks.rst:2090
 # 73a0ab4e7e52401893fb6876bddfa3c1
 msgid "A source NAT rule that forwards all outgoing traffic from the account's private VLAN to the public Internet, using the account's public IP address as the source address"
 msgstr ""

 #: ../../managing_networks.rst:2096
 # a91c17a9a27744d590cca5c8ae83e4f3
 msgid "A firewall filter counter that measures the number of bytes of outgoing traffic for the account"
 msgstr ""

 #: ../../managing_networks.rst:2099
 # a969e661812f4c76a64517563139bc46
 msgid "The following objects are created on the load balancer:"
 msgstr ""

 #: ../../managing_networks.rst:2103
 # 70a41496c1d8446eb94f4846d5f48807
 msgid "A new VLAN that matches the account's provisioned Zone VLAN"
 msgstr ""

 #: ../../managing_networks.rst:2107
 # 2c7b27d0b7ba4358879882aecb0f85b2
 msgid "A self IP for the VLAN. This is always the second IP of the account's private subnet (e.g. 10.1.1.2)."
 msgstr ""

 #: ../../managing_networks.rst:2111
 # f331ea1b60734e7e9cf00688be8a014a
 msgid "Ongoing Configuration of External Firewalls and Load Balancers"
 msgstr ""

 #: ../../managing_networks.rst:2113
 # 283a3ee82af240268e7f73eee64568cc
 msgid "Additional user actions (e.g. setting a port forward) will cause further programming of the firewall and load balancer. A user may request additional public IP addresses and forward traffic received at these IPs to specific VMs. This is accomplished by enabling static NAT for a public IP address, assigning the IP to a VM, and specifying a set of protocols and port ranges to open. When a static NAT rule is created, CloudStack programs the zone's external firewall with the following objects:"
 msgstr ""

 #: ../../managing_networks.rst:2124
 # 7f37822b183846029b22d982605df64a
 msgid "A static NAT rule that maps the public IP address to the private IP address of a VM."
 msgstr ""

 #: ../../managing_networks.rst:2129
 # 04d5cfd64b5a49ca87e10c965ebcbbe8
 msgid "A security policy that allows traffic within the set of protocols and port ranges that are specified."
 msgstr ""

 #: ../../managing_networks.rst:2134
 # b32ae655c9424e7aa37228b3b21d1b57
 msgid "A firewall filter counter that measures the number of bytes of incoming traffic to the public IP."
 msgstr ""

 #: ../../managing_networks.rst:2137
 # cd8452f768c14fdd8fbd4e7432ae4f05
 msgid "The number of incoming and outgoing bytes through source NAT, static NAT, and load balancing rules is measured and saved on each external element. This data is collected on a regular basis and stored in the CloudStack database."
 msgstr ""

 #: ../../managing_networks.rst:2143
 # ad1eac1dba114d83a1aef1f71f058a04
 msgid "Load Balancer Rules"
 msgstr ""

 #: ../../managing_networks.rst:2145
 # 7705d32d38f54ae985f6e0d7cdbe4094
 msgid "A CloudStack user or administrator may create load balancing rules that balance traffic received at a public IP to one or more VMs. A user creates a rule, specifies an algorithm, and assigns the rule to a set of VMs."
 msgstr ""

 #: ../../managing_networks.rst:2150
 # 711015b6ce824631aa25054b86e45fd5
 msgid "If you create load balancing rules while using a network service offering that includes an external load balancer device such as NetScaler, and later change the network service offering to one that uses the CloudStack virtual router, you must create a firewall rule on the virtual router for each of your existing load balancing rules so that they continue to function."
 msgstr ""

 #: ../../managing_networks.rst:2153
 # b1392c053235469d9db00ff277fe4081
 msgid "Adding a Load Balancer Rule"
 msgstr ""

 #: ../../managing_networks.rst:2165
 # a9769f3aee3741018069f035a314faec
 msgid "Click the name of the network where you want to load balance the traffic."
 msgstr ""

 #: ../../managing_networks.rst:2174
 #: ../../managing_networks.rst:6224
 #: ../../managing_networks.rst:6616
 # e7820b855f9a4bdc825b874af1ee74ac
 # 57f9df7d52c143248cee80215df6b361
 # f15c85d6dc1d4b1da943709cbeb66d6e
 msgid "Click the IP address for which you want to create the rule, then click the Configuration tab."
 msgstr ""

 #: ../../managing_networks.rst:2179
 #: ../../managing_networks.rst:6229
 # 7882de69bd334597b436f05ffb59daa7
 # 8271af5525f04c1399625a2ae00356f3
 msgid "In the Load Balancing node of the diagram, click View All."
 msgstr ""

 #: ../../managing_networks.rst:2181
 # 4361d1b583104cc89c442cd88c0522c4
 msgid "In a Basic zone, you can also create a load balancing rule without acquiring or selecting an IP address. CloudStack internally assign an IP when you create the load balancing rule, which is listed in the IP Addresses page when the rule is created."
 msgstr ""

 #: ../../managing_networks.rst:2186
 # 4a94254b17ed4ec39f2315e6a888fb5a
 msgid "To do that, select the name of the network, then click Add Load Balancer tab. Continue with `7 <#config-lb>`__."
 msgstr ""

 #: ../../managing_networks.rst:2191
 #: ../../managing_networks.rst:3648
 # 9ee5e7cec16645afac9aaaaff13a496c
 # 657c6d30f6814207ba6bd9d39da07f82
 msgid "Fill in the following:"
 msgstr ""

 #: ../../managing_networks.rst:2195
 #: ../../managing_networks.rst:6241
 #: ../../managing_networks.rst:6497
 # c407a31e5baa4fad9d35127bff1b7daa
 # d76bf4093eba4a98af63df8739a8e847
 # e45e3c4b92ee4267b003f94314d91095
 msgid "**Name**: A name for the load balancer rule."
 msgstr ""

 #: ../../managing_networks.rst:2199
 # 86b0b5a5cb264775a51f8c349e910dbe
 msgid "**Public Port**: The port receiving incoming traffic to be balanced."
 msgstr ""

 #: ../../managing_networks.rst:2204
 #: ../../managing_networks.rst:6250
 # 009ab0a02f2749b3875ebca762117055
 # aab69f01a8cb47409f9590eb9521467f
 msgid "**Private Port**: The port that the VMs will use to receive the traffic."
 msgstr ""

 #: ../../managing_networks.rst:2209
 # a01e2f1dc4fd49108b0d7ba3e2ae529e
 msgid "**Algorithm**: Choose the load balancing algorithm you want CloudStack to use. CloudStack supports a variety of well-known algorithms. If you are not familiar with these choices, you will find plenty of information about them on the Internet."
 msgstr ""

 #: ../../managing_networks.rst:2216
 # 997d16371c9e465699db38061283e6b4
 msgid "**Stickiness**: (Optional) Click Configure and choose the algorithm for the stickiness policy. See Sticky Session Policies for Load Balancer Rules."
 msgstr ""

 #: ../../managing_networks.rst:2222
 # 18519de60f3f473c83ac612b5fad495c
 msgid "**AutoScale**: Click Configure and complete the AutoScale configuration as explained in `Section 15.16.6, “Configuring AutoScale” <#autoscale>`__."
 msgstr ""

 #: ../../managing_networks.rst:2228
 # 3908f0ca791a42debbb0585189fb7c1e
 msgid "**Health Check**: (Optional; NetScaler load balancers only) Click Configure and fill in the characteristics of the health check policy. See `Section 15.16.5.3, “Health Checks for Load Balancer Rules” <#health-checks-for-lb-rules>`__."
 msgstr ""

 #: ../../managing_networks.rst:2235
 # 2879252f32f34f539751be82bf984014
 msgid "**Ping path (Optional)**: Sequence of destinations to which to send health check queries. Default: / (all)."
 msgstr ""

 #: ../../managing_networks.rst:2240
 # a8debc6dcd7145d7afebfc88d610080e
 msgid "**Response time (Optional)**: How long to wait for a response from the health check (2 - 60 seconds). Default: 5 seconds."
 msgstr ""

 #: ../../managing_networks.rst:2245
 # 8fc593a6bc1348d28c5ad36ef1ee55b2
 msgid "**Interval time (Optional)**: Amount of time between health checks (1 second - 5 minutes). Default value is set in the global configuration parameter lbrule\\_health check\\_time\\_interval."
 msgstr ""

 #: ../../managing_networks.rst:2252
 # 6d4cfb962ee94044af1572953fdaad0f
 msgid "**Healthy threshold (Optional)**: Number of consecutive health check successes that are required before declaring an instance healthy. Default: 2."
 msgstr ""

 #: ../../managing_networks.rst:2258
 # be452bfbd60c44ee89f3cacb209f6879
 msgid "**Unhealthy threshold (Optional)**: Number of consecutive health check failures that are required before declaring an instance unhealthy. Default: 10."
 msgstr ""

 #: ../../managing_networks.rst:2264
 # 457c998fe4d6462bab0cb048fd076832
 msgid "Click Add VMs, then select two or more VMs that will divide the load of incoming traffic, and click Apply."
 msgstr ""

 #: ../../managing_networks.rst:2267
 # 820fdad3c2f04d08aab271b8010f13fb
 msgid "The new load balancer rule appears in the list. You can repeat these steps to add more load balancer rules for this IP address."
 msgstr ""

 #: ../../managing_networks.rst:2271
 # 76399c00e68f42168b802e6ddff1fb49
 msgid "Sticky Session Policies for Load Balancer Rules"
 msgstr ""

 #: ../../managing_networks.rst:2273
 # 1b0830c090eb4231b808b590bc10dd15
 msgid "Sticky sessions are used in Web-based applications to ensure continued availability of information across the multiple requests in a user's session. For example, if a shopper is filling a cart, you need to remember what has been purchased so far. The concept of \"stickiness\" is also referred to as persistence or maintaining state."
 msgstr ""

 #: ../../managing_networks.rst:2279
 # 89d324559b614ee8916fe9d09229e529
 msgid "Any load balancer rule defined in CloudStack can have a stickiness policy. The policy consists of a name, stickiness method, and parameters. The parameters are name-value pairs or flags, which are defined by the load balancer vendor. The stickiness method could be load balancer-generated cookie, application-generated cookie, or source-based. In the source-based method, the source IP address is used to identify the user and locate the user’s stored data. In the other methods, cookies are used. The cookie generated by the load balancer or application is included in request and response URLs to create persistence. The cookie name can be specified by the administrator or automatically generated. A variety of options are provided to control the exact behavior of cookies, such as how they are generated and whether they are cached."
 msgstr ""

 #: ../../managing_networks.rst:2293
 # 8ac187f8411440ac922c801d4fd2171e
 msgid "For the most up to date list of available stickiness methods, see the CloudStack UI or call listNetworks and check the SupportedStickinessMethods capability."
 msgstr ""

 #: ../../managing_networks.rst:2298
 # d4666e89faf1441f96dac55fcaa4010f
 msgid "Health Checks for Load Balancer Rules"
 msgstr ""

 #: ../../managing_networks.rst:2300
 # ed1c6c49e9804202a2791f6dbf88fead
 msgid "(NetScaler load balancer only; requires NetScaler version 10.0)"
 msgstr ""

 #: ../../managing_networks.rst:2302
 # 4e756b5788bb4edbb5189cd1de10fe72
 msgid "Health checks are used in load-balanced applications to ensure that requests are forwarded only to running, available services. When creating a load balancer rule, you can specify a health check policy. This is in addition to specifying the stickiness policy, algorithm, and other load balancer rule options. You can configure one health check policy per load balancer rule."
 msgstr ""

 #: ../../managing_networks.rst:2309
 # d4587d4fb2ec4c1782622d46fca4b609
 msgid "Any load balancer rule defined on a NetScaler load balancer in CloudStack can have a health check policy. The policy consists of a ping path, thresholds to define \"healthy\" and \"unhealthy\" states, health check frequency, and timeout wait interval."
 msgstr ""

 #: ../../managing_networks.rst:2314
 # fada8ec075ce48a3915f6a674da4ecce
 msgid "When a health check policy is in effect, the load balancer will stop forwarding requests to any resources that are found to be unhealthy. If the resource later becomes available again, the periodic health check will discover it, and the resource will once again be added to the pool of resources that can receive requests from the load balancer. At any given time, the most recent result of the health check is displayed in the UI. For any VM that is attached to a load balancer rule with a health check configured, the state will be shown as UP or DOWN in the UI depending on the result of the most recent health check."
 msgstr ""

 #: ../../managing_networks.rst:2324
 # 7a1f1e9599b14a929b0eb739ba5b1ed6
 msgid "You can delete or modify existing health check policies."
 msgstr ""

 #: ../../managing_networks.rst:2326
 # 242bd90478da46a3874cacc3c3fe8e44
 msgid "To configure how often the health check is performed by default, use the global configuration setting healthcheck.update.interval (default value is 600 seconds). You can override this value for an individual health check policy."
 msgstr ""

 #: ../../managing_networks.rst:2331
 # 50015277b8b2447f9cc7b404b78076ad
 msgid "For details on how to set a health check policy using the UI, see `Section 15.16.5.1, “Adding a Load Balancer Rule” <#add-load-balancer-rule>`__."
 msgstr ""

 #: ../../managing_networks.rst:2336
 # 495d9aad900b49139757decdcd3e1fd0
 msgid "Configuring AutoScale"
 msgstr ""

 #: ../../managing_networks.rst:2338
 # b63acaedf38e4084922d0ed1738a096c
 msgid "AutoScaling allows you to scale your back-end services or application VMs up or down seamlessly and automatically according to the conditions you define. With AutoScaling enabled, you can ensure that the number of VMs you are using seamlessly scale up when demand increases, and automatically decreases when demand subsides. Thus it helps you save compute costs by terminating underused VMs automatically and launching new VMs when you need them, without the need for manual intervention."
 msgstr ""

 #: ../../managing_networks.rst:2346
 # 7c16ef30187f4e528f9e696fdb6a13a2
 msgid "NetScaler AutoScaling is designed to seamlessly launch or terminate VMs based on user-defined conditions. Conditions for triggering a scaleup or scaledown action can vary from a simple use case like monitoring the CPU usage of a server to a complex use case of monitoring a combination of server's responsiveness and its CPU usage. For example, you can configure AutoScaling to launch an additional VM whenever CPU usage exceeds 80 percent for 15 minutes, or to remove a VM whenever CPU usage is less than 20 percent for 30 minutes."
 msgstr ""

 #: ../../managing_networks.rst:2355
 # 80978f0a46614c2388d8939eed46efe8
 msgid "CloudStack uses the NetScaler load balancer to monitor all aspects of a system's health and work in unison with CloudStack to initiate scale-up or scale-down actions."
 msgstr ""

 #: ../../managing_networks.rst:2359
 # 7afb1d7436404cfd95447514fc260dc2
 msgid "AutoScale is supported on NetScaler Release 10 Build 74.4006.e and beyond."
 msgstr ""

 #: ../../managing_networks.rst:2361
 # 51240e4bba6843c59ae0708261e1f840
 msgid "**Prerequisites**: Before you configure an AutoScale rule, consider the following:"
 msgstr ""

 #: ../../managing_networks.rst:2365
 # 277e8d5e18a44c6a8294bd45157ea092
 msgid "Ensure that the necessary template is prepared before configuring AutoScale. When a VM is deployed by using a template and when it comes up, the application should be up and running."
 msgstr ""

 #: ../../managing_networks.rst:2369
 # 737813324b7c4d178b04393d1999b2bc
 msgid "If the application is not running, the NetScaler device considers the VM as ineffective and continues provisioning the VMs unconditionally until the resource limit is exhausted."
 msgstr ""

 #: ../../managing_networks.rst:2373
 # 5143a191f2974e27b72c984bf972c957
 msgid "Deploy the templates you prepared. Ensure that the applications come up on the first boot and is ready to take the traffic. Observe the time requires to deploy the template. Consider this time when you specify the quiet time while configuring AutoScale."
 msgstr ""

 #: ../../managing_networks.rst:2380
 # 2fb2c481526e4dacbc3d8658f102c054
 msgid "The AutoScale feature supports the SNMP counters that can be used to define conditions for taking scale up or scale down actions. To monitor the SNMP-based counter, ensure that the SNMP agent is installed in the template used for creating the AutoScale VMs, and the SNMP operations work with the configured SNMP community and port by using standard SNMP managers. For example, see `Section 15.16.2, “Configuring SNMP Community String on a RHEL Server” <#configure-snmp-rhel>`__ to configure SNMP on a RHEL machine."
 msgstr ""

 #: ../../managing_networks.rst:2392
 # 596a2d14b50c4e298970de7db5c4d19b
 msgid "Ensure that the endpointe.url parameter present in the Global Settings is set to the Management Server API URL. For example, http://10.102.102.22:8080/client/api. In a multi-node Management Server deployment, use the virtual IP address configured in the load balancer for the management server’s cluster. Additionally, ensure that the NetScaler device has access to this IP address to provide AutoScale support."
 msgstr ""

 #: ../../managing_networks.rst:2400
 # 59583fe0dfc14e2db8bcc23629da18e3
 msgid "If you update the endpointe.url, disable the AutoScale functionality of the load balancer rules in the system, then enable them back to reflect the changes. For more information see `Updating an AutoScale Configuration <#update-autoscale>`__"
 msgstr ""

 #: ../../managing_networks.rst:2407
 # 06073879472f4da9bd08b00591d0cb40
 msgid "If the API Key and Secret Key are regenerated for an AutoScale user, ensure that the AutoScale functionality of the load balancers that the user participates in are disabled and then enabled to reflect the configuration changes in the NetScaler."
 msgstr ""

 #: ../../managing_networks.rst:2414
 # 019b533b8504424fac6d7aca7a0eef69
 msgid "In an advanced Zone, ensure that at least one VM should be present before configuring a load balancer rule with AutoScale. Having one VM in the network ensures that the network is in implemented state for configuring AutoScale."
 msgstr ""

 #: ../../managing_networks.rst:2419
 # 6cf79ca1b7bb4329a6e3794bd3bb6640
 msgid "**Configuration**: Specify the following:"
 msgstr ""

 #: ../../managing_networks.rst:2421
 # 06eb944130db406d86f9d8d4f0f5201f
 msgid "|autoscaleateconfig.png: Configuring AutoScale|"
 msgstr ""

 #: ../../managing_networks.rst:2425
 # b20309b302124634a79102396066cfc9
 msgid "**Template**: A template consists of a base OS image and application. A template is used to provision the new instance of an application on a scaleup action. When a VM is deployed from a template, the VM can start taking the traffic from the load balancer without any admin intervention. For example, if the VM is deployed for a Web service, it should have the Web server running, the database connected, and so on."
 msgstr ""

 #: ../../managing_networks.rst:2435
 # d1dea3f6825c4703a43d71cdc7414e04
 msgid "**Compute offering**: A predefined set of virtual hardware attributes, including CPU speed, number of CPUs, and RAM size, that the user can select when creating a new virtual machine instance. Choose one of the compute offerings to be used while provisioning a VM instance as part of scaleup action."
 msgstr ""

 #: ../../managing_networks.rst:2443
 # 977cac13b43548b893cd8d3b9263a434
 msgid "**Min Instance**: The minimum number of active VM instances that is assigned to a load balancing rule. The active VM instances are the application instances that are up and serving the traffic, and are being load balanced. This parameter ensures that a load balancing rule has at least the configured number of active VM instances are available to serve the traffic."
 msgstr ""

 #: ../../managing_networks.rst:2450
 # 5e6b6bcdd4c24696a9891de65ee28e82
 msgid "If an application, such as SAP, running on a VM instance is down for some reason, the VM is then not counted as part of Min Instance parameter, and the AutoScale feature initiates a scaleup action if the number of active VM instances is below the configured value. Similarly, when an application instance comes up from its earlier down state, this application instance is counted as part of the active instance count and the AutoScale process initiates a scaledown action when the active instance count breaches the Max instance value."
 msgstr ""

 #: ../../managing_networks.rst:2454
 # 274bc08434344f26bf553ccdc8e6bbd2
 msgid "**Max Instance**: Maximum number of active VM instances that **should be assigned to**\\ a load balancing rule. This parameter defines the upper limit of active VM instances that can be assigned to a load balancing rule."
 msgstr ""

 #: ../../managing_networks.rst:2459
 # fa8765ac9c4e4d00b6201068667e656e
 msgid "Specifying a large value for the maximum instance parameter might result in provisioning large number of VM instances, which in turn leads to a single load balancing rule exhausting the VM instances limit specified at the account or domain level."
 msgstr ""

 #: ../../managing_networks.rst:2464
 # c9355e7ca89d4ccc9d33697630f9c9ce
 msgid "If an application, such as SAP, running on a VM instance is down for some reason, the VM is not counted as part of Max Instance parameter. So there may be scenarios where the number of VMs provisioned for a scaleup action might be more than the configured Max Instance value. Once the application instances in the VMs are up from an earlier down state, the AutoScale feature starts aligning to the configured Max Instance value."
 msgstr ""

 #: ../../managing_networks.rst:2466
 # 862fa403b3ae4078b2c5fad84f20c904
 msgid "Specify the following scale-up and scale-down policies:"
 msgstr ""

 #: ../../managing_networks.rst:2470
 # e1f66b823478416ab7c99e5e853481e1
 msgid "**Duration**: The duration, in seconds, for which the conditions you specify must be true to trigger a scaleup action. The conditions defined should hold true for the entire duration you specify for an AutoScale action to be invoked."
 msgstr ""

 #: ../../managing_networks.rst:2477
 # de56c7c414204d218c9bea6a7fcf7344
 msgid "**Counter**: The performance counters expose the state of the monitored instances. By default, CloudStack offers four performance counters: Three SNMP counters and one NetScaler counter. The SNMP counters are Linux User CPU, Linux System CPU, and Linux CPU Idle. The NetScaler counter is ResponseTime. The root administrator can add additional counters into CloudStack by using the CloudStack API."
 msgstr ""

 #: ../../managing_networks.rst:2486
 # f5b266cdeebc49f99553c773fbb856ec
 msgid "**Operator**: The following five relational operators are supported in AutoScale feature: Greater than, Less than, Less than or equal to, Greater than or equal to, and Equal to."
 msgstr ""

 #: ../../managing_networks.rst:2492
 # 32828b689ff84e5bb31b059d21354910
 msgid "**Threshold**: Threshold value to be used for the counter. Once the counter defined above breaches the threshold value, the AutoScale feature initiates a scaleup or scaledown action."
 msgstr ""

 #: ../../managing_networks.rst:2498
 # 3cda244cb6b14b7fa2e15a48acb8b16d
 msgid "**Add**: Click Add to add the condition."
 msgstr ""

 #: ../../managing_networks.rst:2500
 # 1e835d8f1a6c4e388d57d52753d3a8b8
 msgid "Additionally, if you want to configure the advanced settings, click Show advanced settings, and specify the following:"
 msgstr ""

 #: ../../managing_networks.rst:2505
 # 5b7ba989669e4a40afb252e27e1fc081
 msgid "**Polling interval**: Frequency in which the conditions, combination of counter, operator and threshold, are to be evaluated before taking a scale up or down action. The default polling interval is 30 seconds."
 msgstr ""

 #: ../../managing_networks.rst:2512
 # 89516f03f6a94946ad2d2947d84e248b
 msgid "**Quiet Time**: This is the cool down period after an AutoScale action is initiated. The time includes the time taken to complete provisioning a VM instance from its template and the time taken by an application to be ready to serve traffic. This quiet time allows the fleet to come up to a stable state before any action can take place. The default is 300 seconds."
 msgstr ""

 #: ../../managing_networks.rst:2521
 # 8d8f688a8c5f4fc8953fc72bbb6fa60e
 msgid "**Destroy VM Grace Period**: The duration in seconds, after a scaledown action is initiated, to wait before the VM is destroyed as part of scaledown action. This is to ensure graceful close of any pending sessions or transactions being served by the VM marked for destroy. The default is 120 seconds."
 msgstr ""

 #: ../../managing_networks.rst:2529
 # 6fd80b96ba7b43e9986930a454605054
 msgid "**Security Groups**: Security groups provide a way to isolate traffic to the VM instances. A security group is a group of VMs that filter their incoming and outgoing traffic according to a set of rules, called ingress and egress rules. These rules filter network traffic according to the IP address that is attempting to communicate with the VM."
 msgstr ""

 #: ../../managing_networks.rst:2538
 # 29394085111d4034a57c010959b35f52
 msgid "**Disk Offerings**: A predefined set of disk size for primary data storage."
 msgstr ""

 #: ../../managing_networks.rst:2543
 # 1f96f023591543e8bd947f88ef3b1050
 msgid "**SNMP Community**: The SNMP community string to be used by the NetScaler device to query the configured counter value from the provisioned VM instances. Default is public."
 msgstr ""

 #: ../../managing_networks.rst:2549
 # 821ca4f7b9eb46fdb6f1e55753fbae4f
 msgid "**SNMP Port**: The port number on which the SNMP agent that run on the provisioned VMs is listening. Default port is 161."
 msgstr ""

 #: ../../managing_networks.rst:2554
 # 6383878e27b5486196bb94eda0e78311
 msgid "**User**: This is the user that the NetScaler device use to invoke scaleup and scaledown API calls to the cloud. If no option is specified, the user who configures AutoScaling is applied. Specify another user name to override."
 msgstr ""

 #: ../../managing_networks.rst:2561
 # 2d0400bf625c40e5b507fe7a2a386fe3
 msgid "**Apply**: Click Apply to create the AutoScale configuration."
 msgstr ""

 #: ../../managing_networks.rst:2563
 # 5571267d05444e769accce5b8bdb476a
 msgid "**Disabling and Enabling an AutoScale Configuration**"
 msgstr ""

 #: ../../managing_networks.rst:2565
 # a73ffd802f50465da3992613e2fd33ce
 msgid "If you want to perform any maintenance operation on the AutoScale VM instances, disable the AutoScale configuration. When the AutoScale configuration is disabled, no scaleup or scaledown action is performed. You can use this downtime for the maintenance activities. To disable the AutoScale configuration, click the Disable AutoScale |EnableDisable.png: button to enable or disable AutoScale.| button."
 msgstr ""

