Skip to main content
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Enjoy members-only rewards and discounts
  • Create and access a list of your products

PowerProtect Data Manager 19.14 Network-Attached Storage User Guide

Multiple VLAN support for NAS

From PowerProtect Data Manager 19.13, NAS supports Multiple Virtual Local Area Network (Multi-VLAN). It provides flexibility to separate NAS data protection from the network traffic leveraging VLANs. Since separate VLANs are configured within the environment, it ensures that the data is protected over VLANs to which you have configured for the protection job. It also enables the use of Data Protection (DP) across multiple VLANs. For example, if you have three VLANs (management, backup, and production), PowerProtect Data Manager allows you to separate control and data path operations on each VLAN you defined within PowerProtect Data Manager.

Best practices for adding VLANs

When you assign a network or VLAN at an asset, data communication always occurs between the protection engine and the DD system.

For more information about VLANs, see the PowerProtect Data Manager Administrator Guide.

  • Do not add the network or VLAN on which the PowerProtect Data Manager is already deployed.
  • While adding a network or VLAN, select the network purpose as per the requirement and ensure that only available IPs are added to Static IP Pool. To add a network or VLAN, perform the following:
    1. From the PowerProtect Data Manager UI, select Infrastructure > Networks. The Networks window appears.
    2. On the Networks window, enter the required information in the Configuration, Static IP Pool, and Routes sections.
    3. Verify the network configuration information in the Summary section, and then click Finish.
  • If you want to assign a network or VLAN at an asset level, configure Data Domain (DD) with those VLANs as per the network purpose whether it is Data/Management/Data for Management Components. To configure DD with the updated network or VLAN, perform the following:
    1. From the PowerProtect Data Manager UI, select Infrastructure > Storage. The Storage window appears.
    2. On the Storage window, select the Data Domain (DD) that needs to be updated.
    3. Click More Actions and select Change Network Settings. The Change Network Settings window appears.
    4. Select the network from the Network Name list and click Save.
  • You should create protection engines with the newly added VLANs. The existing protection engines cannot be configured with new VLANs.
  • You must configure the search nodes for the VLANs. There are three types of networks, Data, Management, and Data for Management components. Whenever a network or VLAN is added with the Data for Management Components option, the search engine has to be added with the new VLAN. To add the new network or VLAN to the search engine, perform the following:
    1. From the PowerProtect Data Manager UI, select Infrastructure > Search Engine. The Search Engine window appears.
    2. On the Search Engine window, select the search engine for which the VLAN needs to be added.
    3. Click More Actions and select Edit Networks. The Edit Search Engine Node window appears.
    4. In the Networks Configuration section, select the network from the Preferred Network PortGroup list and click Next.
    5. Verify the networks configuration information in the Summary section and click Finish.
  • If you have assets that have to be backed up on multiple VLANs, the respective assets should assign with the appropriate network or VLAN. To assign a network or VLAN for an asset, perform the following:
    1. In PowerProtect Data Manager UI, select Infrastructure > Assets > NAS.
    2. Select the asset, click More Actions and select Assign Network. The Assign Network page appears.
    3. Select a network from the Network Label list and click Save.

Limitations

  • Adding the existing VLAN allocates two IPs from the same VLAN to PowerProtect Data Manager and it causes RPF. In detail, when incoming and outgoing packages have different interface, Linux identifies this as a potential security issue and blocks the communication between the IPs/VLANs. This behavior is known as Reverse Path Forwarding or Filtering (RPF). For example, if PowerProtect Data Manager has two IPs in the same VLAN/subnet numbered 10.0.10.8 and 10.0.10.10. If another host with IP 10.0.10.9 sent request to 10.0.10.10, the request reaches 10.0.10.8, due to the different interface from incoming and outgoing packages, the system blocks this communication.
  • If an existing default network is added as a new VLAN by selecting Management or Data for Management Components option leads to RPF.
  • If PowerProtect Data Manager has more than one route path to the hosts in the same VLAN, it breaks one route path principle of network, which can cause RPF.

Rate this content

Accurate
Useful
Easy to understand
Was this article helpful?
0/3000 characters
  Please provide ratings (1-5 stars).
  Please provide ratings (1-5 stars).
  Please provide ratings (1-5 stars).
  Please select whether the article was helpful or not.
  Comments cannot contain these special characters: <>()\