In regard to: [Networker] Linux Client backup issues & Vmware, Fazil Saiyed...:
Hello,
Having some issues backing up Linux clients ( 32 bit 7.3.3.1,installed on
Linux RH 5.1 ( 64 bit) Vm instance ) in an DMZ.
RH version of kernel is 2.6 and i am told this is SELinux.
I am getting inconsistence results where client backup on root vol are
sometime successful but not on rest of the file systems.
SERVER:
Legato backup server is Windows 2003 64 bit Dell on Legato 7.3.3.
Firewalls:
DMZ firewall is active
Selinux Firewall rules disabled
As Patti already said, Selinux isn't really a firewall.
ERRORS:
log file not found
connection refused
That's probably the issue.
impersonation failed
That's one I've not seen.
Servers file:
Was created and applied to linux client, otherwise backup server is
dependent on DNS name resolution
NSLOOOKUP from client to server is successful
I can confirm that daemons are running and client install is with default
options,
Last login: Fri Feb 29 10:27:28 2008 from 10.10.4.174
[root@rubiconweb1t ~]# ps -ef | grep nsr
root 22606 22560 0 08:56 pts/1 00:00:00 grep nsr
root 27604 1 0 Feb29 ? 00:00:00 /usr/sbin/nsrexecd
[root@rubiconweb1t ~]# rpm -av | grep lgto
[root@rubiconweb1t ~]# rpm -qa | grep lgto
lgtoclnt-7.3.3-1
[root@rubiconweb1t /]# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Ok, so no firewall rules are in place.
[root@rubiconweb1t /]# chkconfig --list iptables
iptables 0:off 1:off 2:on 3:on 4:on 5:on 6:off
RPC:
[root@rubiconweb1t /]# rpcinfo -p "servername"
rpcinfo: can't contact portmapper: RPC: Remote system error - Connection
refused
In my experience, NetWorker works "better" when the portmapper is working,
but it's not always required.
Questions:
Is 32 bit client on 64 bit Linux OS supported ? ( i was told 64 bit
version of Legato client crashes a lot)
You should be fine using the 32 bit client. I would probably use the
64 bit client, but the 32 bit should work, even on a 64 bit system.
What are the special consideration of SELinux and Legato Config
Has any one tested backup on Linux instance on Vmserver 3.02 OS ?
We're using Xen here for virtualization, rather than VMWare, so I don't
have any experience with VMWare. I can tell you that I am backing up
multiple 32 bit RHEL4 Xen guests that are hosted on a 64 bit RHEL5 server,
and the backups are working just fine (though slowly, since they're all
in the same group and they end up really contending for access to the
storage and the network device).
I think the issue you're encountering is that the client can't start up
the needed connections back to the NetWorker server, because of your
firewall. Your firewall folks won't like it, but you're going to need to
open a range of ports so the client can talk to the server. See the
archives for more on the needed ports -- Davina has posted several times
on the subject.
Your Linux sysadmins can verify that's the problem by watching network
traffic or using "strace -f" on nsrexecd, and then having you initiate
a backup of the client from the NetWorker server.
My other piece of unsolicited advice: the Linux client in the DMZ would
be more secure if it had an iptables firewall on it (with some
restrictions in place) than it is with just SELinux. I would worry more
about getting that in place (first) and only enable SELinux after I've
already tweaked the iptables rules as much as needed.
Tim
--
Tim Mooney Tim.Mooney AT ndsu DOT edu
Information Technology Services (701) 231-1076 (Voice)
Room 242-J6, IACC Building (701) 231-8541 (Fax)
North Dakota State University, Fargo, ND 58105-5164
To sign off this list, send email to listserv AT listserv.temple DOT edu and type
"signoff networker" in the body of the email. Please write to networker-request
AT listserv.temple DOT edu if you have any problems with this list. You can access the
archives at http://listserv.temple.edu/archives/networker.html or
via RSS at http://listserv.temple.edu/cgi-bin/wa?RSS&L=NETWORKER
|