compare the "q opt" output from an instance that works with the instance
that doesn't.  There might be a conservative timeout setting.

Other long-shot things to compare are "q node (NODENAME) f=d" for the
specific nodes that are having trouble and "q stat"

Regards,
Shawn
________________________________________________
Shawn Drew




Internet
rrhodes AT FIRSTENERGYCORP DOT COM

Sent by: ADSM-L AT VM.MARIST DOT EDU
02/06/2012 06:46 AM
Please respond to
ADSM-L AT VM.MARIST DOT EDU


To
ADSM-L
cc

Subject
[ADSM-L] Firewall problem






Hi Everyone,

We have six TSM v5.5.5 instances (on AIX)  named TSM1 to TSM6.   All six
instances  handle backups for nodes that are  behind firewalls, although
only five work.  The six instances are on separate servers, so each has
it's own  IP address and firewall rules.  The firewall rules are all
identical so we can put any node on any TSM server.

We cannot get firewall backups to work to our TSM5 instance.  Since it was
brought up a couple years ago we have fought to get firewall backups to
work but have failed.  Nodes out behind a firewall are able to contact the
TSM server, a sessions is established, then it is immediately
disconnected.  This repeats over and over as the node retries.  You can
sometimes see 50 or more sessions - all hung - for a firewalled node.
We've done everything we can think of:  check/double/triple checked FW
rules, talked with IBM support, run traces for them, check AIX setup,
checked TSM5 setup, compared anything related to TSM5 to the other working
instances.  If we move the node to one of our other TSM instances it
worked just fine!! In all, we firgured this HAD to be a firewall setup
problem of some kind.

This past weekend we move TSM5 (and TSM6 also) to new servers/lpars.  The
new servers had to have new IP addresses and run a newer AIX v6.  We've
done this upgrade for the other TSM servers already.  With new IP
addresses we had to create new FW rules.  We figured that with a whole new
setup FW backups would have to work - we're kicking it real hard!!!! NOPE
- it didn't help!   The only thing that didn't change in this server swing
was the actual TSM instance.  It seems our FW backup problem on this one
instance HAS to be in TSM itself.

Question:  Is there any setting in TSM that could explain failing backups
for firewalled servers?

Thanks

Rick






-----------------------------------------
The information contained in this message is intended only for the
personal and confidential use of the recipient(s) named above. If
the reader of this message is not the intended recipient or an
agent responsible for delivering it to the intended recipient, you
are hereby notified that you have received this document in error
and that any review, dissemination, distribution, or copying of
this message is strictly prohibited. If you have received this
communication in error, please notify us immediately, and delete
the original message.



This message and any attachments (the "message") is intended solely for
the addressees and is confidential. If you receive this message in error,
please delete it and immediately notify the sender. Any use not in accord
with its purpose, any dissemination or disclosure, either whole or partial,
is prohibited except formal approval. The internet can not guarantee the
integrity of this message. BNP PARIBAS (and its subsidiaries) shall (will)
not therefore be liable for the message if modified. Please note that certain
functions and services for BNP Paribas may be performed by BNP Paribas RCC, Inc.