DR guide

Offsite & DR with PBS Remote Sync

Design and implement Remote Sync between Proxmox Backup Servers, plan bandwidth and schedules, and learn how to run failover restore drills.

View pricing Back to resources

What you get

Offsite made simple.

  • 01Primary/secondary PBS layout
  • 02Bandwidth sizing + schedules
  • 03Namespace and role isolation
  • 04Failover drill checklist

Contents

1) Design the topology

  • Primary PBS: Receives backups from PVE clusters.
  • Secondary PBS: Receives Remote Sync from primary to keep an offsite copy.
  • Namespaces/datastores: Mirror names across primary/secondary to simplify restores and permissions.
  • Network: Use a dedicated path/VPN between sites; enforce TLS and token scope.

2) Plan bandwidth and capacity

  • Estimate change rate (daily deltas) and the throughput the link can sustain.
  • Target to finish syncs reliably; increase bandwidth if needed.
  • Use bandwidth limits on the Remote Sync job if you need to protect production traffic.
  • Measure effective throughput with a test sync and adjust limits accordingly.

3) Set up Remote Sync

On the primary PBS:

  • Create a scoped token on the secondary PBS with access to the target datastore/namespace.
  • Remotes > Add: enter secondary PBS hostname, port, and token.
  • Sync Jobs > Add: choose datastore/namespace and bandwidth limit.
  • Enable Remove vanished only if you want deletions mirrored; otherwise, keep off for extra safety.

CLI example:

proxmox-backup-manager remote add secondary --host secondary.example.com --token 'pbs@pbs!sync=SECRET'
proxmox-backup-manager sync-job create sync-secondary \
  --remote secondary --remote-store primary --store primary \
  --schedule "daily" --delete 0 --limit 0

4) Security and isolation

  • Scope tokens to specific datastores/namespaces; rotate regularly.
  • Restrict firewall rules to required ports from primary to secondary.
  • Separate admin accounts per PBS; enable 2FA and audit logging.

5) Run failover restore drills

  • Monthly: restore a VM/CT from secondary PBS to a test PVE cluster; measure RTO and throughput.
  • Check fingerprints and TLS trust on the secondary before drills to avoid delays.
  • Document steps: switch PVE backup target to secondary, run restore, validate app health, then switch back.

6) Example DR playbook

  • Document roles for primary and secondary ownership.
  • Keep a runbook with failover and restore steps.
  • Run quarterly failover drills and capture lessons learned.
  • Drills: monthly restore to test cluster; quarterly full failover simulation.

Need offsite PBS designed and tested?

We size bandwidth, build sync jobs, and give you a drill checklist to run.

See plans