#1 Global Leader in Data Protection & Ransomware Recovery

Veeam Cloud Connect Scalability Tweaks

KB ID: 4217
Product: Veeam Backup & Replication | 12 | 12.1
Veeam Cloud Connect | 12
Published: 2021-10-04
Last Modified: 2023-12-12
mailbox
Get weekly article updates
By subscribing, you are agreeing to have your personal information managed in accordance with the terms of Veeam's Privacy Notice.

Cheers for trusting us with the spot in your mailbox!

Now you’re less likely to miss what’s been brewing in our knowledge base with this weekly digest

error icon

Oops! Something went wrong.

Please try again later.

Purpose

This article documents advanced settings to optimize Veeam Cloud Connect to handle many connections.

Numerous optimizations to the Cloud Connect framework on both the service provider and the tenant sides have been introduced to increase its scalability (including the number of concurrent tenant jobs per Cloud Connect server) and reliability at scale.

The Veeam Backup & Replication 12 release was tested with 1000 concurrent workloads per Cloud Connect instance. Reaching this number may require applying additional tweaks provided in this article.

One recommended approach for building scalable architecture is using the pod design.

Article Applicability
The recommendations in this article are intended only for Service Providers handling over 300 concurrent tasks or those directed by Veeam Technical Support representatives.

Solution

The registry values below are to be set on each server in the infrastructure.

LogDirectory

Defines the default log storage directory. (For more information, see KB1825)

Key Location: HKLM\SOFTWARE\Veeam\Veeam Backup and Replication\
Value Name: LogDirectory
Value Type: String Value (REG_SZ)
Value Data: <path>

Recommendation: Specify a folder location with sufficient free space to ensure

Note:

  • The path provided must be to a folder on a drive of the server without the trailing slash. 
  • The path cannot be a remote location or mapped drive.
  • Restart not required, but recommended to ensure all running services begin writing to the new locaiton.

 

TcpTimedWaitDelay

Defines the time that must elapse before TCP can release a closed connection and reuse its resources. For more information, refer to this Microsoft Article.

Key Location: HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\
Value Name: TcpTimedWaitDelay
Value Type: DWORD (32-Bit) Value
Default Value Data (Dec): 240
Recommended Value Data (Dec): 30

Note: Machine reboot required to apply changes.

Remote PostgreSQL Configuration Optimization

When using a self-deployed PostgreSQL server to host the Veeam Cloud Connect configuration database, ensure that the recommended hardware resource limits have been set.

For more information, review Configuring PostgreSQL Instance and the Set-VBRPSQLDatabaseServerLimits PowerShell command documentation.

Note: If the PostgreSQL server is on a different machine than the Veeam Cloud Connect deployment, review the Modifying Remote PostgreSQL Instance Manually section.

Cloud Gateway-Specific Settings

The registry values in this section should be created on all existing cloud gateway servers.

Note: These settings regulate different DDoS prevention mechanisms and should be used with caution

 

DefaultBanDuration

Defines default connection ban duration.

Key Location: HKLM\SOFTWARE\Wow6432Node\Veeam\Veeam Gate Service
Value Name: DefaultBanDuration
Value Type: DWORD (32-bit) Value
Default Value Data (Dec): 60000 (in milliseconds)

Recommendation: Test with the value of 0 to determine if connections are being dropped due to internal Cloud Connect DDoS protection logic.

 

DefaultWarningLimit

Defines a threshold for suspicious connections originating from a single IP address. If exceeded, the IP address gets banned.

Key Location: HKLM\SOFTWARE\Wow6432Node\Veeam\Veeam Gate Service
Value Name: DefaultWarningLimit
Value Type: DWORD (32-bit) Value
Default Value Data (Dec): 64

Recommendation: Set to 512 and higher. The value may need to be set even higher if the Cloud Gateway Server is behind NAT.

 

MaxSimultaneousCloudConnections

Defines the total number of allowed simultaneous connections to a cloud gateway. Connections exceeding the threshold get dropped automatically.

Key Location: HKLM\SOFTWARE\Wow6432Node\Veeam\Veeam Gate Service
Value Name: MaxSimultaneousCloudConnections
Value Type: DWORD (32-bit) Value
Default Value Data (Dec): 1024

Recommended value: 15000 - for a maximum of 500 concurrent tasks. To support more simultaneous connections deploy additional cloud gateways.

 

PeerCloudConnectionsLimit

Defines the number of allowed simultaneous connections to a cloud gateway originating from a single IP address. Connections exceeding the threshold get dropped automatically.

Key Location: HKLM\SOFTWARE\Wow6432Node\Veeam\Veeam Gate Service
Value Name: PeerCloudConnectionsLimit
Value Type: DWORD (32-bit) Value
Default Value Data (Dec): 64

Recommendation: The recommended value with vary depending on the number of agents backed up directly to a cloud repository from a single IP address (NAT). Use the following formula: X = N * 20

Where N is the number of agents backed up from a single IP address, and 20 is the maximum number of connections established to a cloud gateway by an agent.

More Information    

If unsure whether an advanced registry setting (even those not listed in this article) applies to your situation, please get in touch with Veeam Technical Support for assistance. 
To submit feedback regarding this article, please click this link: Send Article Feedback
To report a typo on this page, highlight the typo with your mouse and press CTRL + Enter.

Spelling error in text

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Thank you!

Thank you!

Your feedback has been received and will be reviewed.

Oops! Something went wrong.

Please try again later.

You have selected too large block!

Please try select less.

KB Feedback/Suggestion

This form is only for KB Feedback/Suggestions, if you need help with the software open a support case

By submitting, you are agreeing to have your personal information managed in accordance with the terms of Veeam's Privacy Notice.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Verify your email to continue your product download
We've sent a verification code to:
  • Incorrect verification code. Please try again.
An email with a verification code was just sent to
Didn't receive the code? Click to resend in sec
Didn't receive the code? Click to resend
Thank you!

Thank you!

Your feedback has been received and will be reviewed.

error icon

Oops! Something went wrong.

Please try again later.