ADSM-L
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: LARGE FILE BACKUPS THROUGH A FIREWALL.

2001-07-16 14:53:00
Subject: Re: LARGE FILE BACKUPS THROUGH A FIREWALL.
From: Mahesh Tailor <MTailor AT CARILION DOT COM>
Date: Mon, 16 Jul 2001 14:53:21 -0400 
We NAT'ted out TSM server and we perform backups via the firewall. When we
did this we only allowed the TSM TCP/IP ports to talk through the
firewall.

Mahesh

>>> jdbach AT WAL-MART DOT COM 07/16/01 02:02PM >>>
Steve,

        Instead of a traditional firewall, have you proposed using either
a
Gigabit router with filter rules or a switch with filter rules
restricting
access between the ports.  Other routers limit throughput to 100 Meg and
firewalls may be even worse.

Jeff Bach
Home Office Open Systems Engineering
Wal-Mart Stores, Inc.

WAL-MART CONFIDENTIAL


        -----Original Message-----
        From:   Mark Stapleton [SMTP:stapleto AT BERBEE DOT COM]
        Sent:   Monday, July 16, 2001 12:32 PM
        To:     ADSM-L AT VM.MARIST DOT EDU
        Subject:        Re: LARGE FILE BACKUPS THROUGH A FIREWALL.

        On Mon, 16 Jul 2001 11:14:35 -0500, you wrote:
        >I'm running TSM Server, ver 4.1, on OS/390 and I'm having
problems
backing
        >up large files from our Web Production NT/2000 servers through
our
IBM AIX
        >Firewalls running Checkpoint.  I got a 25 GB SQL DB that takes
over
40-50
        >hours to backup.  I've tested the same backup but bypassing the
FW's and the
        >backup took only about 1 hour!  It is not only the SQL DB but
any
large file
        >takes a tremendous amount of time to backup through the FW.
I've
called
        >TSM support and they basically said it was a networking issue
(no
surprise
        >there).  I'm suspecting something like NAT is confusing TSM.
Any
Ideas?

        It's a larger issue than that. Backups through a firewall are
not
        supported in TSM (officially).

        Two suggestions:

        1. Use prompted scheduling, rather than polled. This allows you
to
        specify the TCP port used for server-client communication. (The
        default for prompted schedules is 1500.) Keep in mind that if
you
set
        up multiple machines in this manner, and they are performing
        concurrent backups, they'll all be using the same port, thus
impacting
        throughput.
        2. Make sure that the proper TCP ports are open. The defaults
are
1500
        and 1501; they need to be open to traffic in both directions.

        --
        Mark Stapleton (stapleton AT berbee DOT com)


**********************************************************************
This email and any files transmitted with it are confidential
and intended solely for the individual or entity to
whom they are addressed.  If you have received this email
in error destroy it immediately.
**********************************************************************
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: LARGE FILE BACKUPS THROUGH A FIREWALL., Richard L. Rhodes
Next by Date:  Re: ADSM GUI launching error, Richard Sims
Previous by Thread:  Re: LARGE FILE BACKUPS THROUGH A FIREWALL., Jeff Bach
Next by Thread:  servergraph??, Joseph Dawes
Indexes:  [Date] [Thread] [Top] [All Lists]