You isolate the network traffic to the vSphere Replication Server by dedicating a VMkernel network adapter on each management ESXi host that sends data to the vSphere Replication Server.

Procedure

  1. Add static network routes on the first ESXi hosts in the management clusters in all regions.
    Region Host Name Source Gateway Target Network
    Region A sfo01m01esx01.sfo01.rainpole.local 172.16.16.253 172.17.16.0/24
    Region B lax01m01esx01.lax01.rainpole.local 172.17.16.253 172.16.16.0/24
    1. Open an SSH session to the sfo01m01esx01.sfo01.rainpole.local host in Region A and log in using the following credentials.
      Setting Value
      User name root
      Password esxi_root_user_password
    2. Run the following command to create a route to the recovery region for the hosts in Region A or to the protected region for the hosts in Region B.
      Region of the ESXi Host Command
      Region A esxcli network ip route ipv4 add --gateway 172.16.16.253 --network 172.17.16.0/24
      Region B esxcli network ip route ipv4 add --gateway 172.17.16.253 --network 172.16.16.0/24
    3. Verify the routing table by running the following command.
      esxcli network ip route ipv4 list
    4. Repeat the step on the lax01m01esx01.lax01.rainpole.local host in Region B.
  2. Log in to vCenter Server by using the vSphere Web Client.
    1. Open a Web browser and go to https://sfo01m01vc01.sfo01.rainpole.local/vsphere-client.
    2. Log in using the following credentials.
      Setting Value
      User name administrator@vsphere.local
      Password vsphere_admin_password
  3. Update the host profile of the management cluster.
    1. From the Home menu, select Home.
    2. In the Navigator pane, click Policies and Profiles and click Host Profiles.
    3. Right-click sfo01-m01hp-mgmt01 and select Copy Settings from Host.
    4. Select sfo01m01esx01.sfo01.rainpole.local and click OK.
  4. Verify that the static route settings have been updated in the host profile.
    1. On the Host Profiles page in the Navigator, click sfo01-m01hp-mgmt01.
    2. On the Configure tab, click Settings.
    3. In Filter search box, type in 172.16.16.253.
      You locate the Network Configuration > NetStack Instance > defaultTcpipStack > IP route Configuration > IP route config profile property.
    4. Select the IP route config entry from the list and verify the following values.
      Settings Value
      IP Next Hop 172.16.16.253
      Destination Network address 172.17.16.0
      Device Name vmk2
  5. Check compliance and remediate the remaining management hosts in Region A.
    1. On the Policies and Profiles page, select sfo01-m01hp-mgmt01.
    2. On the Monitor tab, click the Compliance tab.
    3. Select sfo01-m01-mgmt01 in the Host/Cluster column and click Check Host Profile Compliance.
      This compliance test shows that the first host is Compliant, and that the other hosts are Not Compliant.
    4. Select each of the non-compliant hosts, click Remediate Hosts Based on its Host Profile.
    5. In the Remediate Hosts Based on Host Profile wizard, enter Host Name if prompted for NetStack Instance >vxlan>DNS configuration, and click Next.
    6. On the Ready to complete page, click Finish.
      All hosts show a Compliant status in the Host Compliance column.
  6. Repeat the steps to reconfigure the lax01m01esx01.lax01.rainpole.local host in Region B, using the following values.
    Setting Value
    Template ESXi host lax01m01esx01.lax01.rainpole.local
    Source Gateway 172.17.16.253
    Target Network 172.16.16.0/24
    Command to execute esxcli network ip route ipv4 add --gateway 172.17.16.253 --network 172.16.16.0/24
    vCenter Server URL https://lax01m01esx01.lax01.rainpole.local/vsphere-client/
    Host Profile lax01-m01hp-mgmt01
    Filter value 172.17.16.253
    IP Next Hop 172.17.16.253
    Destination Network address 172.16.16.0
    Device Name vmk2