Sep 03

Veeam B&R: Flow matrix and Transport modes

Hi, this post (Veeam B&R: Flow matrix and Transport modes) is focused on Backup Proxies interaction and ports requirements. Understand Veeam core components and their communication is very useful especially to improve the security of your architecture (cybersecurity and compliance). Note: Veeam Help Center section covers typical connection settings for the backup infrastructure components (used ports). The following article shows the flow matrix and ports that must be opened to ensure proper communication of the Backup Server with backup infrastructure components…


When Veeam B&R is initially installed, the Veeam Backup Server (named “Management Server” on the picture below) coordinates all job activities and, until you deploy a Backup Proxy (Veeam Transport) handles data traffic itself. That is, when you run a backup, replication, VM copy, VM migration job or perform restore operations, VM data is moved from source to target through the Veeam Backup Server. So, by default Veeam Backup Server plays Backup Proxy role. This scenario is acceptable for virtual environments where few backup jobs are performed, in large-scale environments, however, the workload on the Veeam Backup Server will be significant. To take the workload off the Veeam Backup Server, Veeam B&R uses backup proxies. A Backup Proxy is an architecture component that sits between data source and target and is used to process jobs and deliver backup traffic. In particular, the backup proxy tasks include retrieving VM data from the production storage, compressing and sending it to the backup repository (for example, if you run a backup job) or another backup proxy (for example, if you run a replication job). As the data handling task is assigned to the Backup Proxy, the Veeam Backup Server becomes the point of control for dispatching jobs to proxy servers. The role of a Backup Proxy can be assigned to a dedicated Windows server (physical or virtual) in your virtual environment (physical on the picture below). You can deploy backup proxies both in the primary site and in remote sites (ROBO). To optimize the performance of several concurrent jobs, you can use a number of backup proxies. In this case, Veeam B&R will distribute the backup workload between available Backup Proxies. Using Backup Proxies lets you easily scale your backup infrastructure up and down based on your demands. Backup Proxies run light-weight services that take a few seconds to deploy. Deployment is fully automated, Veeam B&R installs the necessary components on a Windows-based server when you add it to the product console. As soon as you assign the role of a backup proxy to the added server, Veeam Backup Server starts the required services on it. The primary role of the Backup Proxy is to provide an optimal route for backup traffic and enable efficient data transfer: transport modes. The efficiency of a backup job and time required for its completion in many respects depends on the transport mode. The communication between the Veeam Backup Server and VMware vCenter is very crucial, Veeam Backup Proxies need also to communicate with VMware ESXi.

Ports used:

  • VBR to VMware vCenter: TCP 443
  • VBR to Backup Proxy: TCP 6160, 6162, 2500-5000
  • VBR to Repository: TCP 6160, 6162, 2500-5000
  • REPOSITORY to Backup Proxy: TCP 2500-5000
  • Backup Proxy to VMware vCenter: TCP 443
  • Backup Proxy to VMware ESXi: TCP 902

Full Backup Server Connections Guide.


The transport mode is a method that is used by the Veeam Data Mover Service to read VM data from the source and write VM data to the target. Depending on the type of Backup Proxy and your backup architecture, the Backup Proxy can use one of the following data transport modes: Direct Storage Access, Virtual Appliance or Network (for VMware, VBR leverages VMware vStorage APIs for Data Protection – VADP). If the VM disks are located on the SAN storage and the SAN storage is added to the VBR console, the backup proxy can also use the Backup from Storage Snapshots mode. You can explicitly select the transport mode or let Veeam Backup Server automatically choose the mode. For reading data, Veeam B&R offers the following modes (starting with the most efficient):


  • Direct Storage Access
  • Virtual Appliance
  • Network

Veeam Data Mover service is responsible for reading data on a Backup Proxy server. The transport mode can be defined in the settings of the Backup Proxy that performs the job. When configuring Backup Proxy settings, you can manually select a transport mode or let Veeam B&R select the most appropriate mode automatically. If you use automatic mode selection, Veeam B&R will scan the backup proxy configuration and its connection to the VMware infrastructure to choose the optimal transport mode. If multiple transport modes are available for the same proxy, Veeam Backup Server will choose the mode in the following order: Direct Storage Access (Direct SAN), Virtual Appliance (Hot Add), Network (NBD). For writing data to the target destination, VBR normally uses the Network mode. In some cases, such as VM replication or full VM recovery, Veeam B&R also supports the Virtual Appliance mode and the Direct Storage Access mode. You cannot select the transport mode for writing data, Veeam B&R selects it automatically, based on the backup proxy configuration.


Step by Step Guide Veeam B&R 9.5 U3a Upgrade!

You can learn more about Veeam Backup & Replication 9.5 here.

VeeamON Chicago – Vision & Strategy 2018 – Recap!

VeeamONForum France Recap!

VeeamON Forum France – Interviewed by LeMagIT: LeMagIT

 
 

Please follow and like us:
fb-share-icon
Tweet

Christopher GLEMOT

CTO | Technical specialist around Data Management, Security, Cyber Security, Cyber Resilience, Backup, Disaster Recovery, Multi-Cloud, and Storage | Veeam Vanguard | Varonis Elite | Owner of original-network.com

Advertisement

1 ping

  1. […] Continue reading » […]

Leave a Reply

error

Enjoy this blog? Please spread the word :)