Hello List,

Although there's some information on 'Dealing_with_Firewalls.html'
about this, it seems to not describe the solution to this problem.

Problem:
A single storage daemon listens on 64.12.34.56 AND 192.168.1.2,
and provides a certificate (myhost.domain.com corresponding to
64.12.34.56) to incoming connections from directors and file
daemons. Incoming connections to 192.168.1.2 fail, because
mycert.domain.com only resolves to the first of the two IP
addresses. The configuration keyword TLS Require is set to
'yes' (as it should be.)

This seems to be a design problem in any daemon that can listen
on multiple addresses. Because Kern just today said that he puts
emphasis on design, I'm wondering what is wrong with this picture.

The OSs involved are Solaris IA32 and Linux X86_64, while all
Bacula versions are 3.0.2. Should I post a bacula-sd.conf?

Tested solution:
I've tried running two almost identical storage daemons. In this
case there are two configuration files, only differening in the
listening IP address and having two different certificates. Although
this should work, running 'bacula-sd <options> -c second-sd.conf'
fails silently and no new bacula-sd process is created.

What is the proper way to go about listening on two subnets while
presenting the proper certificate to incoming TLS connections?

Regards,
Eduard

------------------------------------------------------------------------------
Come build with us! The BlackBerry&reg; Developer Conference in SF, CA
is the only developer event you need to attend this year. Jumpstart your
developing skills, take BlackBerry mobile applications to market and stay 
ahead of the curve. Join us from November 9&#45;12, 2009. Register now&#33;
http://p.sf.net/sfu/devconf
_______________________________________________
Bacula-users mailing list
Bacula-users AT lists.sourceforge DOT net
https://lists.sourceforge.net/lists/listinfo/bacula-users