 #: ../../managing_networks.rst:2572
 # 93c6d4e3c8c549b6846a3295c5edd0d9
 msgid "The button toggles between enable and disable, depending on whether AutoScale is currently enabled or not. After the maintenance operations are done, you can enable the AutoScale configuration back. To enable, open the AutoScale configuration page again, then click the Enable AutoScale |EnableDisable.png: button to enable or disable AutoScale.| button."
 msgstr ""

 #: ../../managing_networks.rst:2579
 # be28357183b6411393f82cd2c72b5010
 msgid "**Updating an AutoScale Configuration**"
 msgstr ""

 #: ../../managing_networks.rst:2581
 # 9773eec58a9e4bb1b7870b150f73375a
 msgid "You can update the various parameters and add or delete the conditions in a scaleup or scaledown rule. Before you update an AutoScale configuration, ensure that you disable the AutoScale load balancer rule by clicking the Disable AutoScale button."
 msgstr ""

 #: ../../managing_networks.rst:2586
 # 08d983f7467a4f88b2f0327cb7e70ae6
 msgid "After you modify the required AutoScale parameters, click Apply. To apply the new AutoScale policies, open the AutoScale configuration page again, then click the Enable AutoScale button."
 msgstr ""

 #: ../../managing_networks.rst:2590
 # 7cbd0d57e0eb44bfa39e96ceb5882808
 msgid "**Runtime Considerations**"
 msgstr ""

 #: ../../managing_networks.rst:2594
 # 441f7052cbd94e9da209c4ae56f9188e
 msgid "An administrator should not assign a VM to a load balancing rule which is configured for AutoScale."
 msgstr ""

 #: ../../managing_networks.rst:2599
 # f50e274f34b349e4b1a475e82d6b27a0
 msgid "Before a VM provisioning is completed if NetScaler is shutdown or restarted, the provisioned VM cannot be a part of the load balancing rule though the intent was to assign it to a load balancing rule. To workaround, rename the AutoScale provisioned VMs based on the rule name or ID so at any point of time the VMs can be reconciled to its load balancing rule."
 msgstr ""

 #: ../../managing_networks.rst:2608
 # 5863fd77df844d8abfc0eb5b54113a9b
 msgid "Making API calls outside the context of AutoScale, such as destroyVM, on an autoscaled VM leaves the load balancing configuration in an inconsistent state. Though VM is destroyed from the load balancer rule, NetScaler continues to show the VM as a service assigned to a rule."
 msgstr ""

 #: ../../managing_networks.rst:2615
 # 05ac2f1b191343dfbe9766bc0a12a5eb
 msgid "Global Server Load Balancing Support"
 msgstr ""

 #: ../../managing_networks.rst:2617
 # dc875268ac1f420f95d0b8a997b1edac
 msgid "CloudStack supports Global Server Load Balancing (GSLB) functionalities to provide business continuity, and enable seamless resource movement within a CloudStack environment. CloudStack achieve this by extending its functionality of integrating with NetScaler Application Delivery Controller (ADC), which also provides various GSLB capabilities, such as disaster recovery and load balancing. The DNS redirection technique is used to achieve GSLB in CloudStack."
 msgstr ""

 #: ../../managing_networks.rst:2625
 # df9e3461363043e6aa13a4bf8dc2cf8e
 msgid "In order to support this functionality, region level services and service provider are introduced. A new service 'GSLB' is introduced as a region level service. The GSLB service provider is introduced that will provider the GSLB service. Currently, NetScaler is the supported GSLB provider in CloudStack. GSLB functionality works in an Active-Active data center environment."
 msgstr ""

 #: ../../managing_networks.rst:2633
 # 66668f01260b42868bfd989b8ec41aec
 msgid "About Global Server Load Balancing"
 msgstr ""

 #: ../../managing_networks.rst:2635
 # beef05e70dc142608a052c66fe71bde8
 msgid "Global Server Load Balancing (GSLB) is an extension of load balancing functionality, which is highly efficient in avoiding downtime. Based on the nature of deployment, GSLB represents a set of technologies that is used for various purposes, such as load sharing, disaster recovery, performance, and legal obligations. With GSLB, workloads can be distributed across multiple data centers situated at geographically separated locations. GSLB can also provide an alternate location for accessing a resource in the event of a failure, or to provide a means of shifting traffic easily to simplify maintenance, or both."
 msgstr ""

 #: ../../managing_networks.rst:2646
 # 6f6103c3a53e4f1cb222b9afd2dcb902
 msgid "Components of GSLB"
 msgstr ""

 #: ../../managing_networks.rst:2648
 # 8b8a51e12bdd4107865ac3a367c5d94c
 msgid "A typical GSLB environment is comprised of the following components:"
 msgstr ""

 #: ../../managing_networks.rst:2652
 # 24d395f518ba4bc6acbde4a7f3524765
 msgid "**GSLB Site**: In CloudStack terminology, GSLB sites are represented by zones that are mapped to data centers, each of which has various network appliances. Each GSLB site is managed by a NetScaler appliance that is local to that site. Each of these appliances treats its own site as the local site and all other sites, managed by other appliances, as remote sites. It is the central entity in a GSLB deployment, and is represented by a name and an IP address."
 msgstr ""

 #: ../../managing_networks.rst:2662
 # 3adc636819414d66a23bac457844c029
 msgid "**GSLB Services**: A GSLB service is typically represented by a load balancing or content switching virtual server. In a GSLB environment, you can have a local as well as remote GSLB services. A local GSLB service represents a local load balancing or content switching virtual server. A remote GSLB service is the one configured at one of the other sites in the GSLB setup. At each site in the GSLB setup, you can create one local GSLB service and any number of remote GSLB services."
 msgstr ""

 #: ../../managing_networks.rst:2673
 # 7b6395ad205c425b996b1e5add0ff8d5
 msgid "**GSLB Virtual Servers**: A GSLB virtual server refers to one or more GSLB services and balances traffic between traffic across the VMs in multiple zones by using the CloudStack functionality. It evaluates the configured GSLB methods or algorithms to select a GSLB service to which to send the client requests. One or more virtual servers from different zones are bound to the GSLB virtual server. GSLB virtual server does not have a public IP associated with it, instead it will have a FQDN DNS name."
 msgstr ""

 #: ../../managing_networks.rst:2684
 # e3e856d634e6456c93aff9131bbe3741
 msgid "**Load Balancing or Content Switching Virtual Servers**: According to Citrix NetScaler terminology, a load balancing or content switching virtual server represents one or many servers on the local network. Clients send their requests to the load balancing or content switching virtual server’s virtual IP (VIP) address, and the virtual server balances the load across the local servers. After a GSLB virtual server selects a GSLB service representing either a local or a remote load balancing or content switching virtual server, the client sends the request to that virtual server’s VIP address."
 msgstr ""

 #: ../../managing_networks.rst:2696
 # c5a7dc8ecc384cbc9122a87ac691fb60
 msgid "**DNS VIPs**: DNS virtual IP represents a load balancing DNS virtual server on the GSLB service provider. The DNS requests for domains for which the GSLB service provider is authoritative can be sent to a DNS VIP."
 msgstr ""

 #: ../../managing_networks.rst:2703
 # f5267941251d49dab69cee3c751f2a73
 msgid "**Authoritative DNS**: ADNS (Authoritative Domain Name Server) is a service that provides actual answer to DNS queries, such as web site IP address. In a GSLB environment, an ADNS service responds only to DNS requests for domains for which the GSLB service provider is authoritative. When an ADNS service is configured, the service provider owns that IP address and advertises it. When you create an ADNS service, the NetScaler responds to DNS queries on the configured ADNS service IP and port."
 msgstr ""

 #: ../../managing_networks.rst:2713
 # cc2d753e713a478a81de5da6e6c98ed0
 msgid "How Does GSLB Works in CloudStack?"
 msgstr ""

 #: ../../managing_networks.rst:2715
 # c98da292c6334f3ca648a149ebdc8824
 msgid "Global server load balancing is used to manage the traffic flow to a web site hosted on two separate zones that ideally are in different geographic locations. The following is an illustration of how GLSB functionality is provided in CloudStack: An organization, xyztelco, has set up a public cloud that spans two zones, Zone-1 and Zone-2, across geographically separated data centers that are managed by CloudStack. Tenant-A of the cloud launches a highly available solution by using xyztelco cloud. For that purpose, they launch two instances each in both the zones: VM1 and VM2 in Zone-1 and VM5 and VM6 in Zone-2. Tenant-A acquires a public IP, IP-1 in Zone-1, and configures a load balancer rule to load balance the traffic between VM1 and VM2 instances. CloudStack orchestrates setting up a virtual server on the LB service provider in Zone-1. Virtual server 1 that is set up on the LB service provider in Zone-1 represents a publicly accessible virtual server that client reaches at IP-1. The client traffic to virtual server 1 at IP-1 will be load balanced across VM1 and VM2 instances."
 msgstr ""

 #: ../../managing_networks.rst:2732
 # ffa6856e30584d38a6f24079acff4661
 msgid "Tenant-A acquires another public IP, IP-2 in Zone-2 and sets up a load balancer rule to load balance the traffic between VM5 and VM6 instances. Similarly in Zone-2, CloudStack orchestrates setting up a virtual server on the LB service provider. Virtual server 2 that is setup on the LB service provider in Zone-2 represents a publicly accessible virtual server that client reaches at IP-2. The client traffic that reaches virtual server 2 at IP-2 is load balanced across VM5 and VM6 instances. At this point Tenant-A has the service enabled in both the zones, but has no means to set up a disaster recovery plan if one of the zone fails. Additionally, there is no way for Tenant-A to load balance the traffic intelligently to one of the zones based on load, proximity and so on. The cloud administrator of xyztelco provisions a GSLB service provider to both the zones. A GSLB provider is typically an ADC that has the ability to act as an ADNS (Authoritative Domain Name Server) and has the mechanism to monitor health of virtual servers both at local and remote sites. The cloud admin enables GSLB as a service to the tenants that use zones 1 and 2."
 msgstr ""

 #: ../../managing_networks.rst:2750
 # 3a73c9ef3d7f4ebeb3911bd3563d8387
 msgid "|gslb.png: GSLB architecture|"
 msgstr ""

 #: ../../managing_networks.rst:2752
 # 6e23027e34d34f4a936236b981c7bcf6
 msgid "Tenant-A wishes to leverage the GSLB service provided by the xyztelco cloud. Tenant-A configures a GSLB rule to load balance traffic across virtual server 1 at Zone-1 and virtual server 2 at Zone-2. The domain name is provided as A.xyztelco.com. CloudStack orchestrates setting up GSLB virtual server 1 on the GSLB service provider at Zone-1. CloudStack binds virtual server 1 of Zone-1 and virtual server 2 of Zone-2 to GLSB virtual server 1. GSLB virtual server 1 is configured to start monitoring the health of virtual server 1 and 2 in Zone-1. CloudStack will also orchestrate setting up GSLB virtual server 2 on GSLB service provider at Zone-2. CloudStack will bind virtual server 1 of Zone-1 and virtual server 2 of Zone-2 to GLSB virtual server 2. GSLB virtual server 2 is configured to start monitoring the health of virtual server 1 and 2. CloudStack will bind the domain A.xyztelco.com to both the GSLB virtual server 1 and 2. At this point, Tenant-A service will be globally reachable at A.xyztelco.com. The private DNS server for the domain xyztelcom.com is configured by the admin out-of-band to resolve the domain A.xyztelco.com to the GSLB providers at both the zones, which are configured as ADNS for the domain A.xyztelco.com. A client when sends a DNS request to resolve A.xyztelcom.com, will eventually get DNS delegation to the address of GSLB providers at zone 1 and 2. A client DNS request will be received by the GSLB provider. The GSLB provider, depending on the domain for which it needs to resolve, will pick up the GSLB virtual server associated with the domain. Depending on the health of the virtual servers being load balanced, DNS request for the domain will be resolved to the public IP associated with the selected virtual server."
 msgstr ""

 #: ../../managing_networks.rst:2780
 # 3151e8ac0c36496686ae21c2163aa04b
 msgid "Configuring GSLB"
 msgstr ""

 #: ../../managing_networks.rst:2782
 # f59f84c71a354830be5b56db8ff8dac9
 msgid "To configure a GSLB deployment, you must first configure a standard load balancing setup for each zone. This enables you to balance load across the different servers in each zone in the region. Then on the NetScaler side, configure both NetScaler appliances that you plan to add to each zone as authoritative DNS (ADNS) servers. Next, create a GSLB site for each zone, configure GSLB virtual servers for each site, create GLSB services, and bind the GSLB services to the GSLB virtual servers. Finally, bind the domain to the GSLB virtual servers. The GSLB configurations on the two appliances at the two different zones are identical, although each sites load-balancing configuration is specific to that site."
 msgstr ""

 #: ../../managing_networks.rst:2794
 # 99bb0093d2e94a7a86b614949e37a273
 msgid "Perform the following as a cloud administrator. As per the example given above, the administrator of xyztelco is the one who sets up GSLB:"
 msgstr ""

 #: ../../managing_networks.rst:2799
 # 1885a58567b74c5fb1d24b27d68606d1
 msgid "In the cloud.dns.name global parameter, specify the DNS name of your tenant's cloud that make use of the GSLB service."
 msgstr ""

 #: ../../managing_networks.rst:2804
 # 3a7b005c2a8f4371abec8d107ec7567a
 msgid "On the NetScaler side, configure GSLB as given in `Configuring Global Server Load Balancing (GSLB) <http://support.citrix.com/proddocs/topic/netscaler-traffic-management-10-map/ns-gslb-config-con.html>`__:"
 msgstr ""

 #: ../../managing_networks.rst:2810
 # ad1e67d3c4ba4a4dbcc2c9f9f8312a2e
 msgid "Configuring a standard load balancing setup."
 msgstr ""

 #: ../../managing_networks.rst:2814
 # cf2cce5b485d4677862f4dfa37cca3e2
 msgid "Configure Authoritative DNS, as explained in `Configuring an Authoritative DNS Service <http://support.citrix.com/proddocs/topic/netscaler-traffic-management-10-map/ns-gslb-config-adns-svc-tsk.html>`__."
 msgstr ""

 #: ../../managing_networks.rst:2820
 # 28a6a8facbb74d048b3446698e7c3a28
 msgid "Configure a GSLB site with site name formed from the domain name details."
 msgstr ""

 #: ../../managing_networks.rst:2823
 # 23d7169514304f03b20f0dcdd7d85560
 msgid "Configure a GSLB site with the site name formed from the domain name."
 msgstr ""

 #: ../../managing_networks.rst:2826
 # abdfa71791a446fa8c4807a164a963ca
 msgid "As per the example given above, the site names are A.xyztelco.com and B.xyztelco.com."
 msgstr ""

 #: ../../managing_networks.rst:2829
 # 0c7009166c264415a54730db14b1aa5d
 msgid "For more information, see `Configuring a Basic GSLB Site <http://support.citrix.com/proddocs/topic/netscaler-traffic-management-10-map/ns-gslb-config-basic-site-tsk.html>`__."
 msgstr ""

 #: ../../managing_networks.rst:2834
 # c87d7d53d0a94969ada1b51cdefa6a1d
 msgid "Configure a GSLB virtual server."
 msgstr ""

 #: ../../managing_networks.rst:2836
 # e8a2089685594e79ad6db6881d235b51
 msgid "For more information, see `Configuring a GSLB Virtual Server <http://support.citrix.com/proddocs/topic/netscaler-traffic-management-10-map/ns-gslb-config-vsvr-tsk.html>`__."
 msgstr ""

 #: ../../managing_networks.rst:2841
 # 418139183cf14fc4bb75d67dbd5675ca
 msgid "Configure a GSLB service for each virtual server."
 msgstr ""

 #: ../../managing_networks.rst:2843
 # c3924a1ee80541e59d938ffb33b3b2fe
 msgid "For more information, see `Configuring a GSLB Service <http://support.citrix.com/proddocs/topic/netscaler-traffic-management-10-map/ns-gslb-config-svc-tsk.html>`__."
 msgstr ""

 #: ../../managing_networks.rst:2848
 # 4d37328cd36748f68e4c010cb5530462
 msgid "Bind the GSLB services to the GSLB virtual server."
 msgstr ""

 #: ../../managing_networks.rst:2850
 # 0f19756a99664403b711b3b295586263
 msgid "For more information, see `Binding GSLB Services to a GSLB Virtual Server <http://support.citrix.com/proddocs/topic/netscaler-traffic-management-10-map/ns-gslb-bind-svc-vsvr-tsk.html>`__."
 msgstr ""

 #: ../../managing_networks.rst:2855
 # 4870e604797d45d6954809f1324494d4
 msgid "Bind domain name to GSLB virtual server. Domain name is obtained from the domain details."
 msgstr ""

 #: ../../managing_networks.rst:2858
 # 978097bf4e2743f2a424be8138ae67b8
 msgid "For more information, see `Binding a Domain to a GSLB Virtual Server <http://support.citrix.com/proddocs/topic/netscaler-traffic-management-10-map/ns-gslb-bind-dom-vsvr-tsk.html>`__."
 msgstr ""

 #: ../../managing_networks.rst:2863
 # 60ee91d3c6484a30807687dd847bc57b
 msgid "In each zone that are participating in GSLB, add GSLB-enabled NetScaler device."
 msgstr ""

 #: ../../managing_networks.rst:2866
 # 454bfde53cc944eb8ca917bf70b648df
 msgid "For more information, see `Section 15.17.2.2, “Enabling GSLB in NetScaler” <#enable-glsb-ns>`__."
 msgstr ""

 #: ../../managing_networks.rst:2869
 # fd694dfa87e64107ade55d98d13c9dd2
 msgid "As a domain administrator/ user perform the following:"
 msgstr ""

 #: ../../managing_networks.rst:2873
 # b2a0dae4dd9f46918c3e14aa88ac0f76
 msgid "Add a GSLB rule on both the sites."
 msgstr ""

 #: ../../managing_networks.rst:2875
 # 1284b054b7634c8caf28360652e7aadf
 msgid "See `Section 15.17.2.3, “Adding a GSLB Rule” <#gslb-add>`__."
 msgstr ""

 #: ../../managing_networks.rst:2879
 # a4c1035be3ae4ba7ae258d14c19fa1df
 msgid "Assign load balancer rules."
 msgstr ""

 #: ../../managing_networks.rst:2881
 # 63a3c42a03374ba783bdd3d8e4c5028e
 msgid "See `Section 15.17.2.4, “Assigning Load Balancing Rules to GSLB” <#assign-lb-gslb>`__."
 msgstr ""

 #: ../../managing_networks.rst:2889
 # c09c96f49f1a421389db422ce761a1dc
 msgid "The GSLB functionality is supported both Basic and Advanced zones."
 msgstr ""

 #: ../../managing_networks.rst:2893
 # 99047554b3fd432390156996189c06ff
 msgid "GSLB is added as a new network service."
 msgstr ""

 #: ../../managing_networks.rst:2897
 # 349a81ed861746768a4a0691ccaeab8f
 msgid "GSLB service provider can be added to a physical network in a zone."
 msgstr ""

 #: ../../managing_networks.rst:2901
 # 6ab7794f701a4df59fc243ddc58f0b4d
 msgid "The admin is allowed to enable or disable GSLB functionality at region level."
 msgstr ""

 #: ../../managing_networks.rst:2906
 # 3d725c2417e04077a8bd810b305cc12d
 msgid "The admin is allowed to configure a zone as GSLB capable or enabled."
 msgstr ""

 #: ../../managing_networks.rst:2908
 # af63547d61ae47bc8806fe8dec44724a
 msgid "A zone shall be considered as GSLB capable only if a GSLB service provider is provisioned in the zone."
 msgstr ""

 #: ../../managing_networks.rst:2913
 # bd3583e6473d458e8903768b80ac420d
 msgid "When users have VMs deployed in multiple availability zones which are GSLB enabled, they can use the GSLB functionality to load balance traffic across the VMs in multiple zones."
 msgstr ""

 #: ../../managing_networks.rst:2919
 # d3eae7bb192b4cf5999d1cad4530ce6c
 msgid "The users can use GSLB to load balance across the VMs across zones in a region only if the admin has enabled GSLB in that region."
 msgstr ""

 #: ../../managing_networks.rst:2924
 # 722a4c917dfc4316a8a5ee4e1d2473f0
 msgid "The users can load balance traffic across the availability zones in the same region or different regions."
 msgstr ""

 #: ../../managing_networks.rst:2929
 # f3e00c0dbac94afaa7fc338683627630
 msgid "The admin can configure DNS name for the entire cloud."
 msgstr ""

 #: ../../managing_networks.rst:2933
 # 381667b65f5b41c3ba49502ed236dee2
 msgid "The users can specify an unique name across the cloud for a globally load balanced service. The provided name is used as the domain name under the DNS name associated with the cloud."
 msgstr ""

 #: ../../managing_networks.rst:2937
 # c2b3095096774c50860988ec9732c71f
 msgid "The user-provided name along with the admin-provided DNS name is used to produce a globally resolvable FQDN for the globally load balanced service of the user. For example, if the admin has configured xyztelco.com as the DNS name for the cloud, and user specifies 'foo' for the GSLB virtual service, then the FQDN name of the GSLB virtual service is foo.xyztelco.com."
 msgstr ""

 #: ../../managing_networks.rst:2946
 # 9cf64fad7b7949f98496453cb30e3f90
 msgid "While setting up GSLB, users can select a load balancing method, such as round robin, for using across the zones that are part of GSLB."
 msgstr ""

 #: ../../managing_networks.rst:2951
 # 2c50d1ce8e39415d907de0a6d851de14
 msgid "The user shall be able to set weight to zone-level virtual server. Weight shall be considered by the load balancing method for distributing the traffic."
 msgstr ""

 #: ../../managing_networks.rst:2957
 # 29df9cd710bd46a0a9df9f49eb468dd5
 msgid "The GSLB functionality shall support session persistence, where series of client requests for particular domain name is sent to a virtual server on the same zone."
 msgstr ""

 #: ../../managing_networks.rst:2961
 # 10872c3a649d420e9f119e3bbed98213
 msgid "Statistics is collected from each GSLB virtual server."
 msgstr ""

 #: ../../managing_networks.rst:2964
 # dd79dc700b3743df9f52e687a9db8068
 msgid "Enabling GSLB in NetScaler"
 msgstr ""

 #: ../../managing_networks.rst:2966
 # 156a972ed59b40038a4636321d763dae
 msgid "In each zone, add GSLB-enabled NetScaler device for load balancing."
 msgstr ""

 #: ../../managing_networks.rst:2970
 # c7e4943746f845df836880e582050b87
 msgid "Log in as administrator to the CloudStack UI."
 msgstr ""

 #: ../../managing_networks.rst:2978
 # b9463a89aa57467d83d9432154c10a77
 msgid "In Zones, click View More."
 msgstr ""

 #: ../../managing_networks.rst:2986
 # f1595ba6ced742f9bd9ef6be9b4b2e79
 msgid "Click the Physical Network tab, then click the name of the physical network."
 msgstr ""

 #: ../../managing_networks.rst:2991
 # 63b81a3cbb9742a5bbe5dd55ba85ecff
 msgid "In the Network Service Providers node of the diagram, click Configure."
 msgstr ""

 #: ../../managing_networks.rst:2994
 # 508b40545cbc4132b2cf1e4128540e5e
 msgid "You might have to scroll down to see this."
 msgstr ""

 #: ../../managing_networks.rst:2998
 # 53115bf37dda43f8b8f3536dd4dd568b
 msgid "Click NetScaler."
 msgstr ""

 #: ../../managing_networks.rst:3002
 # b5b0d0cc48334232a6a56069d7adaa9f
 msgid "Click Add NetScaler device and provide the following:"
 msgstr ""

 #: ../../managing_networks.rst:3004
 # ed5c0c0442f9456cb72dbedd1a84e668
 msgid "For NetScaler:"
 msgstr ""

 #: ../../managing_networks.rst:3008
 # 538c95af821f4027b75d4dc232db3305
 msgid "**IP Address**: The IP address of the SDX."
 msgstr ""

 #: ../../managing_networks.rst:3012
 # f90935d4f5d4451cbfb5cb650901d339
 msgid "**Username/Password**: The authentication credentials to access the device. CloudStack uses these credentials to access the device."
 msgstr ""

 #: ../../managing_networks.rst:3018
 # d5079aa5e4a549ada0c3aa62c5f2a6b8
 msgid "**Type**: The type of device that is being added. It could be F5 Big Ip Load Balancer, NetScaler VPX, NetScaler MPX, or NetScaler SDX. For a comparison of the NetScaler types, see the CloudStack Administration Guide."
 msgstr ""

 #: ../../managing_networks.rst:3025
 # 927bd20253b24539a81a89816522b622
 msgid "**Public interface**: Interface of device that is configured to be part of the public network."
 msgstr ""

 #: ../../managing_networks.rst:3030
 # a9b26fd6edb640ab96c686fb82e63174
 msgid "**Private interface**: Interface of device that is configured to be part of the private network."
 msgstr ""

 #: ../../managing_networks.rst:3035
 # f59521a2c8eb45b6b90edf7253c53f3f
 msgid "**GSLB service**: Select this option."
 msgstr ""

 #: ../../managing_networks.rst:3039
 # f279e0631abf48efbc96b3cea07c0f7e
 msgid "**GSLB service Public IP**: The public IP address of the NAT translator for a GSLB service that is on a private network."
 msgstr ""

 #: ../../managing_networks.rst:3044
 # 06437d72b1314c92865ada3febe44c64
 msgid "**GSLB service Private IP**: The private IP of the GSLB service."
 msgstr ""

 #: ../../managing_networks.rst:3048
 # c1696819f3884157a9733431fe8f5347
 msgid "**Number of Retries**. Number of times to attempt a command on the device before considering the operation failed. Default is 2."
 msgstr ""

 #: ../../managing_networks.rst:3053
 # 37c94cc408494e18a54ef8e730b7e3d3
 msgid "**Capacity**: The number of networks the device can handle."
 msgstr ""

 #: ../../managing_networks.rst:3057
 # 3cf0408da21d4c4080772f511c283988
 msgid "**Dedicated**: When marked as dedicated, this device will be dedicated to a single account. When Dedicated is checked, the value in the Capacity field has no significance implicitly, its value is 1."
 msgstr ""

