Veritas-bu

[Veritas-bu] Connect Timeout w/ IPF Bridge

2003-04-03 16:22:35
Subject: [Veritas-bu] Connect Timeout w/ IPF Bridge
From: john.d.thomas AT census DOT gov (john.d.thomas AT census DOT gov)
Date: Thu, 3 Apr 2003 16:22:35 -0500
Hi all,

I did a google search on +netbackup +ipf.conf and found a link
to the listserver exchange below.  I too am having problems
with netbackup clients running IPFilter, and was wondering
if anyone had any luck in creating rules in ipf.conf which
will allow netbackup to complete without socket timeout errors.
If so, could someone please post the IPFilter rules for Netbackup
clients?

John
















----- Forwarded message from Joseph Frazee <frazee.23 AT osu DOT edu> -----

Date: Tue, 22 Jan 2002 12:33:03 -0500
From: Joseph Frazee <frazee.23 AT osu DOT edu>
To: Bill Wiessner <bill.wiessner AT veritas DOT com>
Subject: Re: [Veritas-bu] Connect Timeout w/ IPF Bridge

I've done the logs on the server. Nothing real enlightening there. We
are currently using NBU 3.2GA. I can't see the logs on the client at the
moment because its "sort of" a personal machine of someone senior to me
and so the machine is mostly managed by him. This makes it difficult all
around.

I've actually weeded out some problems. I replaced the network cards in
the firewall with 2 nice Intel cards. Now, the backup will work over the
bridge. I'm still left in the dark with filtering anything though.

If a.b.c.d is the backup client I should just be able to do (in
ipfilter):

pass in quick proto tcp from any to a.b.c.d flags S keep state keep
frags

But, this doesn't seem to work.

There is no problem telnetetting to 32782 on the client from the server.

I think I have to wait until the sysadmin of that machine returns to
figure out much more.

Thanks,


Joe


On Tue, Jan 22, 2002 at 11:28:14AM -0500, Bill Wiessner wrote:
> Joseph,
>
> Try looking at the error logs (bpsched, bpcd) to see if specific ports
> replies are failing.  Also, you never mentioned which version of NBU you
are
> using.
>
>
>
> Bill Wiessner
> VERITAS Software
> Staff Systems Engineer
> DoD/Intelligence
> Office:  410-877-7689
> Cell:     410-804-3321
>
>  -----Original Message-----
> From:            Joseph Frazee [mailto:frazee.23 AT osu DOT edu]
> Sent:            Monday, January 21, 2002 6:23 PM
> To:        veritas-bu AT mailman.eng.auburn DOT edu
> Subject:         [Veritas-bu] Connect Timeout w/ IPF Bridge
>
> So, I have an ipfilter bridging filter in front of some NetBackup
> clients. All the needed network facilities work except NetBackup. There
> are even problems when the filter is filtering nothing, i.e. it just
> bridges.
>
> The specific errors I am getting include 41,54, some others.
>
> Again, this occurs with the bridge in place and filtering nothing.
>
> Thanks for any help,
>
> Joe
>
> --
> Joseph Frazee
> The OSU Libraries
> UNIX Manager
>
> e-mail: frazee.23 AT osu DOT edu
> phone: (614) 688-54342
> pager: (614) 731-4919
> _______________________________________________
> Veritas-bu maillist  -  Veritas-bu AT mailman.eng.auburn DOT edu
> http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu
>

--
Joseph Frazee
The OSU Libraries
UNIX Manager

e-mail: frazee.23 AT osu DOT edu
phone: (614) 688-54342
pager: (614) 731-4919

----- End forwarded message -----

--
Joseph Frazee
The OSU Libraries
UNIX Manager

e-mail: frazee.23 AT osu DOT edu
phone: (614) 688-54342
pager: (614) 731-4919






<Prev in Thread] Current Thread [Next in Thread>
  • [Veritas-bu] Connect Timeout w/ IPF Bridge, john.d.thomas AT census DOT gov <=