Re: [ADSM-L] Firewall problem
2012-02-06 15:17:58
You doubtless checked the DNSLOOKUP option, and set it the same way on all your
servers.
Is it possible that the DNS for the problem client is also the only DNS that is
also behind the firewall? - Margaret
-----Original Message-----
From: ADSM: Dist Stor Manager [mailto:ADSM-L AT VM.MARIST DOT EDU] On Behalf Of
Richard Rhodes
Sent: Monday, February 06, 2012 3:47 AM
To: ADSM-L AT VM.MARIST DOT EDU
Subject: [ADSM-L] Firewall problem
Hi Everyone,
We have six TSM v5.5.5 instances (on AIX) named TSM1 to TSM6. All six
instances handle backups for nodes that are behind firewalls, although only
five work. The six instances are on separate servers, so each has it's own IP
address and firewall rules. The firewall rules are all identical so we can put
any node on any TSM server.
We cannot get firewall backups to work to our TSM5 instance. Since it was
brought up a couple years ago we have fought to get firewall backups to work
but have failed. Nodes out behind a firewall are able to contact the TSM
server, a sessions is established, then it is immediately disconnected. This
repeats over and over as the node retries. You can sometimes see 50 or more
sessions - all hung - for a firewalled node.
We've done everything we can think of: check/double/triple checked FW rules,
talked with IBM support, run traces for them, check AIX setup, checked TSM5
setup, compared anything related to TSM5 to the other working instances. If we
move the node to one of our other TSM instances it worked just fine!! In all,
we firgured this HAD to be a firewall setup problem of some kind.
This past weekend we move TSM5 (and TSM6 also) to new servers/lpars. The new
servers had to have new IP addresses and run a newer AIX v6. We've done this
upgrade for the other TSM servers already. With new IP addresses we had to
create new FW rules. We figured that with a whole new setup FW backups would
have to work - we're kicking it real hard!!!! NOPE
- it didn't help! The only thing that didn't change in this server swing
was the actual TSM instance. It seems our FW backup problem on this one
instance HAS to be in TSM itself.
Question: Is there any setting in TSM that could explain failing backups for
firewalled servers?
Thanks
Rick
-----------------------------------------
The information contained in this message is intended only for the personal and
confidential use of the recipient(s) named above. If the reader of this message
is not the intended recipient or an agent responsible for delivering it to the
intended recipient, you are hereby notified that you have received this
document in error and that any review, dissemination, distribution, or copying
of this message is strictly prohibited. If you have received this communication
in error, please notify us immediately, and delete the original message.
|
|
|