 #: ../../managing_networks.rst:3067
 # 2f16286d06b34cfbb0c778f84f978767
 msgid "Adding a GSLB Rule"
 msgstr ""

 #: ../../managing_networks.rst:3071
 #: ../../managing_networks.rst:3140
 # 039473a14f4b4214ba12771983f2fc83
 # f23106a7198949aa85bdb7abe8be1ff4
 msgid "Log in to the CloudStack UI as a domain administrator or user."
 msgstr ""

 #: ../../managing_networks.rst:3075
 #: ../../managing_networks.rst:3144
 # f297c9cec43e40e2ab81e6dcf9c29486
 # 6831e687e51f441493ff214593172f42
 msgid "In the left navigation pane, click Region."
 msgstr ""

 #: ../../managing_networks.rst:3079
 #: ../../managing_networks.rst:3148
 # 1671ccbb5a484e7cb4675d75434115b1
 # 7ee2d894c2e44271b0b7cf58a1398b29
 msgid "Select the region for which you want to create a GSLB rule."
 msgstr ""

 #: ../../managing_networks.rst:3083
 #: ../../managing_networks.rst:3152
 # 6e5c6390b5cb4211962d11c2860e768e
 # 18b5fb7710ae4f039c9f3248fc046b59
 msgid "In the Details tab, click View GSLB."
 msgstr ""

 #: ../../managing_networks.rst:3087
 # 3bd105d046e04354911f2b627f21d5dd
 msgid "Click Add GSLB."
 msgstr ""

 #: ../../managing_networks.rst:3089
 # 77c33d27873f48b8bb209ab50d2a73ac
 msgid "The Add GSLB page is displayed as follows:"
 msgstr ""

 #: ../../managing_networks.rst:3091
 # 11522ea2b2de46708f6b45158dfcf5df
 msgid "|gslb-add.png: adding a gslb rule|"
 msgstr ""

 #: ../../managing_networks.rst:3099
 # df1dc1cd07d8438d9e684fd70afe8e7a
 msgid "**Name**: Name for the GSLB rule."
 msgstr ""

 #: ../../managing_networks.rst:3103
 # 9d0c2f980b4f48f7b7d5153d414e2bc0
 msgid "**Description**: (Optional) A short description of the GSLB rule that can be displayed to users."
 msgstr ""

 #: ../../managing_networks.rst:3108
 # bd6458bb4ab147b9b5a5483035bff382
 msgid "**GSLB Domain Name**: A preferred domain name for the service."
 msgstr ""

 #: ../../managing_networks.rst:3112
 # 8ea3f203884e47b6a1d8d90fe8125bf0
 msgid "**Algorithm**: (Optional) The algorithm to use to load balance the traffic across the zones. The options are Round Robin, Least Connection, and Proximity."
 msgstr ""

 #: ../../managing_networks.rst:3118
 # 4d8d6961170041cfada0392ecb570560
 msgid "**Service Type**: The transport protocol to use for GSLB. The options are TCP and UDP."
 msgstr ""

 #: ../../managing_networks.rst:3123
 # 77dcf4c2f0024309b529be408e435cee
 msgid "**Domain**: (Optional) The domain for which you want to create the GSLB rule."
 msgstr ""

 #: ../../managing_networks.rst:3128
 # fcaa38e31d864b25b64102b670470c2c
 msgid "**Account**: (Optional) The account on which you want to apply the GSLB rule."
 msgstr ""

 #: ../../managing_networks.rst:3136
 # 76446b2d9e054665bbca7c01ac0559fa
 msgid "Assigning Load Balancing Rules to GSLB"
 msgstr ""

 #: ../../managing_networks.rst:3156
 # 1be9eb92d540481b97cd2f99cc3ab9d6
 msgid "Select the desired GSLB."
 msgstr ""

 #: ../../managing_networks.rst:3160
 # b437092b9f2a488585dbe73e5068870b
 msgid "Click view assigned load balancing."
 msgstr ""

 #: ../../managing_networks.rst:3164
 # eda19bddac444d22aaf6944b81ac6574
 msgid "Click assign more load balancing."
 msgstr ""

 #: ../../managing_networks.rst:3168
 # 44acd11aec3d42869b12198753256ae7
 msgid "Select the load balancing rule you have created for the zone."
 msgstr ""

 #: ../../managing_networks.rst:3175
 # 77eb5dcff40842b1b2e565776e642fa5
 msgid "Known Limitation"
 msgstr ""

 #: ../../managing_networks.rst:3177
 # eee28dc26a8c43daa149baee5774cd3e
 msgid "Currently, CloudStack does not support orchestration of services across the zones. The notion of services and service providers in region are to be introduced."
 msgstr ""

 #: ../../managing_networks.rst:3182
 # 6ce352ece3ec4e588cb58d78a6a43ab9
 msgid "Guest IP Ranges"
 msgstr ""

 #: ../../managing_networks.rst:3184
 # b9ae2154009d4c7c8135987e8ac86e2c
 msgid "The IP ranges for guest network traffic are set on a per-account basis by the user. This allows the users to configure their network in a fashion that will enable VPN linking between their guest network and their clients."
 msgstr ""

 #: ../../managing_networks.rst:3189
 # de46e5574bf54dd68d71bdd2b1dd9a8b
 msgid "In shared networks in Basic zone and Security Group-enabled Advanced networks, you will have the flexibility to add multiple guest IP ranges from different subnets. You can add or remove one IP range at a time. For more information, see `Section 15.10, “About Multiple IP Ranges” <#multiple-ip-range>`__."
 msgstr ""

 #: ../../managing_networks.rst:3196
 # b24a8efdf2824070a8500affcc044a77
 msgid "Acquiring a New IP Address"
 msgstr ""

 #: ../../managing_networks.rst:3224
 # 6392b71aa674434c8fea3a1269449799
 msgid "If you want Portable IP click Yes in the confirmation dialog. If you want a normal Public IP click No."
 msgstr ""

 #: ../../managing_networks.rst:3227
 # 1b67f1c2681f421e95e01179c36b4c0b
 msgid "For more information on Portable IP, see `Section 15.12, “Portable IPs” <#portable-ip>`__."
 msgstr ""

 #: ../../managing_networks.rst:3235
 # 97d72bd6a40a40e7bd59c0c736a8bbdd
 msgid "Releasing an IP Address"
 msgstr ""

 #: ../../managing_networks.rst:3237
 # f52a271b737d4215a2e21b2c934efdd4
 msgid "When the last rule for an IP address is removed, you can release that IP address. The IP address still belongs to the VPC; however, it can be picked up for any guest network again."
 msgstr ""

 #: ../../managing_networks.rst:3259
 # 656f51251c854bb6a971b2cb29b0d8ef
 msgid "Click the IP address you want to release."
 msgstr ""

 #: ../../managing_networks.rst:3263
 # 2572dd822bef4a2f955e7507de6a2171
 msgid "Click the Release IP button. |ReleaseIPButton.png: button to release an IP|"
 msgstr ""

 #: ../../managing_networks.rst:3267
 #: ../../managing_networks.rst:3838
 #: ../../managing_networks.rst:4285
 #: ../../managing_networks.rst:4385
 #: ../../managing_networks.rst:4579
 #: ../../managing_networks.rst:5185
 #: ../../managing_networks.rst:5443
 #: ../../managing_networks.rst:5768
 #: ../../managing_networks.rst:5855
 #: ../../managing_networks.rst:5946
 #: ../../managing_networks.rst:6188
 #: ../../managing_networks.rst:6580
 # 5b2ef9957d5c4f35a32f9d7da23e6693
 # 41297f054dbd4ab0a958c0998f5d7ffd
 # 2ab2cc311faf4a23bcbd99703f0f47e1
 # d5758556343045dd918e7f592bbba40e
 # 07b2dc015092473aa0a048a6cc59b7b8
 # 26b03a50edbe4d8bb41144c0cada25e2
 # 127f42037f3448d38c791df3fb08fec1
 # 6e8aef87be834395857821e832eedc81
 # 75e095f3e2b343a2a5ebf18c29c3c74e
 # a4224fe4d3e84991adba7f4f79e22ccd
 # 37046dfed9524c6689ce685c5fe137b8
 # 1491471208484e0794022798a18c6235
 msgid "Static NAT"
 msgstr ""

 #: ../../managing_networks.rst:3269
 # 8b9ec9bf10d04ae79f278146e90a9d9b
 msgid "A static NAT rule maps a public IP address to the private IP address of a VM in order to allow Internet traffic into the VM. The public IP address always remains the same, which is why it is called “static” NAT. This section tells how to enable or disable static NAT for a particular IP address."
 msgstr ""

 #: ../../managing_networks.rst:3276
 # c431000325b74754a499d98af7351495
 msgid "Enabling or Disabling Static NAT"
 msgstr ""

 #: ../../managing_networks.rst:3278
 #: ../../managing_networks.rst:5905
 # b2c066da76814877b47541a473f572fb
 # 3f56828c583c46ad81eaedeff63fb850
 msgid "If port forwarding rules are already in effect for an IP address, you cannot enable static NAT to that IP."
 msgstr ""

 #: ../../managing_networks.rst:3281
 #: ../../managing_networks.rst:5908
 # ab68fbb3395e429fa804a3969d8011a5
 # f9f86036dd7b4dd391c93c88952259d1
 msgid "If a guest VM is part of more than one network, static NAT rules will function only if they are defined on the default network."
 msgstr ""

 #: ../../managing_networks.rst:3302
 #: ../../managing_networks.rst:3378
 # 3c704e04efc744568700070163b3ca1d
 # fa28626438294e07bd64b0c07f6bb8a2
 msgid "Click the IP address you want to work with."
 msgstr ""

 #: ../../managing_networks.rst:3306
 # 5ad8bdba63064885a50259f19f0a3650
 msgid "Click the Static NAT |EnableNATButton.png: button to enable NAT| button."
 msgstr ""

 #: ../../managing_networks.rst:3309
 # 5608c079e4984a898941e97d9040e080
 msgid "The button toggles between Enable and Disable, depending on whether static NAT is currently enabled for the IP address."
 msgstr ""

 #: ../../managing_networks.rst:3314
 # c44f31d84d4946bba279c07ffae37af3
 msgid "If you are enabling static NAT, a dialog appears where you can choose the destination VM and click Apply."
 msgstr ""

 #: ../../managing_networks.rst:3318
 # 0239068895f846728ff792196d9e8c78
 msgid "IP Forwarding and Firewalling"
 msgstr ""

 #: ../../managing_networks.rst:3320
 # 38b50d6982c14a78b97c1004a1d32b97
 msgid "By default, all incoming traffic to the public IP address is rejected. All outgoing traffic from the guests is also blocked by default."
 msgstr ""

 #: ../../managing_networks.rst:3323
 # 4374970c184442e1bff7de64f1a19a7b
 msgid "To allow outgoing traffic, follow the procedure in `Section 15.22.2, “Egress Firewall Rules in an Advanced Zone” <#egress-firewall-rule>`__."
 msgstr ""

 #: ../../managing_networks.rst:3326
 # 4cb1f00da457462d9550d7a7750f2313
 msgid "To allow incoming traffic, users may set up firewall rules and/or port forwarding rules. For example, you can use a firewall rule to open a range of ports on the public IP address, such as 33 through 44. Then use port forwarding rules to direct traffic from individual ports within that range to specific ports on user VMs. For example, one port forwarding rule could route incoming traffic on the public IP's port 33 to port 100 on one user VM's private IP."
 msgstr ""

 #: ../../managing_networks.rst:3335
 # 30b73ffad3e84ae2ac5dcec10260b433
 msgid "Firewall Rules"
 msgstr ""

 #: ../../managing_networks.rst:3337
 # 65002cba7c554a759449b2c27f7e9931
 msgid "By default, all incoming traffic to the public IP address is rejected by the firewall. To allow external traffic, you can open firewall ports by specifying firewall rules. You can optionally specify one or more CIDRs to filter the source IPs. This is useful when you want to allow only incoming requests from certain IP addresses."
 msgstr ""

 #: ../../managing_networks.rst:3343
 # 0eadbb8127ba4f50ad1f3a2ac2b73049
 msgid "You cannot use firewall rules to open ports for an elastic IP address. When elastic IP is used, outside access is instead controlled through the use of security groups. See `Section 15.15.2, “Adding a Security Group” <#add-security-group>`__."
 msgstr ""

 #: ../../managing_networks.rst:3348
 # 47591452f5c348b7a4836500eaeeb54f
 msgid "In an advanced zone, you can also create egress firewall rules by using the virtual router. For more information, see `Section 15.22.2, “Egress Firewall Rules in an Advanced Zone” <#egress-firewall-rule>`__."
 msgstr ""

 #: ../../managing_networks.rst:3352
 # d9b6ac1930d14ffaa3eae10de83b88f2
 msgid "Firewall rules can be created using the Firewall tab in the Management Server UI. This tab is not displayed by default when CloudStack is installed. To display the Firewall tab, the CloudStack administrator must set the global configuration parameter firewall.rule.ui.enabled to \"true.\""
 msgstr ""

 #: ../../managing_networks.rst:3358
 # 41479731d8d84d99a6aa8925a91d371b
 msgid "To create a firewall rule:"
 msgstr ""

 #: ../../managing_networks.rst:3382
 # 379f460faa18445583d749503ad81606
 msgid "Click the Configuration tab and fill in the following values."
 msgstr ""

 #: ../../managing_networks.rst:3386
 # 7923d613a47543f2a046a93f3a08a992
 msgid "**Source CIDR**. (Optional) To accept only traffic from IP addresses within a particular address block, enter a CIDR or a comma-separated list of CIDRs. Example: 192.168.0.0/22. Leave empty to allow all CIDRs."
 msgstr ""

 #: ../../managing_networks.rst:3393
 # ff573c7c40d94c24a43dc4e21ed8cc30
 msgid "**Protocol**. The communication protocol in use on the opened port(s)."
 msgstr ""

 #: ../../managing_networks.rst:3398
 # 14466f1425f9488c824bc5507b812a10
 msgid "**Start Port and End Port**. The port(s) you want to open on the firewall. If you are opening a single port, use the same number in both fields"
 msgstr ""

 #: ../../managing_networks.rst:3404
 # eff1095b7f204f83bfca43d956620036
 msgid "**ICMP Type and ICMP Code**. Used only if Protocol is set to ICMP. Provide the type and code required by the ICMP protocol to fill out the ICMP header. Refer to ICMP documentation for more details if you are not sure what to enter"
 msgstr ""

 #: ../../managing_networks.rst:3414
 # c334f1f90dbf49c4935f21d4c1bb417c
 msgid "Egress Firewall Rules in an Advanced Zone"
 msgstr ""

 #: ../../managing_networks.rst:3416
 # 939aa6e067b64d47a83d181a3e4e5527
 msgid "The egress traffic originates from a private network to a public network, such as the Internet. By default, the egress traffic is blocked in default network offerings, so no outgoing traffic is allowed from a guest network to the Internet. However, you can control the egress traffic in an Advanced zone by creating egress firewall rules. When an egress firewall rule is applied, the traffic specific to the rule is allowed and the remaining traffic is blocked. When all the firewall rules are removed the default policy, Block, is applied."
 msgstr ""

 #: ../../managing_networks.rst:3428
 # 7a04d621e9684c64a589eb43631ba804
 msgid "Consider the following scenarios to apply egress firewall rules:"
 msgstr ""

 #: ../../managing_networks.rst:3432
 # 774794905f1a490fbaadf61a60da50fc
 msgid "Egress firewall rules are supported on Juniper SRX and virtual router."
 msgstr ""

 #: ../../managing_networks.rst:3437
 # 46f8243d01b443d09201acc237d75fc9
 msgid "The egress firewall rules are not supported on shared networks."
 msgstr ""

 #: ../../managing_networks.rst:3441
 # f88ff0e199cc453ea42eec0dfc9125b1
 msgid "Allow the egress traffic from specified source CIDR. The Source CIDR is part of guest network CIDR."
 msgstr ""

 #: ../../managing_networks.rst:3446
 # d8800840b30d44929ddbb3b604c97f02
 msgid "Allow the egress traffic with protocol TCP,UDP,ICMP, or ALL."
 msgstr ""

 #: ../../managing_networks.rst:3450
 # 26294a9e847940889657b436b3a4aa23
 msgid "Allow the egress traffic with protocol and destination port range. The port range is specified for TCP, UDP or for ICMP type and code."
 msgstr ""

 #: ../../managing_networks.rst:3455
 # c0afd204dff547fb87834d7abc9c1f8e
 msgid "The default policy is Allow for the new network offerings, whereas on upgrade existing network offerings with firewall service providers will have the default egress policy Deny."
 msgstr ""

 #: ../../managing_networks.rst:3460
 # 850dd34086424c9ab68601f13834bcd2
 msgid "Configuring an Egress Firewall Rule"
 msgstr ""

 #: ../../managing_networks.rst:3472
 # 3615eb46ce214f7d9cbf957a06371666
 msgid "In Select view, choose Guest networks, then click the Guest network you want."
 msgstr ""

 #: ../../managing_networks.rst:3477
 # 359f42a9094342b29e083f461a84405b
 msgid "To add an egress rule, click the Egress rules tab and fill out the following fields to specify what type of traffic is allowed to be sent out of VM instances in this guest network:"
 msgstr ""

 #: ../../managing_networks.rst:3481
 # f203654bfaa44a6989bda0673da8a470
 msgid "|egress-firewall-rule.png: adding an egress firewall rule|"
 msgstr ""

 #: ../../managing_networks.rst:3485
 # e1ee94ade2e54545b51b809a12f729dd
 msgid "**CIDR**: (Add by CIDR only) To send traffic only to the IP addresses within a particular address block, enter a CIDR or a comma-separated list of CIDRs. The CIDR is the base IP address of the destination. For example, 192.168.0.0/22. To allow all CIDRs, set to 0.0.0.0/0."
 msgstr ""

 #: ../../managing_networks.rst:3493
 # 142d121ba8884e97abf630ab11c3ba47
 msgid "**Protocol**: The networking protocol that VMs uses to send outgoing traffic. The TCP and UDP protocols are typically used for data exchange and end-user communications. The ICMP protocol is typically used to send error messages or network monitoring data."
 msgstr ""

 #: ../../managing_networks.rst:3500
 # a6aa5a49dfb948f9b0f88c0b723666df
 msgid "**Start Port, End Port**: (TCP, UDP only) A range of listening ports that are the destination for the outgoing traffic. If you are opening a single port, use the same number in both fields."
 msgstr ""

 #: ../../managing_networks.rst:3506
 # bdf38163ee3d40d1905ccf2ac8827421
 msgid "**ICMP Type, ICMP Code**: (ICMP only) The type of message and error code that are sent."
 msgstr ""

 #: ../../managing_networks.rst:3514
 # 4fd631620dc649139065e335358cbd24
 msgid "Configuring the Default Egress Policy"
 msgstr ""

 #: ../../managing_networks.rst:3516
 # 19008ef0cc514c859de0de2daede053c
 msgid "The default egress policy for Isolated guest network is configured by using Network offering. Use the create network offering option to determine whether the default policy should be block or allow all the traffic to the public network from a guest network. Use this network offering to create the network. If no policy is specified, by default all the traffic is allowed from the guest network that you create by using this network offering."
 msgstr ""

 #: ../../managing_networks.rst:3524
 # 79bc5b57e2f94789bdff8bbfac2ddcfb
 msgid "You have two options: Allow and Deny."
 msgstr ""

 #: ../../managing_networks.rst:3527
 # 1224fcbce5c74fe3b947356b896ca579
 msgid "Allow"
 msgstr ""

 #: ../../managing_networks.rst:3529
 # e2a646bdb2d74e4db9d2599d28f6235a
 msgid "If you select Allow for a network offering, by default egress traffic is allowed. However, when an egress rule is configured for a guest network, rules are applied to block the specified traffic and rest are allowed. If no egress rules are configured for the network, egress traffic is accepted."
 msgstr ""

 #: ../../managing_networks.rst:3536
 #: ../../managing_networks.rst:5146
 #: ../../managing_networks.rst:5147
 # 749247337d834c6c9277066a5d52c328
 # 8779b4214ba9455abd8c51e7029da31a
 # e800ddb4ba3d4858ba5fbf7c30acd2e4
 msgid "Deny"
 msgstr ""

 #: ../../managing_networks.rst:3538
 # 3a06b12ffe614d1cab452a989a8f917f
 msgid "If you select Deny for a network offering, by default egress traffic for the guest network is blocked. However, when an egress rules is configured for a guest network, rules are applied to allow the specified traffic. While implementing a guest network, CloudStack adds the firewall egress rule specific to the default egress policy for the guest network."
 msgstr ""

 #: ../../managing_networks.rst:3545
 # 6196e56e021042f4a3ebd91573fbbf60
 msgid "This feature is supported only on virtual router and Juniper SRX."
 msgstr ""

 #: ../../managing_networks.rst:3549
 # 7bdc8fc3675346f1a13f9c19d80abfd7
 msgid "Create a network offering with your desirable default egress policy:"
 msgstr ""

 #: ../../managing_networks.rst:3553
 # 132ba5854a684a0484908e19f74b3d44
 msgid "Log in with admin privileges to the CloudStack UI."
 msgstr ""

 #: ../../managing_networks.rst:3557
 # 71eec5bf534f4946b6c4daaf8df613a6
 msgid "In the left navigation bar, click Service Offerings."
 msgstr ""

 #: ../../managing_networks.rst:3561
 # 89d1b1ad418a45b087b1a5650dfbb68b
 msgid "In Select Offering, choose Network Offering."
 msgstr ""

 #: ../../managing_networks.rst:3565
 #: ../../managing_networks.rst:6072
 #: ../../managing_networks.rst:6376
 # 14b63d7663f845a785bdd4d17da6c813
 # ca405e366b0a4757b0f24381859548f3
 # e9ca1c0eaa53479c9b838d602582aa03
 msgid "Click Add Network Offering."
 msgstr ""

 #: ../../managing_networks.rst:3569
 # a3f5cfaea903420c9a12c152a3293b17
 msgid "In the dialog, make necessary choices, including firewall provider."
 msgstr ""

 #: ../../managing_networks.rst:3574
 # ce35e9aadd4542cbacf3656f44f89af7
 msgid "In the Default egress policy field, specify the behaviour."
 msgstr ""

 #: ../../managing_networks.rst:3582
 # 23199bdde5f24a939b68fb46fd1019fb
 msgid "Create an isolated network by using this network offering."
 msgstr ""

 #: ../../managing_networks.rst:3584
 # 2b39e12e5b3d4d39a933c682cc18b149
 msgid "Based on your selection, the network will have the egress public traffic blocked or allowed."
 msgstr ""

 #: ../../managing_networks.rst:3588
 # 2e4756b361a14c97a83a29b5f8d1a311
 msgid "Port Forwarding"
 msgstr ""

 #: ../../managing_networks.rst:3590
 # a08ae5e9620d44ff84ce14445856b2c3
 msgid "A port forward service is a set of port forwarding rules that define a policy. A port forward service is then applied to one or more guest VMs. The guest VM then has its inbound network access managed according to the policy defined by the port forwarding service. You can optionally specify one or more CIDRs to filter the source IPs. This is useful when you want to allow only incoming requests from certain IP addresses to be forwarded."
 msgstr ""

 #: ../../managing_networks.rst:3598
 # 878cdf1503f94e3187e805b44534fed9
 msgid "A guest VM can be in any number of port forward services. Port forward services can be defined but have no members. If a guest VM is part of more than one network, port forwarding rules will function only if they are defined on the default network"
 msgstr ""

 #: ../../managing_networks.rst:3603
 # ca75695902264086b479704a64871a64
 msgid "You cannot use port forwarding to open ports for an elastic IP address. When elastic IP is used, outside access is instead controlled through the use of security groups. See Security Groups."
 msgstr ""

 #: ../../managing_networks.rst:3607
 # 550c9e8578014be1bde72e80f78d199c
 msgid "To set up port forwarding:"
 msgstr ""

 #: ../../managing_networks.rst:3615
 # 1579f539fb6d428486e2cb9316570a6b
 msgid "If you have not already done so, add a public IP address range to a zone in CloudStack. See Adding a Zone and Pod in the Installation Guide."
 msgstr ""

 #: ../../managing_networks.rst:3621
 # baee90c3d614427590853d7141e1ee1b
 msgid "Add one or more VM instances to CloudStack."
 msgstr ""

 #: ../../managing_networks.rst:3625
 # aa5921d82f6a429ca3d83e2d9e3991cd
 msgid "In the left navigation bar, click Network."
 msgstr ""

 #: ../../managing_networks.rst:3629
 # 6f69e80b5b984c18a3a7652157412174
 msgid "Click the name of the guest network where the VMs are running."
 msgstr ""

 #: ../../managing_networks.rst:3633
 # aaa0315049f346cb878ebb96c9c25a9c
 msgid "Choose an existing IP address or acquire a new IP address. See `Section 15.19, “Acquiring a New IP Address” <#acquire-new-ip-address>`__. Click the name of the IP address in the list."
 msgstr ""

 #: ../../managing_networks.rst:3640
 # 2b948665b23443059e227f2a987a4af4
 msgid "Click the Configuration tab."
 msgstr ""

 #: ../../managing_networks.rst:3644
 #: ../../managing_networks.rst:6621
 # ef12d2f0ebca484fbec9fe3b4ea476ce
 # 86470a41e0e143c8abee911f793f5139
 msgid "In the Port Forwarding node of the diagram, click View All."
 msgstr ""

 #: ../../managing_networks.rst:3652
 # 70b067742c7e494faa545e59e67e509f
 msgid "**Public Port**. The port to which public traffic will be addressed on the IP address you acquired in the previous step."
 msgstr ""

 #: ../../managing_networks.rst:3657
 # 3c48fdadff09491b8ccdfa491ef23b13
 msgid "**Private Port**. The port on which the instance is listening for forwarded public traffic."
 msgstr ""

 #: ../../managing_networks.rst:3662
 # 9b1ee2382ca242bea410d9e0fec0de21
 msgid "**Protocol**. The communication protocol in use between the two ports"
 msgstr ""

