Veritas-bu
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Veritas-bu] Backing up through firewall under NBU 4.5

2002-05-29 10:49:48
Subject: [Veritas-bu] Backing up through firewall under NBU 4.5
From: larry.kingery AT veritas DOT com (Larry Kingery)
Date: Wed, 29 May 2002 10:49:48 -0400 (EDT) 
Note that we'll be discussing destination ports here, source ports
still need to be dynamic and you can still specify the range for them
if you care.

Andy Skates writes:
> I'm confused (not for the first time).
> 
> What is the purpose of VNETD under 4.5?

The normal communication method uses more ports.  When one system
requests something from another system, it sends a message along with
a port which it will listen on for the response.  This port is
dynamic, and there is a different one used for each connection between
each pair of machines.

So, we have the potential for a decent number of ports in use, and
it's hard to define the exact number and range.

vnetd replaces all of those dynamic ports with one, fixed known port.

> 
> How many ports are required to be opened if I want to backup a client
> 'outside' the firewall from a Media Server 'inside' the firewall?

With vnetd, a small number (a few), depending on what you want to do
(e.g. client directed operations).  And that's a few for all clients,
not a few per client.

> 
> In the 4.5 SAG it mentions that VNETD is used to reduce the 'callback' 
> process. Does this mean that all ports have to be available from the Media 
> Server out, but only VNETD coming back in?

You'd need to open bpcd to the client, vnetd to the media server,
probably bprd to the master, vopied to/from if used.  I may have
missed one special case or something, but I don't think so.

Note vnetd doesn't change the answer to this question.  Even before
vnetd, the outgoing connection to the client was always on bpcd.  The
difference is that when the media server says "call me back on port
XXX", the port will always be vnetd, not some range.

> 
> 
> Thanks,
> 
> Andy Skates
> 
> 
> email: andyskates AT iname DOT com
> -- 
> _______________________________________________
> Sign-up for your own FREE Personalized E-mail at Mail.com
> http://www.mail.com/?sr=signup
> 
> _______________________________________________
> Veritas-bu maillist  -  Veritas-bu AT mailman.eng.auburn DOT edu
> http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu

-- 
Larry Kingery 
       Don't anthropomorphize computers -- they don't like it.
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Veritas-bu] Restoring on multiple NBU servers, Daniel Teklu
Next by Date:  [Veritas-bu] uninstallinig Netbackup, david AT dsihost-srv01 DOT com
Previous by Thread:  [Veritas-bu] Backing up through firewall under NBU 4.5, Andy Skates
Next by Thread:  [Veritas-bu] uninstallinig Netbackup, Prabhala, Rama
Indexes:  [Date] [Thread] [Top] [All Lists]