Comprehensive data protection for all workloads
Post Reply
pparks1
Influencer
Posts: 24
Liked: 2 times
Joined: Sep 21, 2009 9:30 pm
Full Name: Patrick Parks
Contact:

A dedicated backup network questions????

Post by pparks1 »

Just thinking out loud, wondering if people had suggestions or ideas.

I'm going to be putting in a single standalone ESXi server talking to local disk storage. My plan is to put in a physical machine, running Veeam B&R 5.0.2 enterprise with a pile of physical disks.

At present, I have tested and have working network based backups and restores.

I then thought that it might be better to have an isolated LAN segment for backup purposes...so I didn't have to backup my VM's over the standard ethernet port that each has to the enterprise network.

So, I added a second interface to my physical Veeam B&R box. Gave it an ip in a 10 network.
I added a second interface to my virtual vCenter server running on my stand-alone ESXi box. This NIC is enabled for mgt traffic and also has an IP in the 10 network

I attempted to go into Veem B&R 5.0.2 and tried to add my vcenter host using the new secondary 10. network...but it couldn't connect. Came back with a failed to login to 10.0.0.1, by SOAP, port 443, user domain/user. It seems the vcenter host is not responding to traffic on the 10 network on port 443.

So, any ideas on what I need to do? Would I also have to put a second ethernet adapter on each and every VM too on this same 10. network segment to get traffic through this dedicated backup LAN
Gostev
Chief Product Officer
Posts: 31455
Liked: 6646 times
Joined: Jan 01, 2006 1:01 am
Location: Baar, Switzerland
Contact:

Re: A dedicated backup network questions????

Post by Gostev »

Network-based backup traffic does not go through vCenter server... the traffic is direct from ESXi host to backup server. vCenter traffic is minimal (vSphere API queries).
pparks1
Influencer
Posts: 24
Liked: 2 times
Joined: Sep 21, 2009 9:30 pm
Full Name: Patrick Parks
Contact:

Re: A dedicated backup network questions????

Post by pparks1 »

Alright, so my Veeam B&R box has 2 connections. 1 to the normal network LAN, and my vCenter server is also on this same normal network LAN. And within Veeam B&R, I know that I should be connecting to my virtual center directly and place the servers that I want into containers.

So, lets say that I add my vcenter server (192.168.1.1) to my veeam B&R server (192.168.1.2). Then, lets say that I have VM1 (192.168.1.3) and VM2 (192.168.1.4). In addition, VM1 and VM2 also have dedicated backup LAN interfaces (10.0.0.3 and 10.0.0.4 respectively). And my Veeam B&R server also has a physical interface plugged into that dedicated backup LAN (10.0.0.2).

So, my question is, how do I make my Veeam B&R box use the 10.0.0.2 interface to backup VM1 and VM2 using their 10.0.0.3 and 10.0.0.4 interfaces and not their typical LAN interfaces (192.168.1.3 and 192.168.1.4)? I thought maybe if I attached to the vCenter server on this same 10.0.0.x network, that my backups would also run on this network too. But if the backups don't pass through vCenter, that might not be the case.

Thanks in advance for your help.
pparks1
Influencer
Posts: 24
Liked: 2 times
Joined: Sep 21, 2009 9:30 pm
Full Name: Patrick Parks
Contact:

Re: A dedicated backup network questions????

Post by pparks1 »

I may have just figured this out on my own.

On my vcenter server, when I add in my ESXi host, I should add it via a DNS name, rather than directly by an IP address. Thus, I add ESXi server (esx1.example.com) to my Vcenter concole and this might correspond to the 192.168.1.3 IP address.

Then, on the Veeam B&R box, I would go into the HOSTS file and point esx1.example.com to the VMkernel port IP address assigned to the backup network. Then, as long as my VM's also have valid IP's on this same network segment, I'm guessing they will backup via that same network. IS THAT CORRECT?

Or would I also have to put in HOSTS entries on the B&R box for each of the VM's as well also pointing to their respective network based IP addresses on the 10.0.0.x network? I got a feeling I would have to do this HOSTS entry stuff for each and every host with a secondary interface. I'm pretty darn sure this is the answer. Guess I just needed to get away from the office for awhile to have it finally sink in.
Gostev
Chief Product Officer
Posts: 31455
Liked: 6646 times
Joined: Jan 01, 2006 1:01 am
Location: Baar, Switzerland
Contact:

Re: A dedicated backup network questions????