 #: ../../managing_networks.rst:3670
 # b5fdf68205af49fe949bb74f27cb03ef
 msgid "IP Load Balancing"
 msgstr ""

 #: ../../managing_networks.rst:3672
 # f4415093dc35468c97c273710e3fd019
 msgid "The user may choose to associate the same public IP for multiple guests. CloudStack implements a TCP-level load balancer with the following policies."
 msgstr ""

 #: ../../managing_networks.rst:3678
 #: ../../managing_networks.rst:6261
 #: ../../managing_networks.rst:6532
 # 9643d81461b54c18b510cec02c55b76a
 # 8ff79894623b4f75ad7b797363bc1802
 # f5133113ba364c81bb4607616c3e51b2
 msgid "Round-robin"
 msgstr ""

 #: ../../managing_networks.rst:3682
 # 1599b1d2a49941089fba2c32b3639b28
 msgid "Least connection"
 msgstr ""

 #: ../../managing_networks.rst:3686
 # a23492e21cb742b2b97b33f4b5ab151f
 msgid "Source IP"
 msgstr ""

 #: ../../managing_networks.rst:3688
 # 728ff8a92c5a4fa4875aff65b6a6e20a
 msgid "This is similar to port forwarding but the destination may be multiple IP addresses."
 msgstr ""

 #: ../../managing_networks.rst:3692
 # d5e9852ee80440fe9204fac406dd593d
 msgid "DNS and DHCP"
 msgstr ""

 #: ../../managing_networks.rst:3694
 # 0e9e9564f8514da08c6206315a3eaa34
 msgid "The Virtual Router provides DNS and DHCP services to the guests. It proxies DNS requests to the DNS server configured on the Availability Zone."
 msgstr ""

 #: ../../managing_networks.rst:3699
 # b8ff527b8b13466885b0c515030f73dd
 msgid "Remote Access VPN"
 msgstr ""

 #: ../../managing_networks.rst:3701
 # c381ec096f69422e8176e92e2f15b737
 msgid "CloudStack account owners can create virtual private networks (VPN) to access their virtual machines. If the guest network is instantiated from a network offering that offers the Remote Access VPN service, the virtual router (based on the System VM) is used to provide the service. CloudStack provides a L2TP-over-IPsec-based remote access VPN service to guest virtual networks. Since each network gets its own virtual router, VPNs are not shared across the networks. VPN clients native to Windows, Mac OS X and iOS can be used to connect to the guest networks. The account owner can create and manage users for their VPN. CloudStack does not use its account database for this purpose but uses a separate table. The VPN user database is shared across all the VPNs created by the account owner. All VPN users get access to all VPNs created by the account owner."
 msgstr ""

 #: ../../managing_networks.rst:3715
 # 3bb8afa8e0d549448cda76518414eb07
 msgid "Make sure that not all traffic goes through the VPN. That is, the route installed by the VPN should be only for the guest network and not for all traffic."
 msgstr ""

 #: ../../managing_networks.rst:3719
 # d295f3aefec94637a6b5ecbd5c09110a
 msgid "**Road Warrior / Remote Access**. Users want to be able to connect securely from a home or office to a private network in the cloud. Typically, the IP address of the connecting client is dynamic and cannot be preconfigured on the VPN server."
 msgstr ""

 #: ../../managing_networks.rst:3726
 # dd37e3114c294b4faa1de54929a552f1
 msgid "**Site to Site**. In this scenario, two private subnets are connected over the public Internet with a secure VPN tunnel. The cloud user’s subnet (for example, an office network) is connected through a gateway to the network in the cloud. The address of the user’s gateway must be preconfigured on the VPN server in the cloud. Note that although L2TP-over-IPsec can be used to set up Site-to-Site VPNs, this is not the primary intent of this feature. For more information, see `Section 15.25.5, “Setting Up a Site-to-Site VPN Connection” <#site-to-site-vpn>`__"
 msgstr ""

 #: ../../managing_networks.rst:3737
 # bfa322b2a64046429d89460b40d144f0
 msgid "Configuring Remote Access VPN"
 msgstr ""

 #: ../../managing_networks.rst:3739
 # 097a6cf2913b4beba6be5431a86de870
 msgid "To set up VPN for the cloud:"
 msgstr ""

 #: ../../managing_networks.rst:3747
 # 1fa16e80d9f644edabec5370acdb32bf
 msgid "In the left navigation, click Global Settings."
 msgstr ""

 #: ../../managing_networks.rst:3751
 # aa577a63d68e4aec895fe83165f3f782
 msgid "Set the following global configuration parameters."
 msgstr ""

 #: ../../managing_networks.rst:3755
 # 0ea3bea3ca8e4aaaaab96eb7cc118fa0
 msgid "remote.access.vpn.client.ip.range – The range of IP addresses to be allocated to remote access VPN clients. The first IP in the range is used by the VPN server."
 msgstr ""

 #: ../../managing_networks.rst:3761
 # 9d973a38aa614f53b869f0bdc327f31a
 msgid "remote.access.vpn.psk.length – Length of the IPSec key."
 msgstr ""

 #: ../../managing_networks.rst:3765
 # fb498ce174e14f6a9bd79342530814a8
 msgid "remote.access.vpn.user.limit – Maximum number of VPN users per account."
 msgstr ""

 #: ../../managing_networks.rst:3768
 # 4dce5f8323054cd7ab088e614da1a9e4
 msgid "To enable VPN for a particular network:"
 msgstr ""

 #: ../../managing_networks.rst:3772
 #: ../../managing_networks.rst:3809
 # b675d72fb2994edf9ffb66e7d4a0d9e2
 # b8343075444146c2951287194c670d61
 msgid "Log in as a user or administrator to the CloudStack UI."
 msgstr ""

 #: ../../managing_networks.rst:3776
 #: ../../managing_networks.rst:3813
 # 7bfc3800f4454b6d91c8b45e69042d61
 # 8ea70ebbf5844760b522f1a0f75bbb27
 msgid "In the left navigation, click Network."
 msgstr ""

 #: ../../managing_networks.rst:3780
 # 0daa9926aa704bf5862add2651c6dcb6
 msgid "Click the name of the network you want to work with."
 msgstr ""

 #: ../../managing_networks.rst:3788
 # 2fa1652bbb944603ad6cbb5d1aad4a5a
 msgid "Click one of the displayed IP address names."
 msgstr ""

 #: ../../managing_networks.rst:3792
 # ef6bf9b781754ea18f2335af33284201
 msgid "Click the Enable VPN button. |AttachDiskButton.png: button to attach a volume|"
 msgstr ""

 #: ../../managing_networks.rst:3795
 # 2012a33f002143b893c3f7a989397edc
 msgid "The IPsec key is displayed in a popup window."
 msgstr ""

 #: ../../managing_networks.rst:3798
 # b28f663cf7724ab9a7f478d438a24394
 msgid "Configuring Remote Access VPN in VPC"
 msgstr ""

 #: ../../managing_networks.rst:3800
 # fa00279794274728b49c98337469cbbf
 msgid "On enabling Remote Access VPN on a VPC, any VPN client present outside the VPC can access VMs present in the VPC by using the Remote VPN connection. The VPN client can be present anywhere except inside the VPC on which the user enabled the Remote Access VPN service."
 msgstr ""

 #: ../../managing_networks.rst:3805
 # 9995de408c534547bca798eacfc6e29d
 msgid "To enable VPN for a VPC:"
 msgstr ""

 #: ../../managing_networks.rst:3817
 #: ../../managing_networks.rst:4260
 #: ../../managing_networks.rst:4357
 #: ../../managing_networks.rst:4550
 #: ../../managing_networks.rst:4971
 #: ../../managing_networks.rst:5036
 #: ../../managing_networks.rst:5164
 #: ../../managing_networks.rst:5246
 #: ../../managing_networks.rst:5414
 #: ../../managing_networks.rst:5651
 #: ../../managing_networks.rst:5743
 #: ../../managing_networks.rst:5831
 #: ../../managing_networks.rst:5921
 #: ../../managing_networks.rst:6163
 #: ../../managing_networks.rst:6471
 #: ../../managing_networks.rst:6555
 #: ../../managing_networks.rst:6680
 #: ../../managing_networks.rst:6719
 # a31affe0adac49f09f3748d0f7ae367e
 # 4af68095a91449e3b8bea9b815da9067
 # dad79a3f32dc40a786d554154bd361b9
 # e38d9555c0c8456ca690fd6cf202b112
 # 821e14755e74419ba72d32bd68d96287
 # 882bbeb316964de78877b7cb3cecc9fc
 # 75cc31bf17e2494fb91a744619c66ee4
 # 1c0efba412354370a1b9f46eaaa0ef7a
 # a5edf42ce9ad47e6a2330279b1398ac1
 # cecf708f7c1043c48169ea6b24e59466
 # 1e27b769cc2540c08fe46fa6ab725699
 # 75db22351660479db8734b0ed18fc894
 # 3a8ef410656041498f008fbe30a414db
 # cfadbb7beee440b5a535959fac59ded7
 # 1efbe4d02aef451a9f809b75fd3a01ae
 # 46c68a38ef0d418b88f703c6038fad39
 # 699be4a90f2b41a0b715d02d5e54e4df
 # 83151a4b19cc4e5489e47c5fa744b5c0
 msgid "In the Select view, select VPC."
 msgstr ""

 #: ../../managing_networks.rst:3819
 #: ../../managing_networks.rst:4262
 #: ../../managing_networks.rst:4552
 #: ../../managing_networks.rst:5166
 #: ../../managing_networks.rst:5248
 #: ../../managing_networks.rst:5416
 #: ../../managing_networks.rst:5653
 #: ../../managing_networks.rst:5745
 #: ../../managing_networks.rst:5833
 #: ../../managing_networks.rst:5923
 #: ../../managing_networks.rst:6165
 #: ../../managing_networks.rst:6473
 #: ../../managing_networks.rst:6557
 #: ../../managing_networks.rst:6721
 # 9ae3c14b7e8c402c9c1dce614d4bd2c7
 # e4a77e77230d483db3156f192de9ca5b
 # 8bddf8b867294c708f998bad74efcff6
 # 345034355f8c44c9b7ffc188c0ac9896
 # 568c157061934519a28710ac7dbc349b
 # 47d6e2a72c7f48bcbe8d6ee024c33594
 # 7c289632b014498080a51b30fab9101d
 # f66374dd81f244f6a2f3ed711f4bf948
 # 87c017466f11465ab7cead64d05b5eaf
 # 0c79b640f1da4393b59a0e998560988c
 # d19f27ee89f34a4fb8df870e04257e7f
 # ab679cc378034d79ab6985db72b19b9c
 # 6f1cdf89d13f42f0ab2b5bedcbbd73e6
 # 6005fd24e0d54155a3241c01fe6124e9
 msgid "All the VPCs that you have created for the account is listed in the page."
 msgstr ""

 #: ../../managing_networks.rst:3824
 #: ../../managing_networks.rst:5171
 #: ../../managing_networks.rst:5253
 # ca19426a021e4211a1acd3f6a8b16989
 # c182ce3a373542a99217ced2df09ce62
 # 99819c70e71b4f8189fbee678c73a3a5
 msgid "Click the Configure button of the VPC."
 msgstr ""

 #: ../../managing_networks.rst:3826
 #: ../../managing_networks.rst:4273
 #: ../../managing_networks.rst:4373
 #: ../../managing_networks.rst:4567
 #: ../../managing_networks.rst:5173
 #: ../../managing_networks.rst:6176
 #: ../../managing_networks.rst:6568
 # 4d3781d769c545d99be97f10a202686a
 # dee16ec55fcf4247845bc5507b0cfd97
 # c307d801b0864d9f96fdcef8b387ce9d
 # bd8619c3aaa0447486c78131f8eb7b14
 # 47f4d3cd60294575ac304752364e0016
 # 96a7d144a4a9461fb5b97370f7f33d41
 # af5676d8c747473d89e78cc8e3892a25
 msgid "For each tier, the following options are displayed:"
 msgstr ""

 #: ../../managing_networks.rst:3830
 #: ../../managing_networks.rst:4277
 #: ../../managing_networks.rst:4377
 #: ../../managing_networks.rst:4571
 #: ../../managing_networks.rst:5177
 #: ../../managing_networks.rst:5435
 #: ../../managing_networks.rst:5760
 #: ../../managing_networks.rst:5847
 #: ../../managing_networks.rst:5938
 #: ../../managing_networks.rst:6180
 #: ../../managing_networks.rst:6572
 # e977c7944d7441429e362266f89939b8
 # 5dc3472c6728454999ad5fb3af4f85f7
 # dd1ac38a74e64a408aebd85987d4ca2a
 # 1e64906e22d740f2bbe78adf991135f3
 # 3ab121c1f35c4617914f68af0a25364d
 # 3433f4dcaec546dcae9e778199695765
 # 5747e1b492c54471a0b41977a208232c
 # 1ecff74d45e644809e0f02cb05421be1
 # cbae3a5d141c4cdc83fd6f278d79e79e
 # 41d220172f7c4c1d8553baebb87b3616
 # 7f81c86a21a94b8d8cb340708599235d
 msgid "Internal LB"
 msgstr ""

 #: ../../managing_networks.rst:3834
 #: ../../managing_networks.rst:4281
 #: ../../managing_networks.rst:4381
 #: ../../managing_networks.rst:4575
 #: ../../managing_networks.rst:5181
 #: ../../managing_networks.rst:5439
 #: ../../managing_networks.rst:5764
 #: ../../managing_networks.rst:5851
 #: ../../managing_networks.rst:5942
 #: ../../managing_networks.rst:6184
 #: ../../managing_networks.rst:6576
 # 738682e112cb4305a6f74807ed9a15bb
 # 6e5c7436086b4fdda00214facb796e94
 # 17f370caa5ba4969934de8611356c9e5
 # 64c5287f475642419374f2b15f026bab
 # 7e24a426f15048fba793a522a40ef689
 # 2470296892374cf8b1dbbba087f9cc1e
 # b914d7f7af2d4d5c8f763562a1d9e71b
 # 53a27d12607c447980cd9361d9081a86
 # 95adec1d399d4946bedb3a89ca40a486
 # 33c3c72610f7495a8f48211a7823fd4e
 # 72f5b91956d449d4a4a1be58dd85ab17
 msgid "Public LB IP"
 msgstr ""

 #: ../../managing_networks.rst:3842
 #: ../../managing_networks.rst:4289
 #: ../../managing_networks.rst:4389
 #: ../../managing_networks.rst:4583
 #: ../../managing_networks.rst:5189
 #: ../../managing_networks.rst:5447
 #: ../../managing_networks.rst:5772
 #: ../../managing_networks.rst:5859
 #: ../../managing_networks.rst:5950
 #: ../../managing_networks.rst:6192
 #: ../../managing_networks.rst:6584
 # 0cb050feaaeb474c926023e60f855b32
 # 11861e54e8724e2fadaca4c4ef5e568e
 # c8e370f0dc4643d293e44f555b923199
 # 0c77f763f1e040f7b80e04b3a37bce24
 # 39a2f9b8856943628ae5927eb7f71c92
 # 2c350c6efc7543d69506721e795eb85f
 # b5d631e4a2024d1fbd4f10d4d0d9064a
 # 952eed7b8185432cae49594fa2f3ec18
 # 7af76e26ead045619c8139e1fead812a
 # b8b0020c6a964034b84a1515f8eeda8b
 # c356254659034481a1dc96d9387f6b9f
 msgid "Virtual Machines"
 msgstr ""

 #: ../../managing_networks.rst:3848
 #: ../../managing_networks.rst:4295
 #: ../../managing_networks.rst:4395
 #: ../../managing_networks.rst:4589
 #: ../../managing_networks.rst:5195
 #: ../../managing_networks.rst:5453
 #: ../../managing_networks.rst:5778
 #: ../../managing_networks.rst:5865
 #: ../../managing_networks.rst:5956
 #: ../../managing_networks.rst:6198
 #: ../../managing_networks.rst:6590
 # b89c9f01ccd944b297fff10534973ddc
 # eef1542933fe447b8262890522771d50
 # 5178f0cb1f7c46709c6549e58c7a067a
 # d150a889b3614d81811a9cdc68c5fa66
 # 7ed422ae787a4447960d1e0207cc28dc
 # 5d542e45915b4557b132ba854d60edb6
 # 0fa2b79d145143d880bfdf98bc57f29a
 # b47fda6dfe744ba3853d7a7b7c24b1f6
 # b632ee0308cf4b44b4e44d46a51496e5
 # 3c0bd1aea7ad4d68964f1d4edb118cdd
 # 6a198f55d0a846f3b709af607f86e43e
 msgid "The following router information is displayed:"
 msgstr ""

 #: ../../managing_networks.rst:3852
 #: ../../managing_networks.rst:4299
 #: ../../managing_networks.rst:4399
 #: ../../managing_networks.rst:4593
 #: ../../managing_networks.rst:5199
 #: ../../managing_networks.rst:5457
 #: ../../managing_networks.rst:5782
 #: ../../managing_networks.rst:5869
 #: ../../managing_networks.rst:5960
 #: ../../managing_networks.rst:6202
 #: ../../managing_networks.rst:6594
 # a1dbb584fd8b4d4397d374a689f02aa9
 # 0eb728e1fe3c4bf285cd79b34b06d181
 # 8faa54108faa476da673bfb6058b1cc7
 # cb8741bacf1843f0a927b32272bf09cd
 # bae030b0fb4d4ef983ceb14b13495258
 # f3c190c39252412bb8581e07bd6b83aa
 # 2c7b1b5142d1498682193b8ddf312be9
 # d3c687f587e246afae5580f92212b8bf
 # e08e124fc28f4b9387b1f51cdaac7514
 # b64c4d99a2664addbd98a4853da33ffb
 # d46a9ac6036249879d896e722844e95c
 msgid "Private Gateways"
 msgstr ""

 #: ../../managing_networks.rst:3856
 #: ../../managing_networks.rst:4303
 #: ../../managing_networks.rst:4403
 #: ../../managing_networks.rst:4597
 #: ../../managing_networks.rst:5203
 #: ../../managing_networks.rst:5461
 #: ../../managing_networks.rst:5786
 #: ../../managing_networks.rst:5873
 #: ../../managing_networks.rst:5964
 #: ../../managing_networks.rst:6206
 #: ../../managing_networks.rst:6598
 # 37d72d2f76774b20a776f60ddc5797d4
 # ea8ad120e00141f783ec53364a03fa37
 # 53b019dc3a224529b82a9a7f37642b0a
 # 174ffd68b1d44ec799357f81eb5c2d25
 # 17bfe0fddda04252a302177c5719e3fe
 # 20a272af5b6d4dee9fc4907b9dd12560
 # 8583a6af04b644e191ff21fcff4f7b8b
 # 4823862431b0480cb61fd62d4b11e87f
 # 8664c330cd684d8595f27db6751ce17c
 # 0cea333fbc5849929e6c0690f226d6a2
 # 9cbdcd3b4ebc4b609e5ba6c56f2d7d5d
 msgid "Public IP Addresses"
 msgstr ""

 #: ../../managing_networks.rst:3860
 #: ../../managing_networks.rst:4307
 #: ../../managing_networks.rst:4407
 #: ../../managing_networks.rst:4601
 #: ../../managing_networks.rst:5207
 #: ../../managing_networks.rst:5465
 #: ../../managing_networks.rst:5790
 #: ../../managing_networks.rst:5877
 #: ../../managing_networks.rst:5968
 #: ../../managing_networks.rst:6210
 #: ../../managing_networks.rst:6602
 # b7bc8b8352a74af6b38cc39b1d686153
 # c1878fc16d7b47249752134a9b157b07
 # 8ac22811a0f1450f949764f8ecee4697
 # bde7d8d93cec4b4495105ef97d1f8a35
 # 36b78ef29e834917899c5a7a6ad5ddf4
 # 17f83c3836c64c299d8be56f678dc890
 # bef1f58c45f148ad92c455f3e9d92768
 # d944807c216342baab75254197b930e2
 # 079e9d4527484c839f6f49651f0d6265
 # a9b19cd8a8c44794879d831c50f88b49
 # c9c52762ec514a90a7c5522451754157
 msgid "Site-to-Site VPNs"
 msgstr ""

 #: ../../managing_networks.rst:3864
 #: ../../managing_networks.rst:4311
 #: ../../managing_networks.rst:4411
 #: ../../managing_networks.rst:4605
 #: ../../managing_networks.rst:5211
 #: ../../managing_networks.rst:5469
 #: ../../managing_networks.rst:5794
 #: ../../managing_networks.rst:5881
 #: ../../managing_networks.rst:5972
 #: ../../managing_networks.rst:6214
 #: ../../managing_networks.rst:6606
 # 963900352361453a82243e6d229692eb
 # 5e5ead7fdf824603be436cd39c0bd66a
 # 8dd99ffcfe074e1da4fd7aa2c3c78d32
 # 50e7c6af50d847eaa6334a0ece6cd748
 # 00ffbdac5a974718961391e109c231af
 # 56d7689551ad4cce804707382b489ce7
 # da4f7bdfc20746f6a1c7926fada1bf4d
 # 29a0461bac2a4799bcec9c2ab4af689a
 # 1d744b4deebf4f1da4c6a9e318786816
 # de2d02e42e094632be603e8156bdd703
 # 248e40d2acaf4b1a90d4ee955fea9370
 msgid "Network ACL Lists"
 msgstr ""

 #: ../../managing_networks.rst:3868
 #: ../../managing_networks.rst:5976
 #: ../../managing_networks.rst:6218
 #: ../../managing_networks.rst:6610
 # f9af791a07354f808cdca900691b32b7
 # 83506da7b26b43c6aac49b3833cad15f
 # 8c42254feeda4c91b2c629f4399e43a9
 # 52bed9f766b34abf852c6fa33e2daf5f
 msgid "In the Router node, select Public IP Addresses."
 msgstr ""

 #: ../../managing_networks.rst:3870
 #: ../../managing_networks.rst:5887
 #: ../../managing_networks.rst:5978
 #: ../../managing_networks.rst:6220
 #: ../../managing_networks.rst:6612
 # 145b00e12ee347eb8f5d58bf5d53ed27
 # 4c516df3427c4efe893ef5f2d57e86f4
 # bfeeb4dfe5484e2bbeb371cdef909b3a
 # 64a914a25f0945e1b1477c54b9ddc3b1
 # f6d1237ad0fc42f687f50159ffc308eb
 msgid "The IP Addresses page is displayed."
 msgstr ""

 #: ../../managing_networks.rst:3874
 # 763f43a3ab6e450284bf8a7e1565147e
 msgid "Click Source NAT IP address."
 msgstr ""

 #: ../../managing_networks.rst:3878
 # 3377f8365d824b5cb4828ba4192c7df8
 msgid "Click the Enable VPN button. |vpn-icon.png: button to enable VPN|"
 msgstr ""

 #: ../../managing_networks.rst:3880
 # e806264cf83c4fc9bdb76a8963ee8e41
 msgid "Click OK to confirm. The IPsec key is displayed in a pop-up window."
 msgstr ""

 #: ../../managing_networks.rst:3882
 # 941f5a62ecb044e1ae914539a331edf8
 msgid "Now, you need to add the VPN users."
 msgstr ""

 #: ../../managing_networks.rst:3886
 # ef3bbf0199894b05a9e58396bc91163e
 msgid "Click the Source NAT IP."
 msgstr ""

 #: ../../managing_networks.rst:3890
 # 40a450792e5c4aa0b261221e534b235e
 msgid "Select the VPN tab."
 msgstr ""

 #: ../../managing_networks.rst:3894
 # da11af4bc3934580904b25becbbe6000
 msgid "Add the username and the corresponding password of the user you wanted to add."
 msgstr ""

 #: ../../managing_networks.rst:3903
 # dc788926df844c83bc63fd1ed04b41b5
 msgid "Repeat the same steps to add the VPN users."
 msgstr ""

 #: ../../managing_networks.rst:3906
 # 9ee121c5c0434e4cbc3b97ae635890a9
 msgid "Using Remote Access VPN with Windows"
 msgstr ""

 #: ../../managing_networks.rst:3908
 # b3edb2c9bcc040aea7a114ca31d0f7d9
 msgid "The procedure to use VPN varies by Windows version. Generally, the user must edit the VPN properties and make sure that the default route is not the VPN. The following steps are for Windows L2TP clients on Windows Vista. The commands should be similar for other Windows versions."
 msgstr ""

 #: ../../managing_networks.rst:3915
 # 6ffeddfe41f049ca9722b714502eabfb
 msgid "Log in to the CloudStack UI and click on the source NAT IP for the account. The VPN tab should display the IPsec preshared key. Make a note of this and the source NAT IP. The UI also lists one or more users and their passwords. Choose one of these users, or, if none exists, add a user and password."
 msgstr ""

 #: ../../managing_networks.rst:3923
 # 8ca0fcc6fcfd40f28f0c675345fb5f4d
 msgid "On the Windows box, go to Control Panel, then select Network and Sharing center. Click Setup a connection or network."
 msgstr ""

 #: ../../managing_networks.rst:3928
 # e26b9786a5c64704989e389fb2bbce0d
 msgid "In the next dialog, select No, create a new connection."
 msgstr ""

 #: ../../managing_networks.rst:3932
 # 1c1b2aafb3674ec18a5da699bf60337f
 msgid "In the next dialog, select Use my Internet Connection (VPN)."
 msgstr ""

 #: ../../managing_networks.rst:3936
 # 98dfa80786574e6ea33f5b0c24fa4700
 msgid "In the next dialog, enter the source NAT IP from step `1 <#source-nat>`__ and give the connection a name. Check Don't connect now."
 msgstr ""

 #: ../../managing_networks.rst:3942
 # 533985edf60848b2a4ebf75ba177c150
 msgid "In the next dialog, enter the user name and password selected in step `1 <#source-nat>`__."
 msgstr ""

 #: ../../managing_networks.rst:3951
 # 2207831550714a73a1a41e5283a49cd9
 msgid "Go back to the Control Panel and click Network Connections to see the new connection. The connection is not active yet."
 msgstr ""

