Re: Server IP controls

2004-04-13 16:39:23
Subject: Re: Server IP controls
From: Rajesh Oak <rajeshoak AT LYCOS DOT COM>
Date: Tue, 13 Apr 2004 16:38:25 -0400
Am I missing something here or do you want to connect to a Private Network that 
is not present?
The client can connect to the Private IP only if it has a connection to that 
Private Network.
For that you need 2 NICs : 1 for Public and 1 for Private on both the TSM 
Server and TSM Client. You need a Private Network Infrastructure for doing 
backups thru' the Private Network. Once you get both the Server and Client 
connected to the same Private network you make the TCPServeraddress (in 
dsm.opt, dsm.sys )point to the private TSM Server Address.
Hope this clears the confusion. So do not waste time in blocking and unblocking 
ports untill you get your Private Infrastructure in place.

Rajesh Oak
Blue Cross Blue Shield of Michigan

--------- Original Message ---------

DATE: Tue, 13 Apr 2004 16:23:11
From: "Johnson, Milton" <milton.johnson AT CITIGROUP DOT COM>

>Try this, from a command line "on the client":
>Does the ping work? If the ping fails then you do not have a connection
>to and no amount of port opening, aliasing, etc. can get
>your traffic to flow to and from
>H. Milton Johnson
>-----Original Message-----
>From: ADSM: Dist Stor Manager [mailto:ADSM-L AT VM.MARIST DOT EDU] On Behalf Of
>Zoltan Forray/AC/VCU
>Sent: Tuesday, April 13, 2004 12:01 PM
>Subject: Re: Server IP controls
>The connection isn't the problem. The client talks to the server (and
>vice-versa) just fine, if the ports are not blocked.
>I want the server to use its private subnet to talk to the client, not
>its public connection.  After all, this can be forced on the client via
>TCPNODEADDRESS, can the server do the same.
>Yes, I believe the private network is routed since lots of systems, both
>physically on the same and not in the same building, connect to the TSM
>server, just fine.
>"ADSM: Dist Stor Manager" <ADSM-L AT VM.MARIST DOT EDU> wrote on 04/13/2004
>11:42:40 AM:
>> Zoltan,
>> According to RFC 1918, the following are private, non-routed subnets:
>> ->
>> ->
>> ->
>> Being non-routed you cannot connect from to
>> unless you have a connection to the same physical subnet
>> as  We use a private, non-routed subnet for our
>> clients, but the clients are required a second NIC connected to the
>> private, non-routed subnet.
>> H. Milton Johnson
>> Voice: (210) 677-6728
>> -----Original Message-----
>> From: ADSM: Dist Stor Manager [mailto:ADSM-L AT VM.MARIST DOT EDU] On Behalf
>> Of Zoltan Forray/AC/VCU
>> Sent: Tuesday, April 13, 2004 8:22 AM
>> Subject: Server IP controls
>> Recently, we have been reconfiguring/locking down a lot of the TCPIP
>> ports in use by the TSM servers and clients, attempting to
>> control/route TSM traffic across a private subnet versus the more
>> heavily used public network.
>> However, we have been having some TSM scheduler communications, due to
>> port blocking issues. I am trying to figure out if/how the TSM server
>> can be configured to control which of its 2-IP connections it uses to
>> communicate with the clients.
>> Here is my configuration:
>> TSM AIX server.  2-IP connections,
>> (primary/public) and (private).
>> The TSM client in question only has 1-IP connection,
>> The
>> DSM.SYS (AIX) points to the server via DNS name that resolves to
>> My networking person says the traffic is flowing across the 6.201
>> connection, not the 20.44 private connection.
>> How, if possible, can I get the TSM server to use the private 20.44
>> connection to perform the backups ?  Is there some server setting that
>> can control this ?
>> We are trying to get another connection to the client, using the
>> private subnet. Unfortunately, there aren't any available ports in the
>> switch, at this time. Yes, I know that when I get the other port in
>> the client, I can use the TCPNODEADDRESS options to control this.

Find what you are looking for with the Lycos Yellow Pages

<Prev in Thread] Current Thread [Next in Thread>