Bacula-users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Bacula-users] IPv6 bug - was RE: Windows client firewalling problem

2009-12-22 05:27:29
Subject: [Bacula-users] IPv6 bug - was RE: Windows client firewalling problem
From: Kevin Keane <subscription AT kkeane DOT com>
To: "bacula-users AT lists.sourceforge DOT net" <bacula-users AT lists.sourceforge DOT net>
Date: Tue, 22 Dec 2009 02:21:43 -0800

I found the problem; in case somebody else runs into this and finds this post, here is the solution:

 

There seems to be a bug in bacula (3.0.x) related to IPv6. It only listens on IPv4, but establishes connections on IPv6 if an AAAA record is present (bacula bug report is filed with details). The Windows Firewall is not the culprit, but exposes the problem, probably because the failing IPv6 connection times out instead of being rejected.

 

The workaround is to do one of the following:

 

-          Turn off the Windows Firewall.

-          Create alternate DNS names for each machine involved that have only A but no AAAA records associated, and use these alternate names in the bacula configuration files.

 

From: Kevin Keane [mailto:subscription AT kkeane DOT com]
Sent: Monday, December 07, 2009 1:47 AM
To: bacula-users AT lists.sourceforge DOT net
Subject: [Bacula-users] Windows client firewalling problem

 

I recently upgraded my bacula from 2.4 to 3.0. Almost everything works beautifully, except for one Windows 2008 Standard client machine (64 version). This machine is running the 64-bit version of winbacula 3.0.2. The directory and SD both are on other machines on the same subnet. The Windows server uses Microsoft’s Windows Advanced firewall.

 

The error message is:

 

07-Dec 01:36 akechi-denki-fd JobId 435: Fatal error: Authorization key rejected by Storage daemon.

Please see http://www.bacula.org/en/rel-manual/Bacula_Freque_Asked_Questi.html#SECTION003760000000000000000 for help.

07-Dec 01:36 akechi-denki-fd JobId 435: Fatal error: Failed to authenticate Storage daemon.

07-Dec 01:36 nctechcenter-dir JobId 435: Fatal error: Bad response to Storage command: wanted 2000 OK storage

, got 2902 Bad storage

 

I added both inbound and outbound rules to the Windows firewall to allow all connections to and from bacula-fd.exe . The firewall log also shows that the connections from the director to port 9102, and from the fd to the SD’s port 9103 are successful. I do not see any blocked connections listed at all.

 

Yet I found that the problem goes away when I turn off the Windows firewall.

 

So I am trying to find out what else the firewall might be doing to interfere with bacula, what other rules I might need.

 

Thanks!

 

------------------------------------------------------------------------------
This SF.Net email is sponsored by the Verizon Developer Community
Take advantage of Verizon's best-in-class app development support
A streamlined, 14 day to market process makes app distribution fast and easy
Join now and get one step closer to millions of Verizon customers
http://p.sf.net/sfu/verizon-dev2dev 
_______________________________________________
Bacula-users mailing list
Bacula-users AT lists.sourceforge DOT net
https://lists.sourceforge.net/lists/listinfo/bacula-users
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Bacula-users] Problem with backup to usb, Pedro Gomes
Next by Date:  [Bacula-users] New PC, Windows 7, client does not connect, Jari Fredrikson
Previous by Thread:  [Bacula-users] Windows client firewalling problem, Kevin Keane
Next by Thread:  Re: [Bacula-users] IPv6 bug - was RE: Windows client firewalling problem, John Drescher
Indexes:  [Date] [Thread] [Top] [All Lists]