Post by Gostev »

Technically you are correct, but I never tried something like this and cannot guarantee 100% that this will work and that network backup traffic will be flowing through the desired network. There is no out of box way to choose the network in the product, and the plan above may or may not work because of some vCenter or ESXi implementation quirks (potentially). Worth trying though. Thanks!
pparks1
Influencer
Posts: 24
Liked: 2 times
Joined: Sep 21, 2009 9:30 pm
Full Name: Patrick Parks
Contact:

Re: A dedicated backup network questions????

Post by pparks1 »

Ok,

I got this working. I'll post what I did for the benefit of others who might also want to run an isolated ethernet network for keeping backup traffic off the standard LAN.

On the ESXi host itself,
--create a new virtual switch and assign a physical adapter that connects to the private backup network
--create a new VMKernel Port, with a vmk nic which has an IP address in the backup network range and enable this NIC for Management Traffic
--create a Virtual Machine Port Group within this vSwitch which you will assign to all VM's that you want to backup using this method

On the vCenter server
--Add your ESXi boxes using a DNS name (not the normal LAN ip address)

On the Veeam B&R server,
--obviously, it must have a second NIC configured in the private backup network
--Add the vCenter server to the console using the normal LAN IP address
--Create a HOSTS file entry on the server, which corresponds to the ESXi FQDN. Set this to point to the IP address of the ESXi server on the backup LAN

On the VM's (EDITED)
--There is nothing special that needs to be performed. Veeam B&R backs up direct from ESXi...not from the ethernet adapter on the VM itself.
--no secondary NIC's required on the backup network are necessary.


When scheduling jobs and running them from Veeam B&R, do it just like normal. Your Veeam server will contact vCenter and present your ESXi hosts by their FQDN. (i.e: ESXi1.example.com.). When the backup actually happens, Veeam B&R will then direct it's I/O to ESXi1.example.com..and since the server has a HOSTS file entry pointing to the backup LAN IP address...this I/O will now go over the private backup LAN.
Gostev
Chief Product Officer
Posts: 31455
Liked: 6646 times
Joined: Jan 01, 2006 1:01 am
Location: Baar, Switzerland
Contact:

Re: A dedicated backup network questions????

Post by Gostev »

Glad to hear this worked. And thanks for writing a short how-to for future readers, too. Much appreciated!
jclancy
Influencer
Posts: 14
Liked: never
Joined: Apr 02, 2015 3:35 pm
Full Name: Jason Clancy
Contact:

Re: A dedicated backup network questions????

Post by jclancy »

Did you have to plug the ethernet cables coming from the extra NICs into a separate physical switch? I have a physical machine running Veeam B&R 8.0 and I have a esxi production and a ESXI for what I want all my replications to go to. Now my Veeam server and Replication server are plugged into the same switch in another part of the building away from my production server. The switch is connected to another switch by fiber which the production server is plugged into. So do I need another switch to plug seperate NICS from the veeam and replication server to create a dedicated backup network between the veeam and the replication server? Replication is really slow only about 3-4MB/s.
foggy
Veeam Software
Posts: 21069
Liked: 2115 times
Joined: Jul 11, 2011 10:22 am
Full Name: Alexander Fogelson
Contact:

Re: A dedicated backup network questions????

Post by foggy »

Jason, how VM data are retrieved from the production host and written to the target host (what transport mode is used)? What bottleneck stats does this job show?
jclancy
Influencer
Posts: 14
Liked: never
Joined: Apr 02, 2015 3:35 pm
Full Name: Jason Clancy
Contact:

Re: A dedicated backup network questions????

Post by jclancy »

Setup

2 ESXI hosts vmware 5.5

1 Production esxi with 4 vm's and 7.2K SAS Drives GEN8
1ESXI Host with 1VM which has Veeam installed. The Veeam VM has 2 vCPU and 4GB mem. 10KSAS Drives Gen6

I have installed a veeam proxy on each esxi host.

