Veeam Cloud Connect Scalability Tweaks
Purpose
This article documents advanced settings to optimize Veeam Cloud Connect to handle many connections.
Numerous optimizations to the Cloud Connect framework on both the service provider and the tenant sides have been introduced to increase its scalability (including the number of concurrent tenant jobs per Cloud Connect server) and reliability at scale.
The Veeam Backup & Replication 12 release was tested with 1000 concurrent workloads per Cloud Connect instance. Reaching this number may require applying additional tweaks provided in this article.
One recommended approach for building scalable architecture is using the pod design.
Solution
The registry values below are to be set on each server in the infrastructure.
LogDirectory
Defines the default log storage directory. (For more information, see KB1825)
Key Location: HKLM\SOFTWARE\Veeam\Veeam Backup and Replication\
Value Name: LogDirectory
Value Type: String Value (REG_SZ)
Value Data: <path>
Recommendation: Specify a folder location with sufficient free space to ensure
Note:
- The path provided must be to a folder on a drive of the server without the trailing slash.
- The path cannot be a remote location or mapped drive.
TcpTimedWaitDelay
Defines the time that must elapse before TCP can release a closed connection and reuse its resources. For more information, refer to this Microsoft Article.
Key Location: HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\
Value Name: TcpTimedWaitDelay
Value Type: DWORD (32-Bit) Value
Default Value Data: 240
Recommended Value Data: 30
Remote PostgreSQL Configuration Optimization
When using a self-deployed PostgreSQL server to host the Veeam Cloud Connect configuration database, ensure that the recommended hardware resource limits have been set.
For more information, review Configuring PostgreSQL Instance and the Set-VBRPSQLDatabaseServerLimits PowerShell command documentation.
Note: If the PostgreSQL server is on a different machine than the Veeam Cloud Connect deployment, review the Modifying Remote PostgreSQL Instance Manually section.
Cloud Gateway-Specific Settings
The registry values in this section should be created on all existing cloud gateway servers.
Note: These settings regulate different DDoS prevention mechanisms and should be used with caution.
DefaultBanDuration
Defines default connection ban duration.
Key Location: HKLM\SOFTWARE\Wow6432Node\Veeam\Veeam Gate Service
Value Name: DefaultBanDuration
Value Type: DWORD (32-bit) Value
Value Data: 60000 (in milliseconds) [Default]
Recommendation: Test with the value of 0 to determine if connections are being dropped due to internal Cloud Connect DDoS protection logic.
DefaultWarningLimit
Defines a threshold for suspicious connections originating from a single IP address. If exceeded, the IP address gets banned.
Key Location: HKLM\SOFTWARE\Wow6432Node\Veeam\Veeam Gate Service
Value Name: DefaultWarningLimit
Value Type: DWORD (32-bit) Value
Default Value Data: 64
Recommendation:
Set to 512 and higher. The value may need to be set even higher if the Cloud Gateway Server is behind NAT.
MaxSimultaneousCloudConnections
Defines the total number of allowed simultaneous connections to a cloud gateway. Connections exceeding the threshold get dropped automatically.
Key Location: HKLM\SOFTWARE\Wow6432Node\Veeam\Veeam Gate Service
Value Name: MaxSimultaneousCloudConnections
Value Type: DWORD (32-bit) Value
Default Value Data: 1024
Recommended value: 15000 - for a maximum of 500 concurrent tasks. To support more simultaneous connections deploy additional cloud gateways.
PeerCloudConnectionsLimit
Defines the number of allowed simultaneous connections to a cloud gateway originating from a single IP address. Connections exceeding the threshold get dropped automatically.
Key Location: HKLM\SOFTWARE\Wow6432Node\Veeam\Veeam Gate Service
Value Name: PeerCloudConnectionsLimit
Value Type: DWORD (32-bit) Value
Default Value Data: 64
Recommendation: The recommended value with vary depending on the number of agents backed up directly to a cloud repository from a single IP address (NAT). Use the following formula: X = N * 20
Where N is the number of agents backed up from a single IP address, and 20 is the maximum number of connections established to a cloud gateway by an agent.
More Information
To report a typo on this page, highlight the typo with your mouse and press CTRL + Enter.