I was hoping that 6.1 was going to fix this however I’m still having trouble with Veeam replication through a VPN tunnel that occasionally drops and rebuilds. When that happens the job fails and I get an error: Error: Client error: Exception of type 'Veeam.Backup.AgentProvider.AgentClosedException' was thrown.
The drop is under 60 seconds while the VPN tunnel renegotiates and I don’t see why Veeam can’t take that kind of delay. I’m replacing some Equallogic SAN-2-SAN replication jobs with Veeam and the Equallogic jobs can deal with the tunnel renegotiation without starting over but Veeam can’t seem to.
Is there anything on the horizon that would address this?
Thanks,
-
christiankelly
- Service Provider
- Posts: 128
- Liked: 11 times
- Joined: May 06, 2012 6:22 pm
- Full Name: Christian Kelly
- Contact:
-
foggy
- Veeam Software
- Posts: 21138
- Liked: 2141 times
- Joined: Jul 11, 2011 10:22 am
- Full Name: Alexander Fogelson
- Contact:
Re: Veeam replication resiliency through a VPN that renegoti
Christian, yes, we do plan to add resume transfer functionality down the road. Currently, Veeam B&R can resist to very bad connections and minor packet loss but if the connection is dropped, the job fails and the data is retransferred during the next job run.
-
christiankelly
- Service Provider
- Posts: 128
- Liked: 11 times
- Joined: May 06, 2012 6:22 pm
- Full Name: Christian Kelly
- Contact:
Re: Veeam replication resiliency through a VPN that renegoti
That's good news. Some jobs are LONG. I have a job that takes about 12+ hours so being able to withstand a dropped tunnel is important because if it fails it even takes longer the next time.
-
tsightler
- VP, Product Management
- Posts: 6035
- Liked: 2860 times
- Joined: Jun 05, 2009 12:57 pm
- Full Name: Tom Sightler
- Contact:
Re: Veeam replication resiliency through a VPN that renegoti
Even today Veeam can actually survive fairly long periods of outages, however, typically when there is a complete loss it means that some network device (possibly the VPN device itself) reported the loss of the connection via an ICMP "destination unreachable". This will signal Windows to close the TCP connection and unfortunately, as stated above, right now there is no resume function. You can sometimes work around these by filtering out the ICMP "destination unreachable" messages from the Windows proxies using the Windows firewall, at which point the link becomes subject to TCP timeouts only, which are generally quite long.
You can also use a product like Hyper-IP, which uses techniques like ICMP suppression and TCP keepalives to help TCP connections survive link outages. It's quite effective.
All of that being said, 60 seconds to renegotiate a VPN connection seems pretty long, might want to look at ways to reduce that time.
You can also use a product like Hyper-IP, which uses techniques like ICMP suppression and TCP keepalives to help TCP connections survive link outages. It's quite effective.
All of that being said, 60 seconds to renegotiate a VPN connection seems pretty long, might want to look at ways to reduce that time.
Who is online
Users browsing this forum: efd121, Semrush [Bot], veremin and 155 guests