ADSM-L

Re: Library Manager/Client & Firewall - the sage continues

2004-05-21 11:23:54
Subject: Re: Library Manager/Client & Firewall - the sage continues
From: Matthew Glanville <matthew.glanville AT KODAK DOT COM>
To: ADSM-L AT VM.MARIST DOT EDU
Date: Fri, 21 May 2004 10:44:02 -0400
1.  Put another NIC in the 3494 dual home it to the Linux newtork (OS/2 can
do this just fine), or just use a crossover connection.  (dont forget the
3494 software configuration parts allowing those IP's to control it...)
2.  Don't run the Linux TSM server as a library client.  Allow the 3494 to
do the tape managment by using different private tape categories between
the AIX and Linux tape library definitions.  (eliminating the need for the
Linux server to talk to the AIX one)

Also, I think by having both the Linux and AIX server on the same SAN you
are really dual homed on that too... Someone could configure fiber channel
IP over that......and....well...... it will cause your firewall admin to be
even more paranoid of the TSM servers.

I believe that with IBM 3494's you dont necessarily need the shared library
functions of TSM,  Just keep the private tape categories different in the
library definitions. (and scratch to if  you want to further partition the
library)

Matthew Glanville
Eastman Kodak




                      Zoltan
                      Forray/AC/VCU            To:      ADSM-L AT VM.MARIST DOT 
EDU
                      <zforray AT VCU DOT EDU         cc:
                      >                        Subject: Library Manager/Client 
& Firewall - the sage continues
                      Sent by: "ADSM:
                      Dist Stor
                      Manager"
                      <[email protected]
                      T.EDU>


                      05/20/2004 04:06
                      PM
                      Please respond
                      to "ADSM: Dist
                      Stor Manager"






Once again, I am looking for help/confirmation/suggestions on how to make
this seemingly impossible configuration of Library Manager/Library
Server/TSM server behind firewall.

This is what we are attempting----sorry about the repeats for those folks
who have been living through this mess, with me !

1.  3494-ATL with FC drives
2.  1-TSM AIX server acting as the Library Manager. Attached to SAN.
3.  1-TSM Linux server acting as a Library Client. Attached to SAN.

Here are the conditions/requirements:

a. The AIX server and the 3494 are on the same, private subnet.  The AIX
server is dual-homed with another nic that is accessible from the outside.
b. The Linux server is behind a firewall/nat on a completely different
network.  Dual-homing IS NOT ALLOWED.  We have been able to configure a
static IP address for when this server goes out the firewall.

Issue:

The Linux server needs to use the 3590-FC drives in the 3494-ATL.

Problem:

Server-to-server communications is not constant or kept open. While the
Linux server can contact and initiate communications with the AIX server,
the AIX server can not initiate a communications session with the Linux
server.....thus the AIX server can't manage the access to the tape library
and drives.

How can we resolve this ?  From my point of view, I can see how to do this
without either another connection to the ATL (again, not allowed as
dual-homed.....can the ATL have multiple IP addresses, one behind the
firewall, the other not ???) or another ATL just for the Linux server (not
do-able - no $$$$$).

We are open to any and all suggestions.

<Prev in Thread] Current Thread [Next in Thread>