Veritas-bu
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Veritas-bu] FW: Verifying a feature of vnetd's no-callback feature

2005-01-25 09:54:21
Subject: [Veritas-bu] FW: Verifying a feature of vnetd's no-callback feature
From: marshall.a.skare AT accenture DOT com (marshall.a.skare AT accenture DOT com)
Date: Tue, 25 Jan 2005 08:54:21 -0600 
Hi Paul,

If you get that SSH tunneling to work, I'd love to see how.  I'll mess
around with it too in the next few days and see if I can get it to work
as well.

You're right in that we're both looking for the same functionality.
True "no callback" as you would normally think it to be given the name
of the feature.

Marshall Skare
ATIS - Unix Engineering
(612) 277-4434

-----Original Message-----
From: veritas-bu-admin AT mailman.eng.auburn DOT edu
[mailto:veritas-bu-admin AT mailman.eng.auburn DOT edu] On Behalf Of Paul
Keating
Sent: Tuesday, January 25, 2005 8:15 AM
To: veritas-bu AT mailman.eng.auburn DOT edu
Subject: RE: [Veritas-bu] FW: Verifying a feature of vnetd's no-callback
feature

I would imagine he's encountering the same issue as I am.
Policy here doesn't permit connections initiated from the DMZ,
therefore, without a "true" no-callback we can't backup anything in the
DMZ. 
Many sites would sacrifice the ability to do user initiated restores,
backups, or DB agent backups in the DMZ in favour of just being able to
do regular plain vanilla backups.

I guess it should just be an "available feature".

In our environment, we don't permit user initiated backups or restores
anyway, so there would be no loss to us....and we don't do DB agent
backups, unless absolutely required.

A work around to this (which I've not yet tested) is to bring up an SSH
tunnel from the master/media server to the client in the DMZ, before the
job kicks off. Once the tunnel is up, the client can reply on the tunnel
session, without the connection being initiated from the DMZ.
Once the backup is complete, the tunnel gets torn down.

Paul

> -----Original Message-----
> From: veritas-bu-admin AT mailman.eng.auburn DOT edu 
> [mailto:veritas-bu-admin AT mailman.eng.auburn DOT edu] On Behalf Of 
> Wayne T Smith
> Sent: January 24, 2005 4:26 PM
> To: veritas-bu AT mailman.eng.auburn DOT edu
> Subject: Re: [Veritas-bu] FW: Verifying a feature of vnetd's 
> no-callback feature
> 
> 
> I don't know the answer to your question, but I don't see how 
> you could 
> have a user initiated backup, user initiated restore, or a DB Agent 
> backup without allowing the client to initiate contact with 
> the master. 
> cheers, wayne

_______________________________________________
Veritas-bu maillist  -  Veritas-bu AT mailman.eng.auburn DOT edu
http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu


This message is for the designated recipient only and may contain privileged, 
proprietary, or otherwise private information.  If you have received it in 
error, please notify the sender immediately and delete the original.  Any other 
use of the email by you is prohibited.
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Veritas-bu] Netbackup Database Maintenance, Karl.Rossing AT Federated DOT CA
Next by Date:  [Veritas-bu] Disk Staging & Storage Unit Groups, Paul Keating
Previous by Thread:  [Veritas-bu] FW: Verifying a feature of vnetd's no-callback feature, Paul Keating
Next by Thread:  [Veritas-bu] FW: Verifying a feature of vnetd's no-callback feature, Paul Keating
Indexes:  [Date] [Thread] [Top] [All Lists]