 #: ../../managing_networks.rst:3956
 # 1e1b6b1d256942c2a129691e49daceaf
 msgid "Right-click the new connection and select Properties. In the Properties dialog, select the Networking tab."
 msgstr ""

 #: ../../managing_networks.rst:3961
 # e4ea1219d3634755a9395cae6ab51e7f
 msgid "In Type of VPN, choose L2TP IPsec VPN, then click IPsec settings. Select Use preshared key. Enter the preshared key from step `1 <#source-nat>`__."
 msgstr ""

 #: ../../managing_networks.rst:3967
 # 67167335a22243b7988e640a0022857c
 msgid "The connection is ready for activation. Go back to Control Panel -> Network Connections and double-click the created connection."
 msgstr ""

 #: ../../managing_networks.rst:3972
 # 109e34abfe6f4522b5c8bc8bc60f2fe0
 msgid "Enter the user name and password from step `1 <#source-nat>`__."
 msgstr ""

 #: ../../managing_networks.rst:3975
 # 8c9ad7097eda4b19bb45090e25249724
 msgid "Using Remote Access VPN with Mac OS X"
 msgstr ""

 #: ../../managing_networks.rst:3977
 # 5f27e95b14c9475a8f7c56618a1cb515
 msgid "First, be sure you've configured the VPN settings in your CloudStack install. This section is only concerned with connecting via Mac OS X to your VPN."
 msgstr ""

 #: ../../managing_networks.rst:3981
 # dc2c20b5eb574ed2adada77dbf270a42
 msgid "Note, these instructions were written on Mac OS X 10.7.5. They may differ slightly in older or newer releases of Mac OS X."
 msgstr ""

 #: ../../managing_networks.rst:3986
 # 9c82432ffa134c1ca32ac34f08988c6d
 msgid "On your Mac, open System Preferences and click Network."
 msgstr ""

 #: ../../managing_networks.rst:3990
 # 9d97977e9c46436ab9fe30c172722d6b
 msgid "Make sure Send all traffic over VPN connection is not checked."
 msgstr ""

 #: ../../managing_networks.rst:3994
 # 63ac91c8dc0e497b80a34dfcae925d4b
 msgid "If your preferences are locked, you'll need to click the lock in the bottom left-hand corner to make any changes and provide your administrator credentials."
 msgstr ""

 #: ../../managing_networks.rst:4000
 # 3382a964d3e24d78ac26db4b8bda5128
 msgid "You will need to create a new network entry. Click the plus icon on the bottom left-hand side and you'll see a dialog that says \"Select the interface and enter a name for the new service.\" Select VPN from the Interface drop-down menu, and \"L2TP over IPSec\" for the VPN Type. Enter whatever you like within the \"Service Name\" field."
 msgstr ""

 #: ../../managing_networks.rst:4008
 # f99d122e9241423fbdcf6aa83fa0b08f
 msgid "You'll now have a new network interface with the name of whatever you put in the \"Service Name\" field. For the purposes of this example, we'll assume you've named it \"CloudStack.\" Click on that interface and provide the IP address of the interface for your VPN under the Server Address field, and the user name for your VPN under Account Name."
 msgstr ""

 #: ../../managing_networks.rst:4017
 # 90453b8ed4bb48a18163cc20cb129995
 msgid "Click Authentication Settings, and add the user's password under User Authentication and enter the pre-shared IPSec key in the Shared Secret field under Machine Authentication. Click OK."
 msgstr ""

 #: ../../managing_networks.rst:4023
 # 92408c82c4b04948a05c719bd048fad0
 msgid "You may also want to click the \"Show VPN status in menu bar\" but that's entirely optional."
 msgstr ""

 #: ../../managing_networks.rst:4028
 # 8190135a88884eb788e9ce54c71ca84f
 msgid "Now click \"Connect\" and you will be connected to the CloudStack VPN."
 msgstr ""

 #: ../../managing_networks.rst:4031
 # ac02eeb882404522aacc0cc8293ad641
 msgid "Setting Up a Site-to-Site VPN Connection"
 msgstr ""

 #: ../../managing_networks.rst:4033
 # e204e99f433b4e51a129efbe663d70ef
 msgid "A Site-to-Site VPN connection helps you establish a secure connection from an enterprise datacenter to the cloud infrastructure. This allows users to access the guest VMs by establishing a VPN connection to the virtual router of the account from a device in the datacenter of the enterprise. You can also establish a secure connection between two VPC setups or high availability zones in your environment. Having this facility eliminates the need to establish VPN connections to individual VMs."
 msgstr ""

 #: ../../managing_networks.rst:4042
 # 8e29e93424a04c189576052f05b8e717
 msgid "The difference from Remote VPN is that Site-to-site VPNs connects entire networks to each other, for example, connecting a branch office network to a company headquarters network. In a site-to-site VPN, hosts do not have VPN client software; they send and receive normal TCP/IP traffic through a VPN gateway."
 msgstr ""

 #: ../../managing_networks.rst:4048
 # 95bbe3e3d5554fb6bc7959c18174607c
 msgid "The supported endpoints on the remote datacenters are:"
 msgstr ""

 #: ../../managing_networks.rst:4052
 # 7e357cb1629f467485ba9145a75a81f7
 msgid "Cisco ISR with IOS 12.4 or later"
 msgstr ""

 #: ../../managing_networks.rst:4056
 # 854482adf7dd4aa393f38b07756645aa
 msgid "Juniper J-Series routers with JunOS 9.5 or later"
 msgstr ""

 #: ../../managing_networks.rst:4060
 # 96648d86950840f89dc81c431d60cfb6
 msgid "CloudStack virtual routers"
 msgstr ""

 #: ../../managing_networks.rst:4062
 # 1a74583da3a44bd39eb253120139a932
 msgid "In addition to the specific Cisco and Juniper devices listed above, the expectation is that any Cisco or Juniper device running on the supported operating systems are able to establish VPN connections."
 msgstr ""

 #: ../../managing_networks.rst:4064
 # 64b2db355ac04f0f9c59eae16613e881
 msgid "To set up a Site-to-Site VPN connection, perform the following:"
 msgstr ""

 #: ../../managing_networks.rst:4068
 # 796a6d7dfb6d46498818110494844639
 msgid "Create a Virtual Private Cloud (VPC)."
 msgstr ""

 #: ../../managing_networks.rst:4070
 # 8792529d67f442debcc4278090beb143
 msgid "See `Section 15.27, “Configuring a Virtual Private Cloud” <#configure-vpc>`__."
 msgstr ""

 #: ../../managing_networks.rst:4075
 # 2cde96423eaa4b00a89bc8638be81197
 msgid "Create a VPN Customer Gateway."
 msgstr ""

 #: ../../managing_networks.rst:4079
 # 24923d7a1f5b4c968069162a997e27e8
 msgid "Create a VPN gateway for the VPC that you created."
 msgstr ""

 #: ../../managing_networks.rst:4083
 # de7773aef60648c395206d22ebf8bb2b
 msgid "Create VPN connection from the VPC VPN gateway to the customer VPN gateway."
 msgstr ""

 #: ../../managing_networks.rst:4087
 # 44b042e04c484e1aa9425682b124b081
 msgid "Creating and Updating a VPN Customer Gateway"
 msgstr ""

 #: ../../managing_networks.rst:4089
 # c2ffba4bbe2d413aab0af270e8b2195f
 msgid "A VPN customer gateway can be connected to only one VPN gateway at a time."
 msgstr ""

 #: ../../managing_networks.rst:4091
 # 7b0767f2578b495595801fe8c497c3cd
 msgid "To add a VPN Customer Gateway:"
 msgstr ""

 #: ../../managing_networks.rst:4103
 #: ../../managing_networks.rst:4227
 # 78b54d35bae1432b9360ca8210ec82c5
 # d664ef6b19954f3381587a7ed6fc32de
 msgid "In the Select view, select VPN Customer Gateway."
 msgstr ""

 #: ../../managing_networks.rst:4107
 # a5c0098ccc8d4b1ca1ae5d86b3d43998
 msgid "Click Add VPN Customer Gateway."
 msgstr ""

 #: ../../managing_networks.rst:4109
 # e15f9c41a48247cfb47d45e73ea464a0
 msgid "|addvpncustomergateway.png: adding a customer gateway.|"
 msgstr ""

 #: ../../managing_networks.rst:4115
 # 2a792a8dedb2441a823f19c7d482ecf6
 msgid "**Name**: A unique name for the VPN customer gateway you create."
 msgstr ""

 #: ../../managing_networks.rst:4119
 # fcab4cadde164668976324bf647c7b59
 msgid "**Gateway**: The IP address for the remote gateway."
 msgstr ""

 #: ../../managing_networks.rst:4123
 # d1b2fa29c7dd4b39a5887883d6571ed1
 msgid "**CIDR list**: The guest CIDR list of the remote subnets. Enter a CIDR or a comma-separated list of CIDRs. Ensure that a guest CIDR list is not overlapped with the VPC’s CIDR, or another guest CIDR. The CIDR must be RFC1918-compliant."
 msgstr ""

 #: ../../managing_networks.rst:4130
 # 25ad295a35ca425cb4bb391680aad6a3
 msgid "**IPsec Preshared Key**: Preshared keying is a method where the endpoints of the VPN share a secret key. This key value is used to authenticate the customer gateway and the VPC VPN gateway to each other."
 msgstr ""

 #: ../../managing_networks.rst:4135
 # 60c393822e29418283ca3ba6907b44c3
 msgid "The IKE peers (VPN end points) authenticate each other by computing and sending a keyed hash of data that includes the Preshared key. If the receiving peer is able to create the same hash independently by using its Preshared key, it knows that both peers must share the same secret, thus authenticating the customer gateway."
 msgstr ""

 #: ../../managing_networks.rst:4139
 # cd6c278668824b58a2ffb239404e1012
 msgid "**IKE Encryption**: The Internet Key Exchange (IKE) policy for phase-1. The supported encryption algorithms are AES128, AES192, AES256, and 3DES. Authentication is accomplished through the Preshared Keys."
 msgstr ""

 #: ../../managing_networks.rst:4144
 # a3cf2ddfca704791903d9a0ffe07c87c
 msgid "The phase-1 is the first phase in the IKE process. In this initial negotiation phase, the two VPN endpoints agree on the methods to be used to provide security for the underlying IP traffic. The phase-1 authenticates the two VPN gateways to each other, by confirming that the remote gateway has a matching Preshared Key."
 msgstr ""

 #: ../../managing_networks.rst:4148
 # dc8ed8cb236e467084228a10a29908e7
 msgid "**IKE Hash**: The IKE hash for phase-1. The supported hash algorithms are SHA1 and MD5."
 msgstr ""

 #: ../../managing_networks.rst:4153
 # d119a30b80184f6e988be13f0013017b
 msgid "**IKE DH**: A public-key cryptography protocol which allows two parties to establish a shared secret over an insecure communications channel. The 1536-bit Diffie-Hellman group is used within IKE to establish session keys. The supported options are None, Group-5 (1536-bit) and Group-2 (1024-bit)."
 msgstr ""

 #: ../../managing_networks.rst:4161
 # d00e55d3a58247f4902732e8f104989a
 msgid "**ESP Encryption**: Encapsulating Security Payload (ESP) algorithm within phase-2. The supported encryption algorithms are AES128, AES192, AES256, and 3DES."
 msgstr ""

 #: ../../managing_networks.rst:4165
 # e29d497cac194439ba539800b8037ff5
 msgid "The phase-2 is the second phase in the IKE process. The purpose of IKE phase-2 is to negotiate IPSec security associations (SA) to set up the IPSec tunnel. In phase-2, new keying material is extracted from the Diffie-Hellman key exchange in phase-1, to provide session keys to use in protecting the VPN data flow."
 msgstr ""

 #: ../../managing_networks.rst:4169
 # d2b39ecbc1d44c3d9a6d78c78be321e0
 msgid "**ESP Hash**: Encapsulating Security Payload (ESP) hash for phase-2. Supported hash algorithms are SHA1 and MD5."
 msgstr ""

 #: ../../managing_networks.rst:4174
 # 47abcc0c6f134e1797ec70ee5355a74c
 msgid "**Perfect Forward Secrecy**: Perfect Forward Secrecy (or PFS) is the property that ensures that a session key derived from a set of long-term public and private keys will not be compromised. This property enforces a new Diffie-Hellman key exchange. It provides the keying material that has greater key material life and thereby greater resistance to cryptographic attacks. The available options are None, Group-5 (1536-bit) and Group-2 (1024-bit). The security of the key exchanges increase as the DH groups grow larger, as does the time of the exchanges."
 msgstr ""

 #: ../../managing_networks.rst:4184
 # e1411a88880e44b88adeaffac1d8ebd0
 msgid "When PFS is turned on, for every negotiation of a new phase-2 SA the two gateways must generate a new set of phase-1 keys. This adds an extra layer of protection that PFS adds, which ensures if the phase-2 SA’s have expired, the keys used for new phase-2 SA’s have not been generated from the current phase-1 keying material."
 msgstr ""

 #: ../../managing_networks.rst:4188
 # e61813c0a2954d6283658b02b58d4cb6
 msgid "**IKE Lifetime (seconds)**: The phase-1 lifetime of the security association in seconds. Default is 86400 seconds (1 day). Whenever the time expires, a new phase-1 exchange is performed."
 msgstr ""

 #: ../../managing_networks.rst:4194
 # cdae24a26b454b838fa3673a49c43446
 msgid "**ESP Lifetime (seconds)**: The phase-2 lifetime of the security association in seconds. Default is 3600 seconds (1 hour). Whenever the value is exceeded, a re-key is initiated to provide a new IPsec encryption and authentication session keys."
 msgstr ""

 #: ../../managing_networks.rst:4201
 # 99c4be56c93142898b61b090661e5295
 msgid "**Dead Peer Detection**: A method to detect an unavailable Internet Key Exchange (IKE) peer. Select this option if you want the virtual router to query the liveliness of its IKE peer at regular intervals. It’s recommended to have the same configuration of DPD on both side of VPN connection."
 msgstr ""

 #: ../../managing_networks.rst:4212
 # cbedab3aca3b46d3b729d10282337f33
 msgid "Updating and Removing a VPN Customer Gateway"
 msgstr ""

 #: ../../managing_networks.rst:4214
 # 3b6106b5e9714642a65edc3d3b5af11f
 msgid "You can update a customer gateway either with no VPN connection, or related VPN connection is in error state."
 msgstr ""

 #: ../../managing_networks.rst:4231
 # 0959bb19a36c4e70a01a974a38e149dc
 msgid "Select the VPN customer gateway you want to work with."
 msgstr ""

 #: ../../managing_networks.rst:4235
 # 32f107b7adf04cf2b7f795ae7aaa81c5
 msgid "To modify the required parameters, click the Edit VPN Customer Gateway button |edit.png: button to edit a VPN customer gateway|"
 msgstr ""

 #: ../../managing_networks.rst:4240
 # 37ada8df7369477881326c75d570e61a
 msgid "To remove the VPN customer gateway, click the Delete VPN Customer Gateway button |delete.png: button to remove a VPN customer gateway|"
 msgstr ""

 #: ../../managing_networks.rst:4248
 # 3236f66e39e94005b7667ae57885d653
 msgid "Creating a VPN gateway for the VPC"
 msgstr ""

 #: ../../managing_networks.rst:4267
 #: ../../managing_networks.rst:4363
 #: ../../managing_networks.rst:4557
 #: ../../managing_networks.rst:5658
 #: ../../managing_networks.rst:5750
 #: ../../managing_networks.rst:5928
 #: ../../managing_networks.rst:6562
 # 511d19b2e3504253b21f8f4fcabd362a
 # e01144a6325b4c608dab9c6379458a12
 # bc8da9bc86e542dda10770fce00c89e1
 # 501e01e53ce94f08a0f3d4fe216da110
 # 703482b61d324ba3890aeb460992e1ce
 # 9c1f460ca2e24825a0292fca00b7d23f
 # d4ac91902c79445aa3e7bbd80a3f6a03
 msgid "Click the Configure button of the VPC to which you want to deploy the VMs."
 msgstr ""

 #: ../../managing_networks.rst:4270
 #: ../../managing_networks.rst:4366
 #: ../../managing_networks.rst:4560
 #: ../../managing_networks.rst:5424
 #: ../../managing_networks.rst:5753
 #: ../../managing_networks.rst:5840
 #: ../../managing_networks.rst:5931
 #: ../../managing_networks.rst:6565
 # a65c97cf987e47c9860d773977e19aaa
 # 26d378a616bb4724a0345a027037983e
 # 9ec7e2c78f664ddea4b564bb44ba02f8
 # aa36d7fe59be4f04a4fb82dde257bbd7
 # 4a661989a9a741af84d8dbb14a16d6f0
 # 6e876e1c538f4945ab205b8415e88220
 # a461edb130a14c6cb41075603aee7d8f
 # 6a50c314b64e4c8ba8b1469a2e2c50c4
 msgid "The VPC page is displayed where all the tiers you created are listed in a diagram."
 msgstr ""

 #: ../../managing_networks.rst:4315
 #: ../../managing_networks.rst:4415
 #: ../../managing_networks.rst:4609
 # 0655419f6d7d4c40b18bd684d78fc5c2
 # 1b39c01ef614430598699e611dfc623e
 # 7dd952c2ddc347ef976ff0ac7e66de45
 msgid "Select Site-to-Site VPN."
 msgstr ""

 #: ../../managing_networks.rst:4317
 # 7b01ec42a0b64f369443a3737b23f0ed
 msgid "If you are creating the VPN gateway for the first time, selecting Site-to-Site VPN prompts you to create a VPN gateway."
 msgstr ""

 #: ../../managing_networks.rst:4322
 # 742940cb43e74b209faabb6ea27db456
 msgid "In the confirmation dialog, click Yes to confirm."
 msgstr ""

 #: ../../managing_networks.rst:4324
 # 7f7c54fe5bae49bab3b51cf86e863910
 msgid "Within a few moments, the VPN gateway is created. You will be prompted to view the details of the VPN gateway you have created. Click Yes to confirm."
 msgstr ""

 #: ../../managing_networks.rst:4328
 # 63a4578cd1dd4ad98122b9149082a8b3
 msgid "The following details are displayed in the VPN Gateway page:"
 msgstr ""

 #: ../../managing_networks.rst:4336
 # 1da96b1b044e4d78b49dcb8cc4099ba3
 msgid "Account"
 msgstr ""

 #: ../../managing_networks.rst:4340
 # 1c7f84073654461dae36083481c5502c
 msgid "Domain"
 msgstr ""

 #: ../../managing_networks.rst:4343
 # 030c20e667e445a5a3e530f0740204bf
 msgid "Creating a VPN Connection"
 msgstr ""

 #: ../../managing_networks.rst:4345
 # ac44534c69794320b653ebbb19e635f2
 msgid "CloudStack supports creating up to 8 VPN connections."
 msgstr ""

 #: ../../managing_networks.rst:4359
 # f6a9f2333b3b4aaabfdca1da35eaa6de
 msgid "All the VPCs that you create for the account are listed in the page."
 msgstr ""

 #: ../../managing_networks.rst:4371
 #: ../../managing_networks.rst:4565
 #: ../../managing_networks.rst:5429
 # adfb4ad12aa243d6ad05463c636503a1
 # 327d040bcabf40599dcf368f22a07853
 # e07568be318548718935c6472cbd9bb0
 msgid "Click the Settings icon."
 msgstr ""

 #: ../../managing_networks.rst:4417
 #: ../../managing_networks.rst:4611
 # e03ba2fa9183402c9c8486eb92516980
 # b9a7a824b72047c48214b440c8a54618
 msgid "The Site-to-Site VPN page is displayed."
 msgstr ""

 #: ../../managing_networks.rst:4421
 #: ../../managing_networks.rst:4615
 # 9389c31ffef740e38608620a80bee1b7
 # 7a249b578800445fbcb0b768547bd1c4
 msgid "From the Select View drop-down, ensure that VPN Connection is selected."
 msgstr ""

 #: ../../managing_networks.rst:4426
 # dce19ba002cf49d8af17ad7a380f2606
 msgid "Click Create VPN Connection."
 msgstr ""

 #: ../../managing_networks.rst:4428
 # 13474ca5db5a4cec8688a86f4e74350e
 msgid "The Create VPN Connection dialog is displayed:"
 msgstr ""

 #: ../../managing_networks.rst:4430
 # bbc62b37255b4285a412fe8fef5cdaf1
 msgid "|createvpnconnection.png: creating a VPN connection to the customer gateway.|"
 msgstr ""

 #: ../../managing_networks.rst:4435
 # 25353dbd7d224969878afd9f2f0a3d79
 msgid "Select the desired customer gateway."
 msgstr ""

 #: ../../managing_networks.rst:4439
 # b8751b7b869e41e89c732ca0a4e1b09b
 msgid "Select Passive if you want to establish a connection between two VPC virtual routers."
 msgstr ""

 #: ../../managing_networks.rst:4442
 # bc97e44ce1cf44878ebb684d36080bb9
 msgid "If you want to establish a connection between two VPC virtual routers, select Passive only on one of the VPC virtual routers, which waits for the other VPC virtual router to initiate the connection. Do not select Passive on the VPC virtual router that initiates the connection."
 msgstr ""

 #: ../../managing_networks.rst:4452
 # eadc5a4556aa44f28e4863d1c2d4fecc
 msgid "Within a few moments, the VPN Connection is displayed."
 msgstr ""

 #: ../../managing_networks.rst:4454
 # 8ed2f646df6a4d75857c6a8fac04e829
 msgid "The following information on the VPN connection is displayed:"
 msgstr ""

 #: ../../managing_networks.rst:4466
 # de7d0faafa2448e08a0d2493699c50c7
 msgid "State"
 msgstr ""

 #: ../../managing_networks.rst:4470
 # e3764a89a0ce4201889a0fadffcc09d5
 msgid "IPSec Preshared Key"
 msgstr ""

 #: ../../managing_networks.rst:4474
 # 8ca0096772074c439e2d9a61b38fd6ef
 msgid "IKE Policy"
 msgstr ""

 #: ../../managing_networks.rst:4478
 # 7ec1e33e92c64c29a0c177e54bc2cb9c
 msgid "ESP Policy"
 msgstr ""

 #: ../../managing_networks.rst:4481
 # e8af24af3aa041559e70bbc4f134e2a0
 msgid "Site-to-Site VPN Connection Between VPC Networks"
 msgstr ""

 #: ../../managing_networks.rst:4483
 # d32d29e70caf4194bc1f7aeb3159a85e
 msgid "CloudStack provides you with the ability to establish a site-to-site VPN connection between CloudStack virtual routers. To achieve that, add a passive mode Site-to-Site VPN. With this functionality, users can deploy applications in multiple Availability Zones or VPCs, which can communicate with each other by using a secure Site-to-Site VPN Tunnel."
 msgstr ""

 #: ../../managing_networks.rst:4489
 # aca5c3b83f3948419a10f421e9ebb6d3
 msgid "This feature is supported on all the hypervisors."
 msgstr ""

 #: ../../managing_networks.rst:4493
 # be029698755440618c84f5ada6cd0f0d
 msgid "Create two VPCs. For example, VPC A and VPC B."
 msgstr ""

 #: ../../managing_networks.rst:4495
 # d849133b3805422b85e8fb4b5c1e843f
 msgid "For more information, see `Section 15.27, “Configuring a Virtual Private Cloud” <#configure-vpc>`__."
 msgstr ""

 #: ../../managing_networks.rst:4500
 # baae8ca5cf4c4e53a308274c699e84e4
 msgid "Create VPN gateways on both the VPCs you created."
 msgstr ""

 #: ../../managing_networks.rst:4502
 # cf3881f3f2af4d808dd58ae3dd71a648
 msgid "For more information, see `Section 15.25.5.2, “Creating a VPN gateway for the VPC” <#create-vpn-gateway-for-vpc>`__."
 msgstr ""

 #: ../../managing_networks.rst:4507
 # 5f6abf3bf9f4445db1b846b5f06d95b7
 msgid "Create VPN customer gateway for both the VPCs."
 msgstr ""

 #: ../../managing_networks.rst:4509
 # d3b7adbcc13a4165815edae105d44fc2
 msgid "For more information, see `Section 15.25.5.1, “Creating and Updating a VPN Customer Gateway” <#create-vpn-customer-gateway>`__."
 msgstr ""

 #: ../../managing_networks.rst:4514
 # 77919bde060b4e299739c9be53a60eb8
 msgid "Enable a VPN connection on VPC A in passive mode."
 msgstr ""

 #: ../../managing_networks.rst:4516
 # 8ea54231bb2249e6ae3e0130c0296796
 msgid "For more information, see `Section 15.25.5.3, “Creating a VPN Connection” <#create-vpn-connection-vpc>`__."
 msgstr ""

 #: ../../managing_networks.rst:4519
 # 14ae7f0b268f42b0a79b9c961fe70c75
 msgid "Ensure that the customer gateway is pointed to VPC B. The VPN connection is shown in the Disconnected state."
 msgstr ""

 #: ../../managing_networks.rst:4524
 # f7ba3e9df3ac4049801e174c1b181c84
 msgid "Enable a VPN connection on VPC B."
 msgstr ""

 #: ../../managing_networks.rst:4526
 # 46b233eee044428188efb7edd2994c18
 msgid "Ensure that the customer gateway is pointed to VPC A. Because virtual router of VPC A, in this case, is in passive mode and is waiting for the virtual router of VPC B to initiate the connection, VPC B virtual router should not be in passive mode."
 msgstr ""

 #: ../../managing_networks.rst:4531
 # 017ef29bf6994c348cd076349e7eabaf
 msgid "The VPN connection is shown in the Disconnected state."
 msgstr ""

 #: ../../managing_networks.rst:4533
 # 849dd8090fb74fa9a6696467a54e91c4
 msgid "Creating VPN connection on both the VPCs initiates a VPN connection. Wait for few seconds. The default is 30 seconds for both the VPN connections to show the Connected state."
 msgstr ""

 #: ../../managing_networks.rst:4538
 # 8fb620a0c32649b8a3ad2e44584f8a13
 msgid "Restarting and Removing a VPN Connection"
 msgstr ""

