Re: [BackupPC-users] backing up remote servers over wan

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

dan wrote:
> I think that option is reasonable.  It does rely on some scripting but
> should work well.
> 
> I would like to mention that running rsync as a service will use
> negligible resources.

While it is not in use, correct.

> using vshadow in some way is likely the only way to reliably backuppc a
> windows machine running a variety of programs from outlook to mssql
> server that lock files from reading.

More comments below.

> On Tue, Sep 30, 2008 at 7:46 PM, Nick Smith <nick.smith79 AT gmail DOT com
> <mailto:nick.smith79 AT gmail DOT com>> wrote:
>     First, can backuppc backup across the internet? 

Yes, it certainly can.

>     Is the rsync port the
>     only port needed to open for the backup?  

Yes, if you are only using rsyncd for backups, then you only need the
single tcp port open (whichever port you configure).

>     What do you do if there are multiple servers at one location on 
>     one ip address? Port forward?

You could have each machine on a different external port, and remap
those external ports to the correct internal IP+port

>     If you care to check out the method im trying to get working its at:
>     http://www.goodjobsucking.com/?p=62
>     It uses winexe to execute remote commands on a windows machine to
>     initiate backups and shadow copies, and looks really slick if i could
>     only get it working.

Well, really you want to use backuppc to 'initiate' the backups whenever
it feels the schedule is due to be run. Of course, the major problem
(not that I have read or fully understood this 'feature' of windows) I
see with this method is related to authentication, and the possibility
of exploits being discovered. rsyncd is an open source application,
fairly stable code base, likely very well reviewed for potential
bugs/security risks. I wouldn't count on the windows code being of the
same quality, and would consider it having a higher risk of security
related issues. (The windows code base is probably much larger (more
lines of code) amongst other things). So, in short, I would prefer to
use rsyncd rather than "winexe".

>     Second question, has anyone, or does anyone use winexe with any of
>     their backup routines?  Im having problems with it connecting across
>     the internet.  I can get it working locally on the lan, but have yet
>     to get it working over the wan, even with no firewalls involved.
> 
>     The reason i liked this method is that you dont have to install rsync
>     as a service, you just drop some files in a folder, make a user with
>     the right permissions to that folder and the winexe executes rsync
>     remotely and does the volume shadow and starts the backup.  it would
>     be wonderful, if i could actually get it working.
> 
>     If there is a simplier solution that will work im up for that too, the
>     scripts arent too complicated, i just keep hitting road blocks at
>     every turn, the final one being i cant get winexe to work over the
>     internet.  has anyone else done this?
> 
>     If im stuck with using a service, i guess ill have to go that route,
>     but id like to have the least amount of impact on the server, and
>     easiest deployment possible as i plan on configuring this on many
>     remote servers.

Well, rsyncd really does have minimal impact on a server, and isn't that
hard to configure. Basically drop a few files in a folder (you could use
the same config and password files across all your servers if you wanted
to), and then run a small batch script to install the service and start it.

One thing you should be aware of though, is that rsyncd doesn't include
any encryption, so anyone watching your internet traffic has plain text
access to your data (virtually)... If you have a single linux box
amongst your windows boxes, then I would suggest using rsyncd tunneled
over SSH (I use this for one machine). This would also solve the problem
with multiple servers behind a single external IP, and provides the
encryption, and more limited external access, and could be more secure
since you can use keys instead of a simple username/password.

Just my 0.02c worth....

Mind you, I would still be quite interested in a rsyncd which can handle
open files.... or some reliable method of creating shadow copies and
then using rsyncd to back it up.

Regards,
Adam

- --
Adam Goryachev
Website Managers
www.websitemanagers.com.au
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFI4xsJGyoxogrTyiURApCQAJ9CUHZS0uUB0cf5jqWXcOymNxMu/gCgyOVi
Vze9OXQmDS6NapKI36gqor0=
=cMEW
-----END PGP SIGNATURE-----

-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________
BackupPC-users mailing list
BackupPC-users AT lists.sourceforge DOT net
List:    https://lists.sourceforge.net/lists/listinfo/backuppc-users
Wiki:    http://backuppc.wiki.sourceforge.net
Project: http://backuppc.sourceforge.net/