Ports
Veeam Backup for OLVM and RHV automatically creates firewall rules for the ports required to allow communication between the backup appliance, workers and the backup server.
Backup Appliance
The following table describes network ports that must be open to ensure proper communication of the backup appliance with other backup infrastructure components.
From | To | Protocol | Port | Notes |
|---|---|---|---|---|
Backup appliance | Backup server | TCP | 10006 | Used to communicate with the Veeam Backup & Replication server. |
Virtualization manager | TCP/HTTPS | 443 | Used to communicate with the REST API service running on the Virtualization manager. | |
Virtualization manager | TCP | 54323 | Used to communicate with Virtualization manager (hosted engine). | |
KVM host | TCP/HTTPS | 443 | Used to communicate with the REST API service running on an KVM host. | |
KVM host | TCP | 54322 | Used to communicate with KVM hosts. | |
Workers | TCP | 19000 | Used to communicate with workers. | |
Veeam backup repository or gateway server | TCP | 2500-3300 | Default range of ports used as transmission channels for jobs and restore sessions. For each TCP connection that a job uses, one port from this range is assigned. | |
Ubuntu Security and OS Update repository (security.ubuntu.com, archive.ubuntu.com) | TCP/HTTP(S) | 80 (443) | Used to get OS security updates. | |
.NET Core Update repository | TCP/HTTPS | 443 | Used to get .NET Core updates. | |
Veeam Updater repository (repository.veeam.com, cloudfront.net) | TCP/HTTPS | 443 | Used to download backup appliance update packages. | |
Nginx repository (nginx.org/packages/, nginx.org/packages/keys/) | TCP/HTTPS | 443 | Used to download Nginx packages required for backup appliance web console updates. |
Workers
The following table describes network ports that must be open to ensure proper communication of workers with other backup infrastructure components.
From | To | Protocol | Port | Notes |
|---|---|---|---|---|
Worker | Backup server | TCP | 10006 | Used to communicate with the Veeam Backup & Replication server. |
Virtualization manager | TCP/HTTPS | 443 | Used to communicate with the REST API service running on the Virtualization manager. | |
Virtualization manager | TCP | 54323 | Used to communicate with Virtualization manager (hosted engine). | |
KVM host | TCP/HTTPS | 443 | Used to communicate with the REST API service running on an KVM host. | |
KVM host | TCP | 54322 | Used to communicate with KVM hosts. | |
Backup appliance | TCP | 19001 | Used to communicate with the backup appliance. | |
Veeam backup repository or gateway server | TCP | 2500-3300 | Default range of ports used as transmission channels for jobs and restore sessions. For each TCP connection that a job uses, one port from this range is assigned. | |
Ubuntu Security and OS Update repository (security.ubuntu.com, archive.ubuntu.com) | TCP/HTTP(S) | 80 (443) | Used to get OS security updates. | |
.NET Core Update repository | TCP/HTTPS | 443 | Used to get .NET Core updates. | |
Veeam Updater repository (repository.veeam.com, cloudfront.net) | TCP/HTTPS | 443 | Used to download backup appliance update packages. | |
Nginx repository (nginx.org/packages/, nginx.org/packages/keys/) | TCP/HTTPS | 443 | Used to download Nginx packages required for backup appliance web console updates. |
Backup Server
The following table describes network ports that must be open to ensure proper communication of the backup server with other backup infrastructure components.
From | To | Protocol | Port | Notes |
|---|---|---|---|---|
Backup appliance, Veeam Backup & Replication console | Backup server | TCP/HTTPS | 8544 | Used to communicate with the Platform Service REST API.
|
Backup server | FLR helper appliance | TCP | 22 | Used to connect to the helper appliance during file-level restore. |
Backup server | TCP/HTTPS | 6172 | Used by the Platform Service to enable communication with the Veeam Backup & Replication database. | |
Virtualization manager | TCP/HTTPS | 443 | Used to communicate with the REST API service running on the Virtualization manager. | |
Virtualization manager | TCP | 54323 | Used to communicate with the Virtualization manager (hosted engine). | |
Backup appliance | TCP/HTTPS | 443 | Used by the Platform Service to connect to the backup appliance. |
Note |
For the list of ports used by the backup server to communicate with backup repositories, see the Veeam Backup & Replication User Guide, section Used Ports. |