 #: ../../managing_networks.rst:4618
 # 2d31e38ca55b40ac9e8ce765dd0d3692
 msgid "All the VPN connections you created are displayed."
 msgstr ""

 #: ../../managing_networks.rst:4622
 # 6aeb5be8241c49548bc0501a9f5b59f0
 msgid "Select the VPN connection you want to work with."
 msgstr ""

 #: ../../managing_networks.rst:4624
 # 410c2e173f9e414dab7470faec1c5598
 msgid "The Details tab is displayed."
 msgstr ""

 #: ../../managing_networks.rst:4628
 # 0516c8c707dd4a049cc801f1cc68fabb
 msgid "To remove a VPN connection, click the Delete VPN connection button |remove-vpn.png: button to remove a VPN connection|"
 msgstr ""

 #: ../../managing_networks.rst:4631
 # d570926d708b453e81da0da78f495cc1
 msgid "To restart a VPN connection, click the Reset VPN connection button present in the Details tab. |reset-vpn.png: button to reset a VPN connection|"
 msgstr ""

 #: ../../managing_networks.rst:4636
 # 73e93f585b5947af90ee476b4b71ca25
 msgid "About Inter-VLAN Routing (nTier Apps)"
 msgstr ""

 #: ../../managing_networks.rst:4638
 # e1cdf935aea64e868a11d602b20cf6c3
 msgid "Inter-VLAN Routing (nTier Apps) is the capability to route network traffic between VLANs. This feature enables you to build Virtual Private Clouds (VPC), an isolated segment of your cloud, that can hold multi-tier applications. These tiers are deployed on different VLANs that can communicate with each other. You provision VLANs to the tiers your create, and VMs can be deployed on different tiers. The VLANs are connected to a virtual router, which facilitates communication between the VMs. In effect, you can segment VMs by means of VLANs into different networks that can host multi-tier applications, such as Web, Application, or Database. Such segmentation by means of VLANs logically separate application VMs for higher security and lower broadcasts, while remaining physically connected to the same device."
 msgstr ""

 #: ../../managing_networks.rst:4651
 # 0d404f9da0ba4f8aa58cab4bb8994e7f
 msgid "This feature is supported on XenServer, KVM, and VMware hypervisors."
 msgstr ""

 #: ../../managing_networks.rst:4653
 # b48459f15e6a45318c79f097d562ed35
 msgid "The major advantages are:"
 msgstr ""

 #: ../../managing_networks.rst:4657
 # 37506050acaf40fda04742118858f794
 msgid "The administrator can deploy a set of VLANs and allow users to deploy VMs on these VLANs. A guest VLAN is randomly alloted to an account from a pre-specified set of guest VLANs. All the VMs of a certain tier of an account reside on the guest VLAN allotted to that account."
 msgstr ""

 #: ../../managing_networks.rst:4662
 # 06560c3f129242f0adf92f680f2274df
 msgid "A VLAN allocated for an account cannot be shared between multiple accounts."
 msgstr ""

 #: ../../managing_networks.rst:4666
 # 25eee29513534fd4bb12a269333bd787
 msgid "The administrator can allow users create their own VPC and deploy the application. In this scenario, the VMs that belong to the account are deployed on the VLANs allotted to that account."
 msgstr ""

 #: ../../managing_networks.rst:4672
 # 74e4b83e45024768b481877a882eba72
 msgid "Both administrators and users can create multiple VPCs. The guest network NIC is plugged to the VPC virtual router when the first VM is deployed in a tier."
 msgstr ""

 #: ../../managing_networks.rst:4678
 # 8f27053c8ee44c22b62581053f1910b1
 msgid "The administrator can create the following gateways to send to or receive traffic from the VMs:"
 msgstr ""

 #: ../../managing_networks.rst:4683
 # 52b5a0ec994b4c8daf1db4d35c2aa504
 msgid "**VPN Gateway**: For more information, see `Section 15.25.5.2, “Creating a VPN gateway for the VPC” <#create-vpn-gateway-for-vpc>`__."
 msgstr ""

 #: ../../managing_networks.rst:4689
 # 2e0edcccf95c4a1dbf3c151de2439616
 msgid "**Public Gateway**: The public gateway for a VPC is added to the virtual router when the virtual router is created for VPC. The public gateway is not exposed to the end users. You are not allowed to list it, nor allowed to create any static routes."
 msgstr ""

 #: ../../managing_networks.rst:4696
 # a659063093e948fcbec68ff5b117678c
 msgid "**Private Gateway**: For more information, see `Section 15.27.5, “Adding a Private Gateway to a VPC” <#add-gateway-vpc>`__."
 msgstr ""

 #: ../../managing_networks.rst:4701
 # f7e8baf7e8284cacb10f71e2b87529b9
 msgid "Both administrators and users can create various possible destinations-gateway combinations. However, only one gateway of each type can be used in a deployment."
 msgstr ""

 #: ../../managing_networks.rst:4705
 # 066d3de08ee44a9f8ce5fd196908df8a
 msgid "For example:"
 msgstr ""

 #: ../../managing_networks.rst:4709
 # 3b955ae841204566b4939325f181cea5
 msgid "**VLANs and Public Gateway**: For example, an application is deployed in the cloud, and the Web application VMs communicate with the Internet."
 msgstr ""

 #: ../../managing_networks.rst:4715
 # 070bb78cb77c45899817353d9d3afe40
 msgid "**VLANs, VPN Gateway, and Public Gateway**: For example, an application is deployed in the cloud; the Web application VMs communicate with the Internet; and the database VMs communicate with the on-premise devices."
 msgstr ""

 #: ../../managing_networks.rst:4722
 # 612fa4a2bba040fabccd21dbc46a3b91
 msgid "The administrator can define Network Access Control List (ACL) on the virtual router to filter the traffic among the VLANs or between the Internet and a VLAN. You can define ACL based on CIDR, port range, protocol, type code (if ICMP protocol is selected) and Ingress/Egress type."
 msgstr ""

 #: ../../managing_networks.rst:4728
 # 754f1b2b5a1b4f92b6ef9530907e259d
 msgid "The following figure shows the possible deployment scenarios of a Inter-VLAN setup:"
 msgstr ""

 #: ../../managing_networks.rst:4731
 # 536386b54906472e8b8ddd90dab72f0b
 msgid "|mutltier.png: a multi-tier setup.|"
 msgstr ""

 #: ../../managing_networks.rst:4733
 # a610a58c65f0482dbd12dd339ec17888
 msgid "To set up a multi-tier Inter-VLAN deployment, see `Section 15.27, “Configuring a Virtual Private Cloud” <#configure-vpc>`__."
 msgstr ""

 #: ../../managing_networks.rst:4737
 # 8c6f5c047656431f9efa0775f05f20e9
 msgid "Configuring a Virtual Private Cloud"
 msgstr ""

 #: ../../managing_networks.rst:4740
 # 51dbe5ce31064783a34b81a1169ce257
 msgid "About Virtual Private Clouds"
 msgstr ""

 #: ../../managing_networks.rst:4742
 # 36f1958de4dd4cd085e8e06b28b118b3
 msgid "CloudStack Virtual Private Cloud is a private, isolated part of CloudStack. A VPC can have its own virtual network topology that resembles a traditional physical network. You can launch VMs in the virtual network that can have private addresses in the range of your choice, for example: 10.0.0.0/16. You can define network tiers within your VPC network range, which in turn enables you to group similar kinds of instances based on IP address range."
 msgstr ""

 #: ../../managing_networks.rst:4750
 # 231f37879fac4621b48e0c39fc46c2f1
 msgid "For example, if a VPC has the private range 10.0.0.0/16, its guest networks can have the network ranges 10.0.1.0/24, 10.0.2.0/24, 10.0.3.0/24, and so on."
 msgstr ""

 #: ../../managing_networks.rst:4757
 # b1aa5c2f5259429f9ef169a6f5ca6f97
 msgid "A VPC is comprised of the following network components:"
 msgstr ""

 #: ../../managing_networks.rst:4761
 # 81f964d528e6402ba3e1428cddb674bd
 msgid "**VPC**: A VPC acts as a container for multiple isolated networks that can communicate with each other via its virtual router."
 msgstr ""

 #: ../../managing_networks.rst:4766
 # c94ea42c1d514b648ea93bc841f47eeb
 msgid "**Network Tiers**: Each tier acts as an isolated network with its own VLANs and CIDR list, where you can place groups of resources, such as VMs. The tiers are segmented by means of VLANs. The NIC of each tier acts as its gateway."
 msgstr ""

 #: ../../managing_networks.rst:4773
 # 685738b4e44748a9ac538dfd407f1e6e
 msgid "**Virtual Router**: A virtual router is automatically created and started when you create a VPC. The virtual router connect the tiers and direct traffic among the public gateway, the VPN gateways, and the NAT instances. For each tier, a corresponding NIC and IP exist in the virtual router. The virtual router provides DNS and DHCP services through its IP."
 msgstr ""

 #: ../../managing_networks.rst:4782
 # 4ecd641c04c5446da55dc72dd42babb9
 msgid "**Public Gateway**: The traffic to and from the Internet routed to the VPC through the public gateway. In a VPC, the public gateway is not exposed to the end user; therefore, static routes are not support for the public gateway."
 msgstr ""

 #: ../../managing_networks.rst:4789
 # 64b40911d3fa4da8bd9fc7c20cd350ed
 msgid "**Private Gateway**: All the traffic to and from a private network routed to the VPC through the private gateway. For more information, see `Section 15.27.5, “Adding a Private Gateway to a VPC” <#add-gateway-vpc>`__."
 msgstr ""

 #: ../../managing_networks.rst:4796
 # efdd8a661d1a4f77a361eeefed2f8f82
 msgid "**VPN Gateway**: The VPC side of a VPN connection."
 msgstr ""

 #: ../../managing_networks.rst:4800
 # c30d05145eec45938cb3f8a99bf3eabe
 msgid "**Site-to-Site VPN Connection**: A hardware-based VPN connection between your VPC and your datacenter, home network, or co-location facility. For more information, see `Section 15.25.5, “Setting Up a Site-to-Site VPN Connection” <#site-to-site-vpn>`__."
 msgstr ""

 #: ../../managing_networks.rst:4807
 # 83a3f96194b24badaa38506d70b11009
 msgid "**Customer Gateway**: The customer side of a VPN Connection. For more information, see `Section 15.25.5.1, “Creating and Updating a VPN Customer Gateway” <#create-vpn-customer-gateway>`__."
 msgstr ""

 #: ../../managing_networks.rst:4813
 # cb437b168320462f8765d7949d2c2d1d
 msgid "**NAT Instance**: An instance that provides Port Address Translation for instances to access the Internet via the public gateway. For more information, see `Section 15.27.10, “Enabling or Disabling Static NAT on a VPC” <#enable-disable-static-nat-vpc>`__."
 msgstr ""

 #: ../../managing_networks.rst:4820
 # 2dcef6cbbdf64b628e2fb8898dadeac0
 msgid "**Network ACL**: Network ACL is a group of Network ACL items. Network ACL items are nothing but numbered rules that are evaluated in order, starting with the lowest numbered rule. These rules determine whether traffic is allowed in or out of any tier associated with the network ACL. For more information, see `Section 15.27.4, “Configuring Network Access Control List” <#configure-acl>`__."
 msgstr ""

 #: ../../managing_networks.rst:4830
 # 8021e62528a3456283a94683c84a5a30
 msgid "In a VPC, the following four basic options of network architectures are present:"
 msgstr ""

 #: ../../managing_networks.rst:4835
 # 79c69f1431cf41f992cf738d7291af75
 msgid "VPC with a public gateway only"
 msgstr ""

 #: ../../managing_networks.rst:4839
 # 3b7dc9ded7fd4111a027ec9623f8ab3b
 msgid "VPC with public and private gateways"
 msgstr ""

 #: ../../managing_networks.rst:4843
 # 840b7b65488a4ddab62c2f20cbc5626b
 msgid "VPC with public and private gateways and site-to-site VPN access"
 msgstr ""

 #: ../../managing_networks.rst:4847
 # 7b5faa4272c845e5abe17edbc0486fc9
 msgid "VPC with a private gateway only and site-to-site VPN access"
 msgstr ""

 #: ../../managing_networks.rst:4852
 # 51bfc1cebf464c5bbc3d58dba695d58a
 msgid "You can connect your VPC to:"
 msgstr ""

 #: ../../managing_networks.rst:4856
 # a47fa88e4c984151aaf4250a0542efbd
 msgid "The Internet through the public gateway."
 msgstr ""

 #: ../../managing_networks.rst:4860
 # 75610d2bcbf3457085a4d69186ac178b
 msgid "The corporate datacenter by using a site-to-site VPN connection through the VPN gateway."
 msgstr ""

 #: ../../managing_networks.rst:4865
 # 25f83464cf7d423f89842ec7bb5b2427
 msgid "Both the Internet and your corporate datacenter by using both the public gateway and a VPN gateway."
 msgstr ""

 #: ../../managing_networks.rst:4871
 # b4a8939012bd4d57becfcf7bf2b208b7
 msgid "Consider the following before you create a VPC:"
 msgstr ""

 #: ../../managing_networks.rst:4875
 # 8f4b07dab7f74e4e84325dfa7c3fb31a
 msgid "A VPC, by default, is created in the enabled state."
 msgstr ""

 #: ../../managing_networks.rst:4879
 # e0eddf322bcc4f58899c1d0ec98ff3a6
 msgid "A VPC can be created in Advance zone only, and can't belong to more than one zone at a time."
 msgstr ""

 #: ../../managing_networks.rst:4884
 # 94e822d9f9f4432183d26a7458ee0a7b
 msgid "The default number of VPCs an account can create is 20. However, you can change it by using the max.account.vpcs global parameter, which controls the maximum number of VPCs an account is allowed to create."
 msgstr ""

 #: ../../managing_networks.rst:4890
 # ba83295468c54bd8ac9701b0ac75e1c6
 msgid "The default number of tiers an account can create within a VPC is 3. You can configure this number by using the vpc.max.networks parameter."
 msgstr ""

 #: ../../managing_networks.rst:4896
 # b3365ac8ef2d4de2a5bdcdcadcb9df03
 msgid "Each tier should have an unique CIDR in the VPC. Ensure that the tier's CIDR should be within the VPC CIDR range."
 msgstr ""

 #: ../../managing_networks.rst:4901
 # 4482ffae03974738b00591ed147ac312
 msgid "A tier belongs to only one VPC."
 msgstr ""

 #: ../../managing_networks.rst:4905
 # 33f875bfaa2f449eab177c836ba3e595
 msgid "All network tiers inside the VPC should belong to the same account."
 msgstr ""

 #: ../../managing_networks.rst:4909
 # 381f803ea9004045ab58f5d055f536c7
 msgid "When a VPC is created, by default, a SourceNAT IP is allocated to it. The Source NAT IP is released only when the VPC is removed."
 msgstr ""

 #: ../../managing_networks.rst:4914
 # 428718bf75c8495b9390710e65fbbdff
 msgid "A public IP can be used for only one purpose at a time. If the IP is a sourceNAT, it cannot be used for StaticNAT or port forwarding."
 msgstr ""

 #: ../../managing_networks.rst:4919
 # 38bd1f10ec864e648bba9fae452daf4a
 msgid "The instances can only have a private IP address that you provision. To communicate with the Internet, enable NAT to an instance that you launch in your VPC."
 msgstr ""

 #: ../../managing_networks.rst:4925
 # b39e4604f3bd46c9ae5b2bb9ea9b9ed8
 msgid "Only new networks can be added to a VPC. The maximum number of networks per VPC is limited by the value you specify in the vpc.max.networks parameter. The default value is three."
 msgstr ""

 #: ../../managing_networks.rst:4931
 # 82f230ac4a4c4454bebda33b860a5144
 msgid "The load balancing service can be supported by only one tier inside the VPC."
 msgstr ""

 #: ../../managing_networks.rst:4936
 # 674409f549534664943c157e86b4751f
 msgid "If an IP address is assigned to a tier:"
 msgstr ""

 #: ../../managing_networks.rst:4940
 # fff45697eaa74169a43b238c7cb7d850
 msgid "That IP can't be used by more than one tier at a time in the VPC. For example, if you have tiers A and B, and a public IP1, you can create a port forwarding rule by using the IP either for A or B, but not for both."
 msgstr ""

 #: ../../managing_networks.rst:4947
 # bb2829ee8fc143579a544bca2b190a12
 msgid "That IP can't be used for StaticNAT, load balancing, or port forwarding rules for another guest network inside the VPC."
 msgstr ""

 #: ../../managing_networks.rst:4952
 # f30c68c2eb624318b01d472bc88fb934
 msgid "Remote access VPN is not supported in VPC networks."
 msgstr ""

 #: ../../managing_networks.rst:4955
 # 664f092fb65d4f7eb7b57597dc20eee3
 msgid "Adding a Virtual Private Cloud"
 msgstr ""

 #: ../../managing_networks.rst:4957
 # d8f0f8db2b2b48b5993868b9be41e740
 msgid "When creating the VPC, you simply provide the zone and a set of IP addresses for the VPC network address space. You specify this set of addresses in the form of a Classless Inter-Domain Routing (CIDR) block."
 msgstr ""

 #: ../../managing_networks.rst:4975
 # 68e44a29c9cd46b3814ef56e13a45415
 msgid "Click Add VPC. The Add VPC page is displayed as follows:"
 msgstr ""

 #: ../../managing_networks.rst:4977
 # 663db894b6d44e05bad28dd1cf0ff9b4
 msgid "|add-vpc.png: adding a vpc.|"
 msgstr ""

 #: ../../managing_networks.rst:4983
 # 9b71ee6298ad4ff8b3677dd885a61d39
 msgid "**Name**: A short name for the VPC that you are creating."
 msgstr ""

 #: ../../managing_networks.rst:4987
 # 4aa804d3171d4eb8a0a95651b83f5c29
 msgid "**Description**: A brief description of the VPC."
 msgstr ""

 #: ../../managing_networks.rst:4991
 # f4eeaac96959486781023464ab4c5c24
 msgid "**Zone**: Choose the zone where you want the VPC to be available."
 msgstr ""

 #: ../../managing_networks.rst:4995
 # 990e793a0bc5420baa6b59dd61e90efe
 msgid "**Super CIDR for Guest Networks**: Defines the CIDR range for all the tiers (guest networks) within a VPC. When you create a tier, ensure that its CIDR is within the Super CIDR value you enter. The CIDR must be RFC1918 compliant."
 msgstr ""

 #: ../../managing_networks.rst:5002
 # 4af670c01148481cb56fc6fee83bdcb1
 msgid "**DNS domain for Guest Networks**: If you want to assign a special domain name, specify the DNS suffix. This parameter is applied to all the tiers within the VPC. That implies, all the tiers you create in the VPC belong to the same DNS domain. If the parameter is not specified, a DNS domain name is generated automatically."
 msgstr ""

 #: ../../managing_networks.rst:5010
 # 990485d745a04f93926573a279396d9b
 msgid "**Public Load Balancer Provider**: You have two options: VPC Virtual Router and Netscaler."
 msgstr ""

 #: ../../managing_networks.rst:5018
 # 23e6b6bbbd57448185253c915b8ad5f0
 msgid "Adding Tiers"
 msgstr ""

 #: ../../managing_networks.rst:5020
 # ff39814e4cfe42168898bec95c63bd64
 msgid "Tiers are distinct locations within a VPC that act as isolated networks, which do not have access to other tiers by default. Tiers are set up on different VLANs that can communicate with each other by using a virtual router. Tiers provide inexpensive, low latency network connectivity to other tiers within the VPC."
 msgstr ""

 #: ../../managing_networks.rst:5038
 #: ../../managing_networks.rst:6682
 # 112dec95edd24541b50be348ca4879f1
 # d6583ef8f25f444f92aa0c16debd9ba7
 msgid "All the VPC that you have created for the account is listed in the page."
 msgstr ""

 #: ../../managing_networks.rst:5041
 # 6b489291378641d99c7e3dfc771af3de
 msgid "The end users can see their own VPCs, while root and domain admin can see any VPC they are authorized to see."
 msgstr ""

 #: ../../managing_networks.rst:5045
 #: ../../managing_networks.rst:6687
 # 4996cd7a3c8e49ce842db18908305e3e
 # ee5e856c97144914852fcc5b7106e740
 msgid "Click the Configure button of the VPC for which you want to set up tiers."
 msgstr ""

 #: ../../managing_networks.rst:5050
 # f345aeb0c14d4ebe9c779e4ef8d45a80
 msgid "Click Create network."
 msgstr ""

 #: ../../managing_networks.rst:5052
 # a138378a695c4ffb85e071e4e5668647
 msgid "The Add new tier dialog is displayed, as follows:"
 msgstr ""

 #: ../../managing_networks.rst:5054
 # 5e067e1a2c184e638b51030209dcd153
 msgid "|add-tier.png: adding a tier to a vpc.|"
 msgstr ""

 #: ../../managing_networks.rst:5056
 # 42a84e496afd4a909af40619de500c02
 msgid "If you have already created tiers, the VPC diagram is displayed. Click Create Tier to add a new tier."
 msgstr ""

 #: ../../managing_networks.rst:5067
 # 95298a50ccd3433a8ea1f2fed9df787d
 msgid "**Name**: A unique name for the tier you create."
 msgstr ""

 #: ../../managing_networks.rst:5071
 # a6969eda2b5e4e61b5520e0c523e7064
 msgid "**Network Offering**: The following default network offerings are listed: Internal LB, DefaultIsolatedNetworkOfferingForVpcNetworksNoLB, DefaultIsolatedNetworkOfferingForVpcNetworks"
 msgstr ""

 #: ../../managing_networks.rst:5076
 # 9963ce9168d74acaaf8ab3c9289533c2
 msgid "In a VPC, only one tier can be created by using LB-enabled network offering."
 msgstr ""

 #: ../../managing_networks.rst:5088
 # 9a666245953b4d769667d62a479655f8
 msgid "**VLAN**: The VLAN ID for the tier that the root admin creates."
 msgstr ""

 #: ../../managing_networks.rst:5090
 # 43718c048f834c0fbbe95d0255e600b2
 msgid "This option is only visible if the network offering you selected is VLAN-enabled."
 msgstr ""

 #: ../../managing_networks.rst:5093
 # e984dca5699d49549e497366d7fa6cfa
 msgid "For more information, see the Assigning VLANs to Isolated Networks section in the CloudStack Administration Guide."
 msgstr ""

 #: ../../managing_networks.rst:5110
 # fd0893c5f3f244cd959a9e3da04a3244
 msgid "Continue with configuring access control list for the tier."
 msgstr ""

 #: ../../managing_networks.rst:5113
 # 9ecb7309fd5044a7b9252ea6777743d3
 msgid "Configuring Network Access Control List"
 msgstr ""

 #: ../../managing_networks.rst:5115
 # f8bec17b79944b3c941a1ba25d55f57c
 msgid "Define Network Access Control List (ACL) on the VPC virtual router to control incoming (ingress) and outgoing (egress) traffic between the VPC tiers, and the tiers and Internet. By default, all incoming traffic to the guest networks is blocked and all outgoing traffic from guest networks is allowed, once you add an ACL rule for outgoing traffic, then only outgoing traffic specified in this ACL rule is allowed, the rest is blocked. To open the ports, you must create a new network ACL. The network ACLs can be created for the tiers only if the NetworkACL service is supported."
 msgstr ""

 #: ../../managing_networks.rst:5126
 # 883738de9a0f4f9cb19d5381137f41b7
 msgid "About Network ACL Lists"
 msgstr ""

 #: ../../managing_networks.rst:5128
 # 0013030c60f54306b754480ec7cd56ee
 msgid "In CloudStack terminology, Network ACL is a group of Network ACL items. Network ACL items are nothing but numbered rules that are evaluated in order, starting with the lowest numbered rule. These rules determine whether traffic is allowed in or out of any tier associated with the network ACL. You need to add the Network ACL items to the Network ACL, then associate the Network ACL with a tier. Network ACL is associated with a VPC and can be assigned to multiple VPC tiers within a VPC. A Tier is associated with a Network ACL at all the times. Each tier can be associated with only one ACL."
 msgstr ""

 #: ../../managing_networks.rst:5138
 # cd30ab4ab3de4e19944373cf3ad29ee4
 msgid "The default Network ACL is used when no ACL is associated. Default behavior is all the incoming traffic is blocked and outgoing traffic is allowed from the tiers. Default network ACL cannot be removed or modified. Contents of the default Network ACL is:"
 msgstr ""

 #: ../../managing_networks.rst:5144
 # 0ffe15ce91bb46a181dd0f5f4352b037
 msgid "Rule"
 msgstr ""

 #: ../../managing_networks.rst:5144
 # fd278173e97b408ab779ea644ba8c05b
 msgid "Protocol"
 msgstr ""

 #: ../../managing_networks.rst:5144
 # c8650729b8784c91b63c3256b2a6da0c
 msgid "Traffic type"
 msgstr ""

 #: ../../managing_networks.rst:5144
 # 32be36b683c640f6bcb229e524bd7249
 msgid "Action"
 msgstr ""

 #: ../../managing_networks.rst:5146
 #: ../../managing_networks.rst:5147
 # e2de15ead8bd422c873fa6c50b4a42a9
 # b05631934bf140be841f32970809a285
 msgid "All"
 msgstr ""

 #: ../../managing_networks.rst:5146
 # 8449d6b79ab54e9a9399ccd13ab059ef
 msgid "Ingress"
 msgstr ""

 #: ../../managing_networks.rst:5146
 #: ../../managing_networks.rst:5147
 # 1eeb4aa87118496eb955beec9206e674
 # bb21769e9775425ab94a56a56b43cba9
 msgid "0.0.0.0/0"
 msgstr ""

 #: ../../managing_networks.rst:5147
 # bd09cdb155ae4f8887094159bb0b7ebc
 msgid "Egress"
 msgstr ""

 #: ../../managing_networks.rst:5152
 # d149d46d02694b94a0f6d46db5982fb2
 msgid "Creating ACL Lists"
 msgstr ""

 #: ../../managing_networks.rst:5215
 #: ../../managing_networks.rst:5257
 # b101c0f175594179ac9f4f323f335d7d
 # 2154f606bc904937a85a8fc00bbf23b5
 msgid "Select Network ACL Lists."
 msgstr ""

