Re: [BackupPC-users] Client initiated backups, input wanted

here is my setup.

I use MyEnTunnel but you can also use Tunnelier or anything that will maintain ssh tunnels and port forwards. MyEnTunnel stays out of my way, which is nice.

MyEnTunnel allows me to create an ssh tunnel back to my firewall or backuppc box with port forwards.

ssh is port 873 so I forward a specific port through the tunnel to port 873 locally. I then setup the client config to connect either to localhost on the alternate port (if I am able to ssh directly to the box), or setup the client to connect to the firewall on the alternate port.

I use Deltacopy on the clients but any rsync setup will suffice.

If a client initiates a backup, backuppc connects to my firewall on the alternate port assigned to that client like 8251(just a random port that is not used by other services on my network). Since the client is online, the tunnel is up because MyEnTunnel maintains the tunnel whenever the client is online with no user interaction. The port forward is something like 873:127.0.0.1:8251. If you are connecting via a firewall, you need to specify the inside interface so that the firewall will listen on that instead of localhost do 873:192.168.1.1:8251

this is very effective. Additionally, clients that are backing up remotely are usually on a slow connection so I enable compression on the tunnel. Even if they are on a fast connection it is nice to have the compression because even though it could slow down there backup a little bit, they will be nicer on my internet link. I have a 10Mb link but I have VPN connections, email traffic, and backup traffic so its nice to conserve.

again, one myentunnel and deltacopy are setup (which takes about 5 minutes) the client has no interaction with those programs. They get a little lock icon on their task tray that tells them if the link is up. They are aware that the backup wont work unless the lock is green but never have that issue because the links are very reliable. MyEnTunnel automatically connects and reconnects when the client is online.

Another nice benefit is that I also port forward my proxy server and use foxyproxy to allow remote clients access local network be resources. I setup the default proxy to only use the proxy for host site resources like backuppc and the timeclock etc and have everything else skip the proxy. This way I dont have to open my backuppc server's web interface to the internet. Oh, and the web connections are compressed giving me a compressed proxy.

Additionally, MyEnTunnel has profiles, which allows my the duplicate the regular setup to connect through my backup DSL circuit in case the main connection goes down. You can also setup various other port forwards on different profiles if you really want too.

For my IT/Tech staff, I/we usually setup various port forwards for easy access to various servers via ssh and rdp. That way we can have icons on our desktop

------------------------------------------------------------------------------

_______________________________________________
BackupPC-users mailing list
BackupPC-users AT lists.sourceforge DOT net
List:    https://lists.sourceforge.net/lists/listinfo/backuppc-users
Wiki:    http://backuppc.wiki.sourceforge.net
Project: http://backuppc.sourceforge.net/