ADSM-L
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [ADSM-L] backup via NAT with TSM

2008-09-03 14:41:09
Subject: Re: [ADSM-L] backup via NAT with TSM
From: Rejean Larivee <rlarivee AT CA.IBM DOT COM>
To: ADSM-L AT VM.MARIST DOT EDU
Date: Wed, 3 Sep 2008 15:40:00 -0300 
Hello,
when configuring the client through a firewall like you are doing,
you need to use the "webports xxx yyy" tsm client option to assign
specific ports to the dsmcad/agent processes.
If you use the webports option and specify the ports you want,
those same ports will be used even on restart of the client.
For example,
webports 1591 1592
httpport 1581
The port 1581 will be used for the web client communication.
The port 1591 will be used for dsmcad process.
The port 1592 will be used for the web client remote agent service.

The high random port you are seeing is the one that gets assigned
to the dsmcad process because you are using the default webports
option. The default value for webports is "webports 0 0" which causes
the TSM client to randomly assign a free port number, just like
you have observed.

Bye !
                                                                       
 Rejean Larivee                        NOTICE:TSM 5.3 End of Support April
 IBM Tivoli Storage Manager Level 2    2008                            
 Software Support                      IBM Tivoli Storage Manager Support
                                       Home                            
                                       -How to gather documents for IBM
                                       TSM support                     
                                       -Instruction Manuals            
                                       -Recommended fixes for IBM TSM  
                                       products                        
                                                                       




"ADSM: Dist Stor Manager" <ADSM-L AT VM.MARIST DOT EDU> wrote on 08/18/2008
11:51:21 AM:

> Problem is that in PROMPTED mode every time dsmcad is run it opens
> some random high port, and you can never know what it is.
> # netstat -tlpn | grep dsmc
> tcp        0      0 0.0.0.0:32769               0.0.0.0:*
>      LISTEN      4024/dsmcad
> tcp        0      0 0.0.0.0:1581                0.0.0.0:*
>      LISTEN      4024/dsmcad
> # pkill dsmcad
> # dsmcad
> # netstat -tlpn | grep dsmc
> tcp        0      0 0.0.0.0:37376               0.0.0.0:*
>      LISTEN      14716/dsmcad
> tcp        0      0 0.0.0.0:1581                0.0.0.0:*
>      LISTEN      14716/dsmcad
>
> that means that firewall admin needs to open up a whole range of high
> TCP ports between particular client and the server which is not very
> good security wise and plain ugly.
> If client sits behind NAT, using POLLING mode is the only way to go IMHO.
>
> 2008/8/18 Howard Coles <Howard.Coles AT ardenthealth DOT com>:
>  Your Firewall/NAT admin(s) should be able to tell you which ports
> they see communications attempted.
> >
>
>
> --
> Warm regards,
> Michael Green
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
  • Re: [ADSM-L] backup via NAT with TSM, Rejean Larivee <=
Previous by Date:  [ADSM-L] EN_US vs en_US, Gill, Geoffrey L.
Next by Date:  [ADSM-L] Incorrect volume being mounted for reclaimation, Timothy Hughes
Previous by Thread:  [ADSM-L] EN_US vs en_US, Gill, Geoffrey L.
Next by Thread:  [ADSM-L] Incorrect volume being mounted for reclaimation, Timothy Hughes
Indexes:  [Date] [Thread] [Top] [All Lists]