A VMware Cloud DR protected site encompasses vCenter Servers, protection groups, and recovery plans.

To set up a VMware Cloud DR (sometimes called VCDR) protected site, you create the site and then deploy the DRaaS Connector as a virtual machine into your vSphere environment, either on-premises or a VMware Cloud on AWS SDDC.

After you set up a protected site, you create protection groups to replicate snapshots to a cloud file system. You can then use available snapshots from the cloud file system to recover protected VMs into your recovery SDDC using recovery plans. Once the protected site is available, you can initiate failback.
Note: When protecting an SDDC using VMware Cloud DR, the recovery SDDC and VMware Cloud DR deployment must be in the same CSP organization as the protected SDDC.

The DRaaS Connector architecture shows how the connector connects to you protected site vCenter.

Dimensions of a Protected Site

A VMware Cloud DR protected site encompasses vCenter Servers, protection groups, and recovery plans.

A protected site (on-premises vSphere or an SDDC) includes vCenter Servers which contain the VMs you want to protect. A vCenter Server can only be registered to one protected site, but one protected site can protect multiple vCenter Server. Each vCenter Server can have multiple protection groups and recovery plans.

Logical dimensions of a protected site.
Note: For more information about VMware Cloud DR configuration limits, visit the VMware Configuration Maximums tool.

Protected Site Setup Considerations

Consider the following suggestions when deploying the DRaaS Connector on your protected site.
Note: These suggestions are not operational scale limits.
  • Deploy one DRaaS Connector for every 250 VMs total in the protected site’s vCenter Server inventory, counting all VMs in vCenter Server, protected or not. If you have 1000 VMs, you do not have to deploy more than four DRaaS Connectors (although there is no harm in deploying additional DRaaS Connectors). You can add connectors as needed. You need not commit to a particular number of connectors up front.
  • Deploy only one DRaaS Connector on a single host.
  • Deploy at least two connectors per-protected site, for redundancy.
  • Sites with more 10,000 VMs might exhibit some responsiveness issues with the VMware Cloud DR UI, such as slow loading of pages or windows when previewing protection group VM membership, creating and editing recovery plans, and during plan compliance checking.
  • VMware Cloud DR supports protecting up to 6000 VMs on a site with a single vCenter Server. To protect up to 6000 VMs in a single vCenter Server, you need four separate protected sites, each with its own cloud file system (four cloud file systems).

Protected SDDC Network Considerations

Before you set up a protected site for an SDDC, you must create the SDDC and have a network segment already configured for it.

Follow these guidelines when configuring a network segment for the DRaaS Connector on the protected site:
  • If you are using DHCP for the DRaaS Connector VM, when configuring DHCP from the VMC Console, leave the DNS value empty. Leaving this value empty allows the network to use the default DNS server for the SDDC.
  • If you are using a static IP address for the DRaaS Connector VM, log in to the VMC Console and on the Networking & Security tab for your SDDC, you can use the DNS service Compute Gateway IP address for the connector VM.
  • When setting up the protected site, decide whether you want VMware Cloud DR to create the DRaaS Connector firewall rules, or if you want to create the firewall rules yourself (manually). For more information, see DRaaS Connector Firewall Rules for a Protected SDDC.

AWS Direct Connect

You have the option of using AWS Direct Connect for connecting your protected site to VMware Cloud DR.

AWS Direct Connect provides a dedicated network connection between your on premises data center and AWS services. With this connection, you can create public virtual interfaces (VIFs) that give you direct access to all public AWS IP addresses, including VMware Cloud DR components.

For more information, see AWS Direct Connect.