Full Backup job

Source:40%
Proxy:36
Network:20%
Target:70% (Bottleneck)

Will a dedicated backup network help increase backup speed?
foggy
Veeam Software
Posts: 21069
Liked: 2115 times
Joined: Jul 11, 2011 10:22 am
Full Name: Alexander Fogelson
Contact:

Re: A dedicated backup network questions????

Post by foggy »

Since currently the bottleneck is on target, optimizing network transfer will not result in better performance. Could you please check whether hotadd mode is being utilized by the target proxy server? For that, please open the job session, select the VM to the left and look for the [hotadd] tag next to the proxy server name.
jclancy
Influencer
Posts: 14
Liked: never
Joined: Apr 02, 2015 3:35 pm
Full Name: Jason Clancy
Contact:

Re: A dedicated backup network questions????

Post by jclancy »

I looked in veeam job session while my backup was running and I couldn't see any hotadd tags. I guess the Hp ML350 G6 does not support hot adding. It must be running my backups on network mode. Which means if I want to replicate it will be just as slow.
foggy
Veeam Software
Posts: 21069
Liked: 2115 times
Joined: Jul 11, 2011 10:22 am
Full Name: Alexander Fogelson
Contact:

Re: A dedicated backup network questions????

Post by foggy »

Hotadd is not a feature of the hardware box but a VMware feature. Have you selected the particular VM in the list to the left? If network mode is used, you should see [nbd] tag instead of [hotadd]. Also, I was assuming the bottleneck stats you provided were for the replication job, not backup, since there's some difference in interpreting those for different types of jobs.
jclancy
Influencer
Posts: 14
Liked: never
Joined: Apr 02, 2015 3:35 pm
Full Name: Jason Clancy
Contact:

Re: A dedicated backup network questions????

Post by jclancy »

Thanks for the reply. I see ndb tag on all my BACKUP Jobs. The stats above are for my Backups not Replication. So if my veeam VM is on a difrent ESXI host from the ESXI host I want to backup (both have local storage) will hot add not work?
foggy
Veeam Software
Posts: 21069
Liked: 2115 times
Joined: Jul 11, 2011 10:22 am
Full Name: Alexander Fogelson
Contact:

Re: A dedicated backup network questions????

Post by foggy »

No, to be able to use hotadd, proxy server should have access to the source datastore (which is provided when you have proxy VM on the source host).
jclancy
Influencer
Posts: 14
Liked: never
Joined: Apr 02, 2015 3:35 pm
Full Name: Jason Clancy
Contact:

Re: A dedicated backup network questions????

Post by jclancy »

So I have veeam B&R and a proxy in a vm on target esxi and I have also installed another proxy on a vm on the source esxi. Does this help with hot add?
foggy
Veeam Software
Posts: 21069
Liked: 2115 times
Joined: Jul 11, 2011 10:22 am
Full Name: Alexander Fogelson
Contact:

Re: A dedicated backup network questions????

Post by foggy »

Yes, unless, again, some of the limitations from the mentioned KB apply.
amxtrucking
Lurker
Posts: 1
Liked: never
Joined: Aug 15, 2015 11:52 am
Full Name: Chase Mixon
Contact:

Re: A dedicated backup network questions????

Post by amxtrucking »

Ok, I know this is a little old, but I'm just getting around to looking at this. My environment is a little different than Patrick's. Everything is a VM on mine... So I have 2 FreeNas Servers with CIFS (Windows Shares) Running (these are Physical) I have 4 ESXi Host running 80 VM's. One Freenas is at the local Data Center, the other is at a remote location with PTP 50 Mb ISP connection to it. So I currently back to the local Freenas, then I replicate snapshots of it to the remote freenas. It all works really good, but when a backup is running we have noticeable slowness on the network. My ESXi host have 5 Nic's each, and I was thinking of taking one from each and putting it on a separate network, but I'm just not sure I'm up to the challenge. my concerns are...
1. if the backup storage is on a separate network how am I going to get access to that network without adding a nic to my machine (just for visibility)
2. how can I get the replication to work from site A to site B now that the backup is off the network (No access to the router)

Thanks in advance
Chase
Post Reply

Who is online

Users browsing this forum: Bing [Bot] and 198 guests