VMware vStorage API for Data Protection (VADP) design: vmkernel interface.

By | December 22, 2015
0 Comment

This is not a seldom situation, when backups of VMs or physical servers are  performed via dedicated network cards. But what if backups are done via VMware vStorage API for Data Protection (VADP)? It depends on transport methods: LAN or SAN. In this post we discuss a scenario when we use LAN (Network Block Device NBD) to perform VADP backups. NBD is a Linux-style kernel module that treats storage on a remote host as a block device. NBDSSL is similar but uses SSL to encrypt all data passed over the TCP connection.

LAN transport offers the following advantages:

  • The ESX/ESXi host can use any storage device: datastores created on local storage or NFS.
  • Encryption.

At first, some fundamental things that are often misunderstood:VMware vStorage API for Data Protection (VADP) design: which vmkernel interface

  1. The VADP backup traffic is not done through vCenter server. A backup host uses vCenter only during: VM discovery, Snapshots requests or VM creations during recovery.
  2. There are two ports used during the backup or restore:
    • 443 - between backup host and vCenter
    • 902 - between backup host and ESXi host
  3. Backups are sent via ESXi's vmkernel port (with Management Port).
  4. Backup solution uses VDDK. For more information please follow another post here.

As mentioned above, the backup traffic is done via vmkernel port (Management). If ESXi hosts have multiple vmkernel ports, which one is used for VADP? It depends on how (which vmkernel port) backup host connects to the ESXi host. I will explain it using the following high level overview of VADP backup of VM1:

  1. Backup host sends a request to the vCenter (e.g. to locate VM1, take snapshot).
  2. vCenter sends back information about ESXi host where the VM is running. The information could be IP  or DNS name of ESXi host (depending on which one you use to connect ESXi to the vCenter).
  3. Backup host connects directly to the ESXi host and transfers data.

By default, during the backup process, a backup host talks with ESXi host via vmknic which was used to add ESXi to the vCenter. To change the default behavior:

  • Always use DNS name of ESXi host when you add it to the vCenter.
  • Modify hosts file on backup host to specify another IP to be used during the backup.

Unfortunately, currently there is not available any "checkbox" to choose a dedicated vmkernel for VMware vStorage API for Data Protection (VADP).

Data Protection VMware
Author: Mariusz

Architect (~ 15 years experience based on passion...) with strong background as a System Administrator and Engineer. Focused on Data Center Solutions: Virtualization/Cloud Computing and Storage/Backup Systems. Currently living in Poland.

Related Posts