Control which network interface the appliance uses for specific communication traffic by selecting the endpoint address. In the Tunnel Appliance, select the address for communication with the local cloud appliances. In each Replicator Appliance instance, select the addresses for management traffic, and for incoming and for outgoing replication traffic.
Selecting the endpoint addresses controls the type of traffic the cloud appliances expect on which network interface cards (NICs). The traffic control allows for more specific network topologies and is not intended for traffic isolation between the data and the management network traffic.
Note:
- Selecting endpoint address associates it with the IP address. To apply a new endpoint address after the selected IP address changes, manually select the updated IP address for the endpoint re-association.
- The selected IP address for each endpoint must be configured with a static IP address.
-
Tunnel Appliance
-
In the management interface of the
Tunnel Appliance, to control the internal traffic in the site you can select an endpoint address for the communication from the
Replicator Appliance instances and from the
Cloud Director Replication Management Appliance to the
Tunnel Appliance, avoiding their communication over the external-facing
Tunnel Appliance address. Controlling the
Tunnel Appliance traffic avoids routing the traffic from the local cloud appliances through the Internet-facing NIC of the
Tunnel Appliance.
-
Replicator Appliance instances
-
In the management interface of each
Replicator Appliance instance, to control the traffic you can select the following endpoint addresses.
- For management traffic, between the local cloud appliances in the site.
- For outgoing replication data traffic, to the destination ESXi hosts.
- For incoming replication data traffic, from the source ESXi hosts.
When the
Replicator Appliance instances are on a separate network from the
ESXi hosts or the
Tunnel Appliance, selecting these endpoints directly routes the heavy replication data traffic avoiding the router and reducing the impact over the entire internal infrastructure network.
Prerequisites
Verify that
VMware Cloud Director Availability 4.3 or later is deployed in the cloud site.
Procedure
- Select the Tunnel Appliance endpoint address for controlling the traffic from the local cloud appliances.
- In a Web browser, go to https://Tunnel-Appliance-IP-Address.
The
https://Tunnel-Appliance-IP-Address/ui/admin login page opens.
- Enter the password of the root user and click Login.
The
Settings page opens.
- Under Appliance settings, click Edit next to the Traffic Control section.
The
Traffic Control window opens.
- From the Tunnel Address drop-down menu, select the endpoint IP address for the communication from the local cloud appliances and click Apply.
- Select the Replicator Appliance instance endpoint addresses for controlling the management traffic and the traffic from the local ESXi hosts.
- In a Web browser go to https://Replicator-Appliance-IP-Address.
The
https://Replicator-Appliance-IP-Address/ui/admin login page opens.
- Enter the password of the root user and click Login.
The
System Health page opens.
- In the left pane, click Settings.
- Under Appliance settings click Edit next to the Traffic Control section.
The
Traffic Control window opens.
- From the Management Address drop-down menu, select the endpoint IP address for the management traffic between the local cloud appliances, where the Tunnel Appliance redirects all traffic when not setting a specific data endpoint.
- From the NFC Address drop-down menu select the endpoint IP address for the outgoing Network File Copy (NFC) traffic to the destination ESXi host. All outgoing data traffic to the ESXi hosts goes through this endpoint address.
- From the LWD Address drop-down menu select the endpoint IP address for the incoming Lightweight Delta Protocol (LWD) traffic. This endpoint address receives the incoming data traffic from the local source ESXi host.
- To confirm the selected endpoint addresses, click Apply.
Repeat this step for the remaining
Replicator Appliance instances in the cloud site.
- After configuring all Replicator Appliance instances, in the Cloud Director Replication Management Appliance enable tunneling to the new Tunnel Appliance endpoint address.
- In a Web browser, go to https://Cloud-Replication-Management-Appliance-IP-Address/ui/admin.
- Select Appliance login or SSO login and enter the root or the single sign-on user credentials.
- Click Login.
- In the left pane under the Configuration section, click Settings.
- Under Service endpoints, next to Tunnel Service address click Edit.
- In the Tunnel Service Settings window, enter the root user password of the Tunnel Appliance.
The
Tunnel Service Endpoint address is already populated and the
Appliance user is set to
root.
- Click Apply.
- Verify the thumbprint and accept the certificate of the Tunnel Service.
Results
The selected endpoint addresses control the incoming and outgoing traffic.
What to do next
You can ensure that the selected endpoint addresses do not affect the VMware Cloud Director Availability connectivity. For more information, see Verify uptime and local and remote connectivity in the Cloud site.