 #: ../../managing_networks.rst:5217
 # 517402dccaae4fa1befd493301ea949d
 msgid "The following default rules are displayed in the Network ACLs page: default\\_allow, default\\_deny."
 msgstr ""

 #: ../../managing_networks.rst:5222
 # 37dadcca056740d98d2f961f0f2c17b1
 msgid "Click Add ACL Lists, and specify the following:"
 msgstr ""

 #: ../../managing_networks.rst:5226
 # ec72127f5c594aa88546a51a9805357b
 msgid "**ACL List Name**: A name for the ACL list."
 msgstr ""

 #: ../../managing_networks.rst:5230
 # 4cd0a64154f14244bc624f4c6a44ba55
 msgid "**Description**: A short description of the ACL list that can be displayed to users."
 msgstr ""

 #: ../../managing_networks.rst:5234
 # 799d333035784cebbc2ca6c0f6b13302
 msgid "Creating an ACL Rule"
 msgstr ""

 #: ../../managing_networks.rst:5259
 # a408d9b21c4d4e77bc436d240b7e2d85
 msgid "In addition to the custom ACL lists you have created, the following default rules are displayed in the Network ACLs page: default\\_allow, default\\_deny."
 msgstr ""

 #: ../../managing_networks.rst:5265
 #: ../../managing_networks.rst:5390
 # fc49dc48022a4e5d8e7ede413dce0a42
 # 4d7fc5b5b8474ee9ab87791bb3046cc3
 msgid "Select the desired ACL list."
 msgstr ""

 #: ../../managing_networks.rst:5269
 # aa57fa68748b4e6cb1571d8c78b4cb13
 msgid "Select the ACL List Rules tab."
 msgstr ""

 #: ../../managing_networks.rst:5271
 # e11ef52e1bd54820a55d90c66c4566b3
 msgid "To add an ACL rule, fill in the following fields to specify what kind of network traffic is allowed in the VPC."
 msgstr ""

 #: ../../managing_networks.rst:5276
 # c1b746e2fd69497a9973a9c4dda74961
 msgid "**Rule Number**: The order in which the rules are evaluated."
 msgstr ""

 #: ../../managing_networks.rst:5280
 # 755200e08f8b410db152ea927ecdca34
 msgid "**CIDR**: The CIDR acts as the Source CIDR for the Ingress rules, and Destination CIDR for the Egress rules. To accept traffic only from or to the IP addresses within a particular address block, enter a CIDR or a comma-separated list of CIDRs. The CIDR is the base IP address of the incoming traffic. For example, 192.168.0.0/22. To allow all CIDRs, set to 0.0.0.0/0."
 msgstr ""

 #: ../../managing_networks.rst:5289
 # 6bbf467d779940e1aab67d2c17766733
 msgid "**Action**: What action to be taken. Allow traffic or block."
 msgstr ""

 #: ../../managing_networks.rst:5293
 # 0276a8206f3045e5899fcfef28a96a45
 msgid "**Protocol**: The networking protocol that sources use to send traffic to the tier. The TCP and UDP protocols are typically used for data exchange and end-user communications. The ICMP protocol is typically used to send error messages or network monitoring data. All supports all the traffic. Other option is Protocol Number."
 msgstr ""

 #: ../../managing_networks.rst:5302
 # 5d95d28eac034c5c916ed60985a61d21
 msgid "**Start Port**, **End Port** (TCP, UDP only): A range of listening ports that are the destination for the incoming traffic. If you are opening a single port, use the same number in both fields."
 msgstr ""

 #: ../../managing_networks.rst:5308
 # 08af29136df449deaa80cb9658d340f6
 msgid "**Protocol Number**: The protocol number associated with IPv4 or IPv6. For more information, see `Protocol Numbers <http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xml>`__."
 msgstr ""

 #: ../../managing_networks.rst:5314
 # ace82b72ecd94c41acc8598b519e2d14
 msgid "**ICMP Type**, **ICMP Code** (ICMP only): The type of message and error code that will be sent."
 msgstr ""

 #: ../../managing_networks.rst:5319
 # 2a8d8f3558b04c418b77c1f1b7e72d85
 msgid "**Traffic Type**: The type of traffic: Incoming or outgoing."
 msgstr ""

 #: ../../managing_networks.rst:5323
 # 9e09340a2c044bbdb9ca933949254900
 msgid "Click Add. The ACL rule is added."
 msgstr ""

 #: ../../managing_networks.rst:5325
 # 1968e40aada04c1db4e857f65930370d
 msgid "You can edit the tags assigned to the ACL rules and delete the ACL rules you have created. Click the appropriate button in the Details tab."
 msgstr ""

 #: ../../managing_networks.rst:5330
 # fff83eb96ab44a699a972bce5ef45a04
 msgid "Creating a Tier with Custom ACL List"
 msgstr ""

 #: ../../managing_networks.rst:5334
 #: ../../managing_networks.rst:5359
 # f12e2dba06944099b85dd1ea004364d5
 # e18fc8b196b0486fb6cd03a19e76a01d
 msgid "Create a VPC."
 msgstr ""

 #: ../../managing_networks.rst:5338
 #: ../../managing_networks.rst:5371
 # 6e0ed40f7fef470a89d1362b855c619d
 # 4a20f18e2e3f41059234087d027679ce
 msgid "Create a custom ACL list."
 msgstr ""

 #: ../../managing_networks.rst:5342
 #: ../../managing_networks.rst:5375
 # b5b4a3b8580a4383b65681e22188b976
 # 54db75d977d64c6d911dbe6f4742e0f2
 msgid "Add ACL rules to the ACL list."
 msgstr ""

 #: ../../managing_networks.rst:5346
 #: ../../managing_networks.rst:5363
 # e11c0a6e179d4cbab03f5e4df6b0d34c
 # 22398c60ca484e6f95dd827641a3ebbc
 msgid "Create a tier in the VPC."
 msgstr ""

 #: ../../managing_networks.rst:5348
 # 99892b8596be4b2285f7bb8edfb191a2
 msgid "Select the desired ACL list while creating a tier."
 msgstr ""

 #: ../../managing_networks.rst:5355
 # 2c486359bfd24312a59e5fd1dd7bc71d
 msgid "Assigning a Custom ACL List to a Tier"
 msgstr ""

 #: ../../managing_networks.rst:5367
 # 05e3fc39d3e94c7f829ec8cb6046bc61
 msgid "Associate the tier with the default ACL rule."
 msgstr ""

 #: ../../managing_networks.rst:5379
 # 156229b3ab074f9c9a49d3d9c53d6b52
 msgid "Select the tier for which you want to assign the custom ACL."
 msgstr ""

 #: ../../managing_networks.rst:5383
 # 33c7f407412544c3bd8dc80b0deb4108
 msgid "Click the Replace ACL List icon. |replace-acl-icon.png: button to replace an ACL list|"
 msgstr ""

 #: ../../managing_networks.rst:5386
 # 769a8ffc3b73478994f18f35ad3a4f97
 msgid "The Replace ACL List dialog is displayed."
 msgstr ""

 #: ../../managing_networks.rst:5397
 # 59b868549d104d3a80e798178bdef667
 msgid "Adding a Private Gateway to a VPC"
 msgstr ""

 #: ../../managing_networks.rst:5399
 # 67c51696fdc0490ebeaa99b6e4bfc5bd
 msgid "A private gateway can be added by the root admin only. The VPC private network has 1:1 relationship with the NIC of the physical network. You can configure multiple private gateways to a single VPC. No gateways with duplicated VLAN and IP are allowed in the same data center."
 msgstr ""

 #: ../../managing_networks.rst:5421
 # d5835ef9009f4c14873cc04a1210faa0
 msgid "Click the Configure button of the VPC to which you want to configure load balancing rules."
 msgstr ""

 #: ../../managing_networks.rst:5431
 #: ../../managing_networks.rst:5756
 #: ../../managing_networks.rst:5843
 # 5efaa5f18c7844a4b06a038676b273df
 # 36ecb777b69f4c269f586a8a44a42c4a
 # 4244a80585044c06abd14959aa47e3f8
 msgid "The following options are displayed."
 msgstr ""

 #: ../../managing_networks.rst:5473
 # c0a219ae8fd5473d87a77217b9d95417
 msgid "Select Private Gateways."
 msgstr ""

 #: ../../managing_networks.rst:5475
 # 497c5bbf4ce4494b984d67f98954deab
 msgid "The Gateways page is displayed."
 msgstr ""

 #: ../../managing_networks.rst:5479
 # cdead55635a740399b023f2897b98f59
 msgid "Click Add new gateway:"
 msgstr ""

 #: ../../managing_networks.rst:5481
 # 6eb77c1dc83c4cfe938dfc899ea6e662
 msgid "|add-new-gateway-vpc.png: adding a private gateway for the VPC.|"
 msgstr ""

 #: ../../managing_networks.rst:5489
 # afb65eddf4dd4dc182850cdc8514f923
 msgid "**Physical Network**: The physical network you have created in the zone."
 msgstr ""

 #: ../../managing_networks.rst:5494
 # e7b58bd2dff34b0db44aab8f2c6245b2
 msgid "**IP Address**: The IP address associated with the VPC gateway."
 msgstr ""

 #: ../../managing_networks.rst:5498
 # 8129fbaeec504b9b945efb8751c45385
 msgid "**Gateway**: The gateway through which the traffic is routed to and from the VPC."
 msgstr ""

 #: ../../managing_networks.rst:5503
 # a4c3555b968349dfa818e2dbdc7c3d53
 msgid "**Netmask**: The netmask associated with the VPC gateway."
 msgstr ""

 #: ../../managing_networks.rst:5507
 # 4dce5e993ebf4265bd2bbb586e92c0f3
 msgid "**VLAN**: The VLAN associated with the VPC gateway."
 msgstr ""

 #: ../../managing_networks.rst:5511
 # a5003a0c62a64833880757bd344cfde7
 msgid "**Source NAT**: Select this option to enable the source NAT service on the VPC private gateway."
 msgstr ""

 #: ../../managing_networks.rst:5514
 # dff3c56b7ec649b589e8eafd8e54c7cb
 msgid "See `Section 15.27.5.1, “Source NAT on Private Gateway” <#sourcenat-private-gateway>`__."
 msgstr ""

 #: ../../managing_networks.rst:5519
 # 1ff567af8cf94d3b84320755c4d26a66
 msgid "**ACL**: Controls both ingress and egress traffic on a VPC private gateway. By default, all the traffic is blocked."
 msgstr ""

 #: ../../managing_networks.rst:5522
 # 263e367da63e46a9aa8da7d287bc896f
 msgid "See `Section 15.27.5.2, “ACL on Private Gateway” <#acl-private-gateway>`__."
 msgstr ""

 #: ../../managing_networks.rst:5525
 # 0072a51b25fc4a4aa66d298ded9a2dde
 msgid "The new gateway appears in the list. You can repeat these steps to add more gateway for this VPC."
 msgstr ""

 #: ../../managing_networks.rst:5529
 # 1a944440570641ed8d9890edc77c64c5
 msgid "Source NAT on Private Gateway"
 msgstr ""

 #: ../../managing_networks.rst:5531
 # 43aa869828e5461a8a13530f7a2aa2f7
 msgid "You might want to deploy multiple VPCs with the same super CIDR and guest tier CIDR. Therefore, multiple guest VMs from different VPCs can have the same IPs to reach a enterprise data center through the private gateway. In such cases, a NAT service need to be configured on the private gateway to avoid IP conflicts. If Source NAT is enabled, the guest VMs in VPC reaches the enterprise network via private gateway IP address by using the NAT service."
 msgstr ""

 #: ../../managing_networks.rst:5539
 # e2714f79ffd947d9bdc572874ffd2c73
 msgid "The Source NAT service on a private gateway can be enabled while adding the private gateway. On deletion of a private gateway, source NAT rules specific to the private gateway are deleted."
 msgstr ""

 #: ../../managing_networks.rst:5543
 # ee2bf2c268b940968dd021c6ea6bcf74
 msgid "To enable source NAT on existing private gateways, delete them and create afresh with source NAT."
 msgstr ""

 #: ../../managing_networks.rst:5547
 # 8de7fa9065814573b42b74b294a1179f
 msgid "ACL on Private Gateway"
 msgstr ""

 #: ../../managing_networks.rst:5549
 # f450e126ceeb4644a55586ad466152c4
 msgid "The traffic on the VPC private gateway is controlled by creating both ingress and egress network ACL rules. The ACLs contains both allow and deny rules. As per the rule, all the ingress traffic to the private gateway interface and all the egress traffic out from the private gateway interface are blocked."
 msgstr ""

 #: ../../managing_networks.rst:5555
 # ee6a2bab124748009cd09599eaa13e71
 msgid "You can change this default behaviour while creating a private gateway. Alternatively, you can do the following:"
 msgstr ""

 #: ../../managing_networks.rst:5560
 #: ../../managing_networks.rst:5606
 # 21f974b13ca54ebdaeac3568315356d1
 # 6a4b79956d78436989546151b5bd0458
 msgid "In a VPC, identify the Private Gateway you want to work with."
 msgstr ""

 #: ../../managing_networks.rst:5564
 # b8c1c66de4bf4c979f0479ea431d3df0
 msgid "In the Private Gateway page, do either of the following:"
 msgstr ""

 #: ../../managing_networks.rst:5568
 # 49b0c682192f4b459125d724b4a1b265
 msgid "Use the Quickview. See `3 <#quickview>`__."
 msgstr ""

 #: ../../managing_networks.rst:5572
 # d4a946a973cc49888562b872780d8601
 msgid "Use the Details tab. See `4 <#details-tab>`__ through ."
 msgstr ""

 #: ../../managing_networks.rst:5576
 # 19cbd09f46ab46db8404fda0e23cb619
 msgid "In the Quickview of the selected Private Gateway, click Replace ACL, select the ACL rule, then click OK"
 msgstr ""

 #: ../../managing_networks.rst:5581
 # afeaf13ba42447798385c602c1c688fe
 msgid "Click the IP address of the Private Gateway you want to work with."
 msgstr ""

 #: ../../managing_networks.rst:5585
 # 20ba5a3f04344df0a86ab32ad173edd6
 msgid "In the Detail tab, click the Replace ACL button. |replace-acl-icon.png: button to replace the default ACL behaviour.|"
 msgstr ""

 #: ../../managing_networks.rst:5588
 # 01e0bd4df2fd4ee4a00bcf20bc341c5d
 msgid "The Replace ACL dialog is displayed."
 msgstr ""

 #: ../../managing_networks.rst:5592
 # 3f32278673d446f0b2c1b958c13ac401
 msgid "select the ACL rule, then click OK."
 msgstr ""

 #: ../../managing_networks.rst:5594
 # ae950e90184a491381c91aaff688aa76
 msgid "Wait for few seconds. You can see that the new ACL rule is displayed in the Details page."
 msgstr ""

 #: ../../managing_networks.rst:5598
 # 4a0dd026907d41858599558136fffe1a
 msgid "Creating a Static Route"
 msgstr ""

 #: ../../managing_networks.rst:5600
 # 5033ea030ac64d85b8313ada101574ec
 msgid "CloudStack enables you to specify routing for the VPN connection you create. You can enter one or CIDR addresses to indicate which traffic is to be routed back to the gateway."
 msgstr ""

 #: ../../managing_networks.rst:5610
 # 1659fdcef3844d84ab74183505608fbb
 msgid "In the Private Gateway page, click the IP address of the Private Gateway you want to work with."
 msgstr ""

 #: ../../managing_networks.rst:5615
 # f37c03963d3d47d596b85b8e76efbd71
 msgid "Select the Static Routes tab."
 msgstr ""

 #: ../../managing_networks.rst:5619
 # aa7e5e9a6f11421abd3b4aadc2e9b32b
 msgid "Specify the CIDR of destination network."
 msgstr ""

 #: ../../managing_networks.rst:5625
 # 2b073a139f15411c9cbd0b3f86c913e9
 msgid "Wait for few seconds until the new route is created."
 msgstr ""

 #: ../../managing_networks.rst:5628
 # 7a2e407277964cd18757e610c1197596
 msgid "Blacklisting Routes"
 msgstr ""

 #: ../../managing_networks.rst:5630
 # a154d3d5488f418e95dbd3c0ae59a55f
 msgid "CloudStack enables you to block a list of routes so that they are not assigned to any of the VPC private gateways. Specify the list of routes that you want to blacklist in the ``blacklisted.routes`` global parameter. Note that the parameter update affects only new static route creations. If you block an existing static route, it remains intact and continue functioning. You cannot add a static route if the route is blacklisted for the zone."
 msgstr ""

 #: ../../managing_networks.rst:5639
 # 7f1bbdc7458942d88e89b8e0af49db0c
 msgid "Deploying VMs to the Tier"
 msgstr ""

 #: ../../managing_networks.rst:5661
 # 36fffc19e491403389988483ec7271b0
 msgid "The VPC page is displayed where all the tiers you have created are listed."
 msgstr ""

 #: ../../managing_networks.rst:5666
 # 9d8ad54e3d3a46e7b8074cc715920531
 msgid "Click Virtual Machines tab of the tier to which you want to add a VM."
 msgstr ""

 #: ../../managing_networks.rst:5668
 # ca8838c20d2845659371f93b881a4100
 msgid "|add-vm-vpc.png: adding a VM to a vpc.|"
 msgstr ""

 #: ../../managing_networks.rst:5670
 # e5316d71ef404ddbb0d6dad97ba98577
 msgid "The Add Instance page is displayed."
 msgstr ""

 #: ../../managing_networks.rst:5672
 # 389b274de3d2499f942685dd7cd1173e
 msgid "Follow the on-screen instruction to add an instance. For information on adding an instance, see the Installation Guide."
 msgstr ""

 #: ../../managing_networks.rst:5676
 # 9d028d09d4304fb1bf6cca0baa05eb50
 msgid "Deploying VMs to VPC Tier and Shared Networks"
 msgstr ""

 #: ../../managing_networks.rst:5678
 # e4ce910a596b41b488b8bf3c9a703ec5
 msgid "CloudStack allows you deploy VMs on a VPC tier and one or more shared networks. With this feature, VMs deployed in a multi-tier application can receive monitoring services via a shared network provided by a service provider."
 msgstr ""

 #: ../../managing_networks.rst:5685
 # 9822028ede334e8d9bcb11d4e0b88a24
 msgid "Log in to the CloudStack UI as an administrator."
 msgstr ""

 #: ../../managing_networks.rst:5689
 # 334c3d883bcc40f5a9d18da6406e3541
 msgid "In the left navigation, choose Instances."
 msgstr ""

 #: ../../managing_networks.rst:5693
 # 9e4739215b6d4023b17334daf1c299d0
 msgid "Click Add Instance."
 msgstr ""

 #: ../../managing_networks.rst:5697
 # f3612ab1c69c4e8bafa16290447c849d
 msgid "Select a zone."
 msgstr ""

 #: ../../managing_networks.rst:5701
 # 0d5257aa0f5d42759682d5ec4c687946
 msgid "Select a template or ISO, then follow the steps in the wizard."
 msgstr ""

 #: ../../managing_networks.rst:5705
 # 5d53f3f14de94f21a72a57c5427947fa
 msgid "Ensure that the hardware you have allows starting the selected service offering."
 msgstr ""

 #: ../../managing_networks.rst:5710
 # c7211e930aea482ebbbea2e443cabd53
 msgid "Under Networks, select the desired networks for the VM you are launching."
 msgstr ""

 #: ../../managing_networks.rst:5713
 # 355fc2d3a38e43f4ab08b92f9e8f168f
 msgid "You can deploy a VM to a VPC tier and multiple shared networks."
 msgstr ""

 #: ../../managing_networks.rst:5715
 # 50da282764bf41938177acb880c846e1
 msgid "|addvm-tier-sharednw.png: adding a VM to a VPC tier and shared network.|"
 msgstr ""

 #: ../../managing_networks.rst:5720
 # 602251fcf69447d880ef52b1e43aaeae
 msgid "Click Next, review the configuration and click Launch."
 msgstr ""

 #: ../../managing_networks.rst:5722
 # 7b69703360704281ac542fe8d70b98c6
 msgid "Your VM will be deployed to the selected VPC tier and shared network."
 msgstr ""

 #: ../../managing_networks.rst:5725
 # fd34602f4c1a482a8d044b849bdeb44b
 msgid "Acquiring a New IP Address for a VPC"
 msgstr ""

 #: ../../managing_networks.rst:5727
 # c73360b50aa543f7a8880e610baa5b75
 msgid "When you acquire an IP address, all IP addresses are allocated to VPC, not to the guest networks within the VPC. The IPs are associated to the guest network only when the first port-forwarding, load balancing, or Static NAT rule is created for the IP or the network. IP can't be associated to more than one network at a time."
 msgstr ""

 #: ../../managing_networks.rst:5798
 # a44c55b912fa4df183c07b424282c526
 msgid "Select IP Addresses."
 msgstr ""

 #: ../../managing_networks.rst:5800
 # 7068202d5e7748aa89b44e99fd7a8c9b
 msgid "The Public IP Addresses page is displayed."
 msgstr ""

 #: ../../managing_networks.rst:5804
 # 59806f7394b645268a1deaf02e5c8812
 msgid "Click Acquire New IP, and click Yes in the confirmation dialog."
 msgstr ""

 #: ../../managing_networks.rst:5806
 # 677531dda31f4fe9ba37d4384c2c5672
 msgid "You are prompted for confirmation because, typically, IP addresses are a limited resource. Within a few moments, the new IP address should appear with the state Allocated. You can now use the IP address in port forwarding, load balancing, and static NAT rules."
 msgstr ""

 #: ../../managing_networks.rst:5812
 # 55e43c565ebb41158b1743d98edb1b7c
 msgid "Releasing an IP Address Allocated to a VPC"
 msgstr ""

 #: ../../managing_networks.rst:5814
 # bd70ff0598d34b229b01650cabc35f3f
 msgid "The IP address is a limited resource. If you no longer need a particular IP, you can disassociate it from its VPC and return it to the pool of available addresses. An IP address can be released from its tier, only when all the networking ( port forwarding, load balancing, or StaticNAT ) rules are removed for this IP address. The released IP address will still belongs to the same VPC."
 msgstr ""

 #: ../../managing_networks.rst:5838
 # db06398461444930b595e0160effde58
 msgid "Click the Configure button of the VPC whose IP you want to release."
 msgstr ""

 #: ../../managing_networks.rst:5885
 # d80d6b89f43d4b2491743738838b0245
 msgid "Select Public IP Addresses."
 msgstr ""

 #: ../../managing_networks.rst:5891
 # 00cc2e1530394ea2838d7f6061a85693
 msgid "Click the IP you want to release."
 msgstr ""

 #: ../../managing_networks.rst:5895
 # 15c38333d5564c94a459bd2e93b987b1
 msgid "In the Details tab, click the Release IP button |release-ip-icon.png: button to release an IP.|"
 msgstr ""

 #: ../../managing_networks.rst:5899
 # c6a4439513504b019b9fa932df9926b5
 msgid "Enabling or Disabling Static NAT on a VPC"
 msgstr ""

 #: ../../managing_networks.rst:5901
 # 2121940a433d4a7c99fe4fcdc04af8a9
 msgid "A static NAT rule maps a public IP address to the private IP address of a VM in a VPC to allow Internet traffic to it. This section tells how to enable or disable static NAT for a particular IP address in a VPC."
 msgstr ""

 #: ../../managing_networks.rst:5934
 # 0603bfddfcae43529259bdadc6652cc7
 msgid "For each tier, the following options are displayed."
 msgstr ""

 #: ../../managing_networks.rst:5982
 # d9241814450644c28541d121455ddb44
 msgid "Click the IP you want to work with."
 msgstr ""

 #: ../../managing_networks.rst:5986
 # 17ca1f0f3fac45349f2b7536efe21e90
 msgid "In the Details tab,click the Static NAT button. |enable-disable.png: button to enable Static NAT.| The button toggles between Enable and Disable, depending on whether static NAT is currently enabled for the IP address."
 msgstr ""

 #: ../../managing_networks.rst:5993
 # 48ec391c037d4513bbbf0e36c099fbd4
 msgid "If you are enabling static NAT, a dialog appears as follows:"
 msgstr ""

 #: ../../managing_networks.rst:5995
 # 9e8b3f52b98a4950a87c8525e6c7b27f
 msgid "|select-vmstatic-nat.png: selecting a tier to apply staticNAT.|"
 msgstr ""

 #: ../../managing_networks.rst:5999
 # 18f46f5fdcb0449dac6fdfaf2f51ce14
 msgid "Select the tier and the destination VM, then click Apply."
 msgstr ""

 #: ../../managing_networks.rst:6002
 # fb5ca551d8c94e579cd6bb1147727ab7
 msgid "Adding Load Balancing Rules on a VPC"
 msgstr ""

 #: ../../managing_networks.rst:6004
 # c4883c83508d432bb165cab6bc1de860
 msgid "In a VPC, you can configure two types of load balancing—external LB and internal LB. External LB is nothing but a LB rule created to redirect the traffic received at a public IP of the VPC virtual router. The traffic is load balanced within a tier based on your configuration. Citrix NetScaler and VPC virtual router are supported for external LB. When you use internal LB service, traffic received at a tier is load balanced across different VMs within that tier. For example, traffic reached at Web tier is redirected to another VM in that tier. External load balancing devices are not supported for internal LB. The service is provided by a internal LB VM configured on the target tier."
 msgstr ""

 #: ../../managing_networks.rst:6016
 # 274bc30ffbcf44b9ba1abd732541215a
 msgid "Load Balancing Within a Tier (External LB)"
 msgstr ""

 #: ../../managing_networks.rst:6018
 # caa659885dfa4cd6904a918177c53c5e
 msgid "A CloudStack user or administrator may create load balancing rules that balance traffic received at a public IP to one or more VMs that belong to a network tier that provides load balancing service in a VPC. A user creates a rule, specifies an algorithm, and assigns the rule to a set of VMs within a tier."
 msgstr ""

 #: ../../managing_networks.rst:6025
 # 5c807fdb6ce04f699eb08495407e8d92
 msgid "Enabling NetScaler as the LB Provider on a VPC Tier"
 msgstr ""

