Veritas-bu
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Veritas-bu] vnetd question

2006-08-25 09:12:40
Subject: [Veritas-bu] vnetd question
From: pkeating at bank-banque-canada.ca (Paul Keating)
Date: Fri, 25 Aug 2006 09:12:40 -0400 
Correct so far.

Now you need to configure the client to use VNETD.

I'll give you the step by step from the version I have running at the
moment, 5.0MP4.
In your GUI, navigate down through:
Host Properties -> Master Server, then select your master on the right.

Once the master info loads, right click on the master, and select
Properties.

In the properties window, select Client Attributes.

In the window that opens, click "Add", type in the name of the client
behind the firewall, and click OK.
Now select the newly added client from the list, then on the right, put
a "check" in "No connect-back", then "ok" your way out of
everything....you do not need to restart the NBU daemons, even if you're
prompted to.

Then re-run your backup.

This process will have to be done for every client you want to backup
behind a firewall.

Paul

-- 


> -----Original Message-----
> From: veritas-bu-bounces at mailman.eng.auburn.edu 
> [mailto:veritas-bu-bounces at mailman.eng.auburn.edu] On Behalf 
> Of Dave Lowenstein
> Sent: August 24, 2006 6:58 PM
> To: veritas-bu at mailman.eng.auburn.edu
> Subject: [Veritas-bu] vnetd question
> 
> 
> I'm trying to make sure that netbackup 5.1 will work through 
> a firewall 
> with minimal ports being opened.
> 
> What ports need to be open on the firewall if filtering by 
> destination port:
> 
> Media >> Client
> 13782  (bpcd)
> 
> Client >> Media
> 13724  (vnetd)
> 
> If the client needs to run user backups/restores, then the following 
> port will also need to be opened:
> Client >> Master
> 13720  (bprd)
> 
> 
> Right? So I'm testing this out between two hosts with some 
> more liberal 
> firewall rules than above. Backups are working fine, restores are 
> working fine.
> 
> I believe I have all the vnetd stuff set correctly, although 
> every piece 
> of documentation I find shows a slightly different gui interface than 
> what I'm seeing.
> 
> Why am I still seeing it talking back and forth between media 
> server and 
> client with randomly selected destination ports (like 852 and 811)? 
> There's also a fair amount of icmp going on back and forth 
> between the 
> two, which I'd like to be able to close down.
> 
> 
> 
> client -> server        TCP D=13724 S=852 Ack=392120625 Seq=931198138 
> Len=0 Win=49680
>  client -> server        TCP D=13724 S=852 Push Ack=392120625 
> Seq=931198138 Len=2 Win=49680
>        server -> client          TCP D=852 S=13724 Ack=931198140 
> Seq=392120625 Len=0 Win=33118
>        server -> client          TCP D=852 S=13724 Push Ack=931198140 
> Seq=392120625 Len=2 Win=33120
>          client -> server        TCP D=13724 S=852 Ack=392120627 
> Seq=931198140 Len=0 Win=49680
>          client -> server        TCP D=13724 S=852 Push Ack=392120627 
> Seq=931198140 Len=2 Win=49680
>        server -> client          TCP D=852 S=13724 Ack=931198142 
> Seq=392120627 Len=0 Win=33120
>          client -> server        TCP D=13724 S=852 Push Ack=392120627 
> Seq=931198142 Len=21 Win=49680
>        server -> client          TCP D=852 S=13724 Push Ack=931198163 
> Seq=392120627 Len=33 Win=33120
>          client -> server        TCP D=13724 S=852 Ack=392120660 
> Seq=931198163 Len=0 Win=49680
>          client -> server        TCP D=811 S=13782 Push 
> Ack=1618165286 
> Seq=912667687 Len=2 Win=49680
>        server -> client          TCP D=13782 S=811 Ack=912667689 
> Seq=1618165286 Len=0 Win=34500
> 
> 
> _______________________________________________
> Veritas-bu maillist  -  Veritas-bu at mailman.eng.auburn.edu
> http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu
> 
-------------- next part --------------
====================================================================================

La version fran?aise suit le texte anglais.

------------------------------------------------------------------------------------

This email may contain privileged and/or confidential information, and the Bank 
of
Canada does not waive any related rights. Any distribution, use, or copying of 
this
email or the information it contains by other than the intended recipient is
unauthorized. If you received this email in error please delete it immediately 
from
your system and notify the sender promptly by email that you have done so. 

------------------------------------------------------------------------------------

Le pr?sent courriel peut contenir de l'information privil?gi?e ou 
confidentielle.
La Banque du Canada ne renonce pas aux droits qui s'y rapportent. Toute 
diffusion,
utilisation ou copie de ce courriel ou des renseignements qu'il contient par une
personne autre que le ou les destinataires d?sign?s est interdite Si vous 
recevez
ce courriel par erreur, veuillez le supprimer imm?diatement et envoyer sans 
d?lai ?
l'exp?diteur un message ?lectronique pour l'aviser que vous avez ?limin? de 
votre
ordinateur toute copie du courriel re?u.
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Veritas-bu] vnetd question, Clooney, David
Next by Date:  [Veritas-bu] vnetd question, Jeff Lightner
Previous by Thread:  [Veritas-bu] vnetd question, David Rock
Next by Thread:  [Veritas-bu] vnetd question, Jeff Lightner
Indexes:  [Date] [Thread] [Top] [All Lists]