Re: Advanced Cross vCenter Export VM - Network Req...

andvm · ‎03-15-2023

Hi,

With regards to ports can you confirm that for a VM export there is no need to open TCP/8000?

So the below are enough:

TCP/902 between Hosts Management of Source/Destination

TCP/443 between Source VCSA and Destination VCSA

From what I understand the Source VCSA will create an encrypted connection to destination VCSA and use it to transfer the VMDK/s from Source Host to Destination Host using NFC protocol - please confirm as did not see detailed traffic flow.

Also will the NFC traffic consume all uplink bandwith? Is there a way to throttle this since traversing multiple firewalls?

Thanks

Lalegre · ‎03-15-2023

@andvm,

The requirements you will need for the ports are exactly the same as a Cross-vCenter vMotion when they are linked, so the ports you mentioned are correct but are missing the 8000 as you clearly mentioned: https://kb.vmware.com/s/article/2106952#network_port_requirements

Now for limiting the egress and ingress traffic, you could modify the Traffic Shaping policy on the Provisioning portrgroup, if you create one, the operation will run over there and you will be able to segregate the traffic from the Management VMkernel.

andvm · ‎03-16-2023

ok so there is no NFC without vMotion? (They are needed both even if doing just a clone - no vmotion)

Thought they were different and that clone operation uses only NFC.

Think it should also be bi-directional as there is import VM functionality that can be launched from destination VCSA.

Lalegre · ‎03-16-2023

@andvm,

Honestly, that is what understood by reading the documentation and using the utility myself. However, a good test to see where the traffic is flowing is to start an esxtop and check the vmk utilization when you start an Import/Export. If you have 2 VMkernels, one for Provisioning and one for vMotion, the bandwidth should spike quite fast and you will easy identify where the traffic is going.

All

Advanced Cross vCenter Export VM - Network Requirements