 #: ../../managing_networks.rst:6029
 # 9cc8f348801d45418744e7f42218d907
 msgid "Add and enable Netscaler VPX in dedicated mode."
 msgstr ""

 #: ../../managing_networks.rst:6031
 # ed6339be814f45398c36a2ef4ec785d2
 msgid "Netscaler can be used in a VPC environment only if it is in dedicated mode."
 msgstr ""

 #: ../../managing_networks.rst:6036
 # 4662e3fb38414b75bdfa2ae89c5b4d54
 msgid "Create a network offering, as given in `Section 15.27.11.1.2, “Creating a Network Offering for External LB” <#ext-lb-offering>`__."
 msgstr ""

 #: ../../managing_networks.rst:6041
 # 648bc307e8724c0c808a7e169d7174af
 msgid "Create a VPC with Netscaler as the Public LB provider."
 msgstr ""

 #: ../../managing_networks.rst:6043
 # 6f2968514fa14e198e27a6276559ac66
 msgid "For more information, see `Section 15.27.2, “Adding a Virtual Private Cloud” <#add-vpc>`__."
 msgstr ""

 #: ../../managing_networks.rst:6048
 # 34834931a616401fbf2114397a66c17d
 msgid "For the VPC, acquire an IP."
 msgstr ""

 #: ../../managing_networks.rst:6052
 # 73121096c9c0491b872f089f4bcd646d
 msgid "Create an external load balancing rule and apply, as given in `Section 15.27.11.1.3, “Creating an External LB Rule” <#ext-lb-vpc>`__."
 msgstr ""

 #: ../../managing_networks.rst:6057
 # 2772e2e5e8bc4ff585c238022e2de08d
 msgid "Creating a Network Offering for External LB"
 msgstr ""

 #: ../../managing_networks.rst:6059
 # 9321f241035849579eee2b19a8dcd3a7
 msgid "To have external LB support on VPC, create a network offering as follows:"
 msgstr ""

 #: ../../managing_networks.rst:6064
 #: ../../managing_networks.rst:6368
 # 2aab6b8694d14a2d81304515d063ea70
 # 9547796b012c45c0a0bce3e170167fa4
 msgid "Log in to the CloudStack UI as a user or admin."
 msgstr ""

 #: ../../managing_networks.rst:6068
 #: ../../managing_networks.rst:6372
 # 98791665f6d04be48656066993e3c5e0
 # 894f16f3b18145cfad928d595039b36a
 msgid "From the Select Offering drop-down, choose Network Offering."
 msgstr ""

 #: ../../managing_networks.rst:6076
 #: ../../managing_networks.rst:6380
 # a4c57841d2274a45a1949e1ba43a5d78
 # e1065316da8a4206a4c9926b89da3869
 msgid "In the dialog, make the following choices:"
 msgstr ""

 #: ../../managing_networks.rst:6080
 #: ../../managing_networks.rst:6384
 # 6a3430b8741e423b83efc13c9e7e6e88
 # 236dc341b9214a589a7e812fd2f4c60b
 msgid "**Name**: Any desired name for the network offering."
 msgstr ""

 #: ../../managing_networks.rst:6084
 #: ../../managing_networks.rst:6388
 # 76031673ac254ec7bfb535779e98ebb4
 # bccec46599994c2a95a0569047967aa7
 msgid "**Description**: A short description of the offering that can be displayed to users."
 msgstr ""

 #: ../../managing_networks.rst:6089
 #: ../../managing_networks.rst:6393
 # 2bab7aa63c61409191de6c7949b17cf4
 # 351d020a9f044f52a3dd389bff437e65
 msgid "**Network Rate**: Allowed data transfer rate in MB per second."
 msgstr ""

 #: ../../managing_networks.rst:6093
 #: ../../managing_networks.rst:6397
 # 79ce2fd95ec04bcfa12787a70171f1fb
 # a40a99e105f943e69806fc3e1db63326
 msgid "**Traffic Type**: The type of network traffic that will be carried on the network."
 msgstr ""

 #: ../../managing_networks.rst:6098
 #: ../../managing_networks.rst:6402
 # d6c6b623f9f04f3997c8dbd87ee79e96
 # 0a18bda8137545e392cca4356df398f3
 msgid "**Guest Type**: Choose whether the guest network is isolated or shared."
 msgstr ""

 #: ../../managing_networks.rst:6103
 #: ../../managing_networks.rst:6407
 # ca6a4c29a1694890b3c2c8ce9114cac1
 # 89df6c51bfee49629ef336a867cc8a40
 msgid "**Persistent**: Indicate whether the guest network is persistent or not. The network that you can provision without having to deploy a VM on it is termed persistent network."
 msgstr ""

 #: ../../managing_networks.rst:6109
 #: ../../managing_networks.rst:6413
 # e799f2ee1f1942f1a80c328ac3f22ba2
 # d7d42b1bb3754b0786713cf979e06172
 msgid "**VPC**: This option indicate whether the guest network is Virtual Private Cloud-enabled. A Virtual Private Cloud (VPC) is a private, isolated part of CloudStack. A VPC can have its own virtual network topology that resembles a traditional physical network. For more information on VPCs, see `Section 15.27.1, “About Virtual Private Clouds” <#vpc>`__."
 msgstr ""

 #: ../../managing_networks.rst:6118
 #: ../../managing_networks.rst:6422
 # c1cb78a9d442425ca2861f09ccb822d0
 # b44e7a69782a468ebc6a1b0b2b58b67a
 msgid "**Specify VLAN**: (Isolated guest networks only) Indicate whether a VLAN should be specified when this offering is used."
 msgstr ""

 #: ../../managing_networks.rst:6123
 # 83f03954d4aa40fcb0269bb949898281
 msgid "**Supported Services**: Select Load Balancer. Use Netscaler or VpcVirtualRouter."
 msgstr ""

 #: ../../managing_networks.rst:6128
 # 3ecd5594fecf4e7996fc00073a3af317
 msgid "**Load Balancer Type**: Select Public LB from the drop-down."
 msgstr ""

 #: ../../managing_networks.rst:6132
 # c780a4651b0540c99bc39f9057d781d5
 msgid "**LB Isolation**: Select Dedicated if Netscaler is used as the external LB provider."
 msgstr ""

 #: ../../managing_networks.rst:6137
 #: ../../managing_networks.rst:6436
 # 5a521e9e6e424ed8a6e6e8878254fb05
 # 0e1a57030f0e4d1c9f91421d3bfcf073
 msgid "**System Offering**: Choose the system service offering that you want virtual routers to use in this network."
 msgstr ""

 #: ../../managing_networks.rst:6142
 #: ../../managing_networks.rst:6441
 # 3da1b26048d246e8be963accb23a2d59
 # 303be976fe7a41a0a5a3b299ba7d1cc2
 msgid "**Conserve mode**: Indicate whether to use conserve mode. In this mode, network resources are allocated only when the first virtual machine starts in the network."
 msgstr ""

 #: ../../managing_networks.rst:6148
 #: ../../managing_networks.rst:6447
 # 97f1c8686f464c2a86f667e59bc3613d
 # 21d33f3ed7b842139317fe1ba0d2bad4
 msgid "Click OK and the network offering is created."
 msgstr ""

 #: ../../managing_networks.rst:6151
 # b85666bb2b034e90b3623ac0d974bcf8
 msgid "Creating an External LB Rule"
 msgstr ""

 #: ../../managing_networks.rst:6170
 # 46a6c7a9c87b4d0b86e5096cf8387352
 msgid "Click the Configure button of the VPC, for which you want to configure load balancing rules."
 msgstr ""

 #: ../../managing_networks.rst:6173
 #: ../../managing_networks.rst:6481
 # 04979eda5aad402e9e9ed07b06b83d07
 # 29d52ff8bfd845898927bc69c03ba1cc
 msgid "The VPC page is displayed where all the tiers you created listed in a diagram."
 msgstr ""

 #: ../../managing_networks.rst:6233
 #: ../../managing_networks.rst:6625
 # 841ec4a089094a18a44d829fe3992d40
 # d19cbf96b77b4284b01fe504101489d6
 msgid "Select the tier to which you want to apply the rule."
 msgstr ""

 #: ../../managing_networks.rst:6245
 # 7de910c468f6402a8dfb73f99ce85bfa
 msgid "**Public Port**: The port that receives the incoming traffic to be balanced."
 msgstr ""

 #: ../../managing_networks.rst:6255
 #: ../../managing_networks.rst:6526
 # 0e6242e8303c4f7e81f3bacd632286c4
 # 873adeb9135b4671ac55ba8bb02eefd4
 msgid "**Algorithm**. Choose the load balancing algorithm you want CloudStack to use. CloudStack supports the following well-known algorithms:"
 msgstr ""

 #: ../../managing_networks.rst:6265
 #: ../../managing_networks.rst:6536
 # 032bda374e3549389055ef99602dbfde
 # 76d0d6a66f964932a632e62d7f72d63a
 msgid "Least connections"
 msgstr ""

 #: ../../managing_networks.rst:6269
 #: ../../managing_networks.rst:6540
 # 0b3a293fff7f42d59c589be7157bf55b
 # a39fd2d8c4994240b02094dbf235ff35
 msgid "Source"
 msgstr ""

 #: ../../managing_networks.rst:6273
 # 5ad7247668c740d59840d3cfa7af1ba4
 msgid "**Stickiness**. (Optional) Click Configure and choose the algorithm for the stickiness policy. See Sticky Session Policies for Load Balancer Rules."
 msgstr ""

 #: ../../managing_networks.rst:6279
 # cf38cdef27f14c3399aa3f98bb975b0e
 msgid "**Add VMs**: Click Add VMs, then select two or more VMs that will divide the load of incoming traffic, and click Apply."
 msgstr ""

 #: ../../managing_networks.rst:6282
 # 3125a1633b73432dbbc695b80203f711
 msgid "The new load balancing rule appears in the list. You can repeat these steps to add more load balancing rules for this IP address."
 msgstr ""

 #: ../../managing_networks.rst:6286
 # 5cd14774a90e437eb620b313651c9e46
 msgid "Load Balancing Across Tiers"
 msgstr ""

 #: ../../managing_networks.rst:6288
 # 070e7b9f10a44c47953a80c046d9c7ca
 msgid "CloudStack supports sharing workload across different tiers within your VPC. Assume that multiple tiers are set up in your environment, such as Web tier and Application tier. Traffic to each tier is balanced on the VPC virtual router on the public side, as explained in `Section 15.27.11, “Adding Load Balancing Rules on a VPC” <#add-loadbalancer-rule-vpc>`__. If you want the traffic coming from the Web tier to the Application tier to be balanced, use the internal load balancing feature offered by CloudStack."
 msgstr ""

 #: ../../managing_networks.rst:6298
 # aea9258cc6164c4fb587a9e5d2abc852
 msgid "How Does Internal LB Work in VPC?"
 msgstr ""

 #: ../../managing_networks.rst:6300
 # b574228e607e400d88167d7478911df8
 msgid "In this figure, a public LB rule is created for the public IP 72.52.125.10 with public port 80 and private port 81. The LB rule, created on the VPC virtual router, is applied on the traffic coming from the Internet to the VMs on the Web tier. On the Application tier two internal load balancing rules are created. An internal LB rule for the guest IP 10.10.10.4 with load balancer port 23 and instance port 25 is configured on the VM, InternalLBVM1. Another internal LB rule for the guest IP 10.10.10.4 with load balancer port 45 and instance port 46 is configured on the VM, InternalLBVM1. Another internal LB rule for the guest IP 10.10.10.6, with load balancer port 23 and instance port 25 is configured on the VM, InternalLBVM2."
 msgstr ""

 #: ../../managing_networks.rst:6312
 # b20f10f2b7d3416f912f26288b95da11
 msgid "|vpc-lb.png: Configuring internal LB for VPC|"
 msgstr ""

 #: ../../managing_networks.rst:6319
 # 6e79c970118d4190bf7d22c1773505ce
 msgid "Internal LB and Public LB are mutually exclusive on a tier. If the tier has LB on the public side, then it can't have the Internal LB."
 msgstr ""

 #: ../../managing_networks.rst:6324
 # 9cf6652ac2e0445387349beb374bfca7
 msgid "Internal LB is supported just on VPC networks in CloudStack 4.2 release."
 msgstr ""

 #: ../../managing_networks.rst:6329
 # a3f5f1fc49464829adf0ebd8e7687692
 msgid "Only Internal LB VM can act as the Internal LB provider in CloudStack 4.2 release."
 msgstr ""

 #: ../../managing_networks.rst:6334
 # c91dbb4b255c4a84be104b33811e5332
 msgid "Network upgrade is not supported from the network offering with Internal LB to the network offering with Public LB."
 msgstr ""

 #: ../../managing_networks.rst:6339
 # b60834349ed648d8a4366ebd00a7fd65
 msgid "Multiple tiers can have internal LB support in a VPC."
 msgstr ""

 #: ../../managing_networks.rst:6343
 # 4fab50597d0941108a4d3bf7f13e9411
 msgid "Only one tier can have Public LB support in a VPC."
 msgstr ""

 #: ../../managing_networks.rst:6346
 # d225db5293e846a0afd0f6c7bb5f68a1
 msgid "Enabling Internal LB on a VPC Tier"
 msgstr ""

 #: ../../managing_networks.rst:6350
 # 617e9425a2fa474b9764128b07034002
 msgid "Create a network offering, as given in `Section 15.27.11.2.5, “Creating an Internal LB Rule” <#int-lb-vpc>`__."
 msgstr ""

 #: ../../managing_networks.rst:6355
 # a890050072ca4d26805f98387f27bd75
 msgid "Create an internal load balancing rule and apply, as given in `Section 15.27.11.2.5, “Creating an Internal LB Rule” <#int-lb-vpc>`__."
 msgstr ""

 #: ../../managing_networks.rst:6360
 # a4cfada862734f0f851fce215590886e
 msgid "Creating a Network Offering for Internal LB"
 msgstr ""

 #: ../../managing_networks.rst:6362
 # 60f76aac53194ec8bbe6de7b8c5a5554
 msgid "To have internal LB support on VPC, either use the default offering, DefaultIsolatedNetworkOfferingForVpcNetworksWithInternalLB, or create a network offering as follows:"
 msgstr ""

 #: ../../managing_networks.rst:6427
 # 8a5ea6ec925d452a879ceac5445ab579
 msgid "**Supported Services**: Select Load Balancer. Select ``InternalLbVM`` from the provider list."
 msgstr ""

 #: ../../managing_networks.rst:6432
 # c72558354623450a936ce31431ffa69e
 msgid "**Load Balancer Type**: Select Internal LB from the drop-down."
 msgstr ""

 #: ../../managing_networks.rst:6450
 # 28147ce50bf14231a07cac69826f2a25
 msgid "Creating an Internal LB Rule"
 msgstr ""

 #: ../../managing_networks.rst:6452
 # 2c9c4cae286845808fef134063a6f939
 msgid "When you create the Internal LB rule and applies to a VM, an Internal LB VM, which is responsible for load balancing, is created."
 msgstr ""

 #: ../../managing_networks.rst:6455
 # 63b7d6ada9114e90ba29443004bc739f
 msgid "You can view the created Internal LB VM in the Instances page if you navigate to **Infrastructure** > **Zones** > <zone\\_ name> > <physical\\_network\\_name> > **Network Service Providers** > **Internal LB VM**. You can manage the Internal LB VMs as and when required from the location."
 msgstr ""

 #: ../../managing_networks.rst:6478
 # d533cda5982f42a2be99e3d3a1d02796
 msgid "Locate the VPC for which you want to configure internal LB, then click Configure."
 msgstr ""

 #: ../../managing_networks.rst:6486
 # e737073d23cf4d26aed7c10ce7b46e81
 msgid "Locate the Tier for which you want to configure an internal LB rule, click Internal LB."
 msgstr ""

 #: ../../managing_networks.rst:6489
 # 552b8f17dcde42d482e1831b58d076ef
 msgid "In the Internal LB page, click Add Internal LB."
 msgstr ""

 #: ../../managing_networks.rst:6493
 # 9e377cd375c349e58911fc49edfdd4b1
 msgid "In the dialog, specify the following:"
 msgstr ""

 #: ../../managing_networks.rst:6501
 # 87c629929ba84d5da539e7534a89a8d8
 msgid "**Description**: A short description of the rule that can be displayed to users."
 msgstr ""

 #: ../../managing_networks.rst:6506
 # 1827d569d2af4a3eb0a577bec4c3e5eb
 msgid "**Source IP Address**: (Optional) The source IP from which traffic originates. The IP is acquired from the CIDR of that particular tier on which you want to create the Internal LB rule. If not specified, the IP address is automatically allocated from the network CIDR."
 msgstr ""

 #: ../../managing_networks.rst:6512
 # 4258284b90204dc997577baaaf8755b6
 msgid "For every Source IP, a new Internal LB VM is created for load balancing."
 msgstr ""

 #: ../../managing_networks.rst:6517
 # e1da6c68ece14aacb7290072c2e1017e
 msgid "**Source Port**: The port associated with the source IP. Traffic on this port is load balanced."
 msgstr ""

 #: ../../managing_networks.rst:6522
 # afdf2a4f86134a9c8f2ee0d103fb268e
 msgid "**Instance Port**: The port of the internal LB VM."
 msgstr ""

 #: ../../managing_networks.rst:6543
 # 1bdef81fe9294cffb07d59cdeaf608a9
 msgid "Adding a Port Forwarding Rule on a VPC"
 msgstr ""

 #: ../../managing_networks.rst:6633
 # 55d5f9cc7a9440d4be42f12599487ff9
 msgid "**Public Port**: The port to which public traffic will be addressed on the IP address you acquired in the previous step."
 msgstr ""

 #: ../../managing_networks.rst:6638
 # f3534c50573843559923c45aa9402af1
 msgid "**Private Port**: The port on which the instance is listening for forwarded public traffic."
 msgstr ""

 #: ../../managing_networks.rst:6643
 # d970ed9b90c54a74871fab0e0bb4667b
 msgid "**Protocol**: The communication protocol in use between the two ports."
 msgstr ""

 #: ../../managing_networks.rst:6648
 # f0be0d19f4464861827239d149e03744
 msgid "TCP"
 msgstr ""

 #: ../../managing_networks.rst:6652
 # 931118f56d6d4e2eb86fa29ac132f2b8
 msgid "UDP"
 msgstr ""

 #: ../../managing_networks.rst:6656
 # 6d26f66d36a743d4a1a5505df83da34c
 msgid "**Add VM**: Click Add VM. Select the name of the instance to which this rule applies, and click Apply."
 msgstr ""

 #: ../../managing_networks.rst:6659
 # 7eb1b2ffd2df41879c5e85c5c75e60f0
 msgid "You can test the rule by opening an SSH session to the instance."
 msgstr ""

 #: ../../managing_networks.rst:6662
 # 2517c53c112c475089bf9a0e6ece949d
 msgid "Removing Tiers"
 msgstr ""

 #: ../../managing_networks.rst:6664
 # 987463aa0c9e46e58456fd870cbac52b
 msgid "You can remove a tier from a VPC. A removed tier cannot be revoked. When a tier is removed, only the resources of the tier are expunged. All the network rules (port forwarding, load balancing and staticNAT) and the IP addresses associated to the tier are removed. The IP address still be belonging to the same VPC."
 msgstr ""

 #: ../../managing_networks.rst:6690
 # b80a7f96c5e343be988091f48cdc8b13
 msgid "The Configure VPC page is displayed. Locate the tier you want to work with."
 msgstr ""

 #: ../../managing_networks.rst:6695
 # 9d1e0efdd66c408c8b6445ab9ed8f0fa
 msgid "Select the tier you want to remove."
 msgstr ""

 #: ../../managing_networks.rst:6699
 # 26cd655882384fdc86510166d3a09cc7
 msgid "In the Network Details tab, click the Delete Network button. |del-tier.png: button to remove a tier|"
 msgstr ""

 #: ../../managing_networks.rst:6702
 # dc7484d918fd4185a123c12baf9d26af
 msgid "Click Yes to confirm. Wait for some time for the tier to be removed."
 msgstr ""

 #: ../../managing_networks.rst:6705
 # b2b2fa6f474c4923b101aff8c6ebd2ae
 msgid "Editing, Restarting, and Removing a Virtual Private Cloud"
 msgstr ""

 #: ../../managing_networks.rst:6707
 # df6ef06698254b2398ed91a15c14dd60
 msgid "Ensure that all the tiers are removed before you remove a VPC."
 msgstr ""

 #: ../../managing_networks.rst:6726
 # 27e727fcb09c499cb04cfeb2bd8af5d2
 msgid "Select the VPC you want to work with."
 msgstr ""

 #: ../../managing_networks.rst:6730
 # 896f44f41d94483ba83091028938b4b9
 msgid "In the Details tab, click the Remove VPC button |remove-vpc.png: button to remove a VPC|"
 msgstr ""

 #: ../../managing_networks.rst:6733
 # c4dc55536b3041f181e37a5bb1952109
 msgid "You can remove the VPC by also using the remove button in the Quick View."
 msgstr ""

 #: ../../managing_networks.rst:6736
 # f6bc412f03bc4dc6a55f90047bdec537
 msgid "You can edit the name and description of a VPC. To do that, select the VPC, then click the Edit button. |edit-icon.png: button to edit a VPC|"
 msgstr ""

 #: ../../managing_networks.rst:6740
 # 63357afed0464e21be6f8fa41abd0ec8
 msgid "To restart a VPC, select the VPC, then click the Restart button. |restart-vpc.png: button to restart a VPC|"
 msgstr ""

 #: ../../managing_networks.rst:6744
 # 39039829f65e4377a122bf91feb35ada
 msgid "Persistent Networks"
 msgstr ""

 #: ../../managing_networks.rst:6746
 # fca381dc00a94a72af9e6fd527b20d45
 msgid "The network that you can provision without having to deploy any VMs on it is called a persistent network. A persistent network can be part of a VPC or a non-VPC environment."
 msgstr ""

 #: ../../managing_networks.rst:6750
 # 42c10e563fed417980600322954b333d
 msgid "When you create other types of network, a network is only a database entry until the first VM is created on that network. When the first VM is created, a VLAN ID is assigned and the network is provisioned. Also, when the last VM is destroyed, the VLAN ID is released and the network is no longer available. With the addition of persistent network, you will have the ability to create a network in CloudStack in which physical devices can be deployed without having to run any VMs. Additionally, you can deploy physical devices on that network."
 msgstr ""

 #: ../../managing_networks.rst:6759
 # 66f7d3c48a604609a402136b8672bae5
 msgid "One of the advantages of having a persistent network is that you can create a VPC with a tier consisting of only physical devices. For example, you might create a VPC for a three-tier application, deploy VMs for Web and Application tier, and use physical machines for the Database tier. Another use case is that if you are providing services by using physical hardware, you can define the network as persistent and therefore even if all its VMs are destroyed the services will not be discontinued."
 msgstr ""

 #: ../../managing_networks.rst:6769
 # c24813594b9c47c386a450613b070d37
 msgid "Persistent Network Considerations"
 msgstr ""

 #: ../../managing_networks.rst:6773
 # 9a171e4d62114e3c88fc9881e6a4e32d
 msgid "Persistent network is designed for isolated networks."
 msgstr ""

 #: ../../managing_networks.rst:6777
 # f090f131150f456ab0942566d94a17df
 msgid "All default network offerings are non-persistent."
 msgstr ""

 #: ../../managing_networks.rst:6781
 # c8335c59614a4bd0ae9163104533304a
 msgid "A network offering cannot be editable because changing it affects the behavior of the existing networks that were created using this network offering."
 msgstr ""

 #: ../../managing_networks.rst:6787
 # 23af8e44c8e84feeb39a085848e5709b
 msgid "When you create a guest network, the network offering that you select defines the network persistence. This in turn depends on whether persistent network is enabled in the selected network offering."
 msgstr ""

 #: ../../managing_networks.rst:6793
 # ab1ccf831ef74353bde8bfb88e0155ad
 msgid "An existing network can be made persistent by changing its network offering to an offering that has the Persistent option enabled. While setting this property, even if the network has no running VMs, the network is provisioned."
 msgstr ""

 #: ../../managing_networks.rst:6800
 # e7bb232da8854652a63fa39c268cc893
 msgid "An existing network can be made non-persistent by changing its network offering to an offering that has the Persistent option disabled. If the network has no running VMs, during the next network garbage collection run the network is shut down."
 msgstr ""

 #: ../../managing_networks.rst:6807
 # 02f9973b78fc4f4ea2dbc33c7740fb9f
 msgid "When the last VM on a network is destroyed, the network garbage collector checks if the network offering associated with the network is persistent, and shuts down the network only if it is non-persistent."
 msgstr ""

 #: ../../managing_networks.rst:6813
 # fb3cf96c3ec041969d55371e0aaa1d81
 msgid "Creating a Persistent Guest Network"
 msgstr ""

 #: ../../managing_networks.rst:6815
 # 19e73163820243d4a6f7fffe91f8ccb3
 msgid "To create a persistent network, perform the following:"
 msgstr ""

 #: ../../managing_networks.rst:6819
 # da4bbbbdbd5a46bc9d3cdb51651cf4c1
 msgid "Create a network offering with the Persistent option enabled."
 msgstr ""

 #: ../../managing_networks.rst:6821
 # 7036ba30ea924150937e15be22167fde
 msgid "See the Administration Guide."
 msgstr ""

 #: ../../managing_networks.rst:6825
 # b531eda7832a4473af382ed8bb02ff2d
 msgid "Select Network from the left navigation pane."
 msgstr ""

 #: ../../managing_networks.rst:6829
 # acc08af60a1540af83325f8d84777285
 msgid "Select the guest network that you want to offer this network service to."
 msgstr ""

 #: ../../managing_networks.rst:6834
 # f91ae55836074e878e10c2eb152ec6d4
 msgid "Click the Edit button."
 msgstr ""

 #: ../../managing_networks.rst:6838
 # 41ffae74d3724190b34bc30fda773ff0
 msgid "From the Network Offering drop-down, select the persistent network offering you have just created."
 msgstr ""