Networker

Re: [Networker] client backups through firewall disconnecting after 2 hours!

2007-09-05 10:44:52
Subject: Re: [Networker] client backups through firewall disconnecting after 2 hours!
From: "Marcelo H. Bartsch" <mbartsch AT UNIX911.ATH DOT CX>
To: NETWORKER AT LISTSERV.TEMPLE DOT EDU
Date: Wed, 5 Sep 2007 10:39:26 -0400
Mark, wich firewall brand? AFAIK Cisco PIX's had a timeout for
established connections wich seems to be something like 1 or 2 hours per
default.



On Wed, 2007-09-05 at 15:20 +0100, mark wragge wrote:
> hi, i have inherited a backup of clients through a firewall using firewall 
> rules already configured. I have three clients that backup through the 
> firewall using the existing rules. All three clients fail after approx 2 
> hours. The smaller savesets on these clients complete successfully. The two 
> windows clients always fail at the same time (2 hours - 5 savesets 13gb 
> completed). The unix client fails around the same time but can sometimes 
> backup about 25gb before failing.
>    
>   How can i determine if the cause of failure is related to the fact that 
> these clients go through a firewall? There are no error messages on the 
> firewall logs during the time that the backup occurs or at the time that the 
> backup stops.
>    
>   How can i determine if the cause of failure is related to the number of 
> firewall ports that are open on the client. The open ports are 7937-7941and 
> this is set using nsrports (these ports and rules were determined by previous 
> engineer from EMC). The daemon.log shows no error - it says backup done and 
> then restarts the saveset.
>    
>   Is it the firewall disconnecting the client backup OR are the networker 
> services failing? We used to think that there was someting wrong with the 
> filesystem on one client but now that we have added two more clients with the 
> same errror it appears that the common link is the firewall.
>    
>   Thanks for any help, Mark 
> 
>  Send instant messages to your online friends http://uk.messenger.yahoo.com 
> 
> To sign off this list, send email to listserv AT listserv.temple DOT edu and 
> type "signoff networker" in the body of the email. Please write to 
> networker-request AT listserv.temple DOT edu if you have any problems with 
> this list. You can access the archives at 
> http://listserv.temple.edu/archives/networker.html or
> via RSS at http://listserv.temple.edu/cgi-bin/wa?RSS&L=NETWORKER

To sign off this list, send email to listserv AT listserv.temple DOT edu and 
type "signoff networker" in the body of the email. Please write to 
networker-request AT listserv.temple DOT edu if you have any problems with this 
list. You can access the archives at 
http://listserv.temple.edu/archives/networker.html or
via RSS at http://listserv.temple.edu/cgi-bin/wa?RSS&L=NETWORKER