Timo Neuvonen wrote:
> I just added into my system another file daemon to be baked up.
>
> This new client is dilbert-fd, which is located in the dmz network segment
> of a SonicWall firewall, while the director and the storage daemon are on
> the lan network segment.
>
> By default, all traffic from lan to dmz is allowed. I also made a firewall
> rule to open the port 9103 from dmz to the director. There are tcp and udp
> protocols to choose from in the rules (I chose tcp), which one would be the
> correct one to use in the rule that is expected to allow the file daemon to
> communicate with storage daemon?
>
> Now, when I start a backup job, everything seems to be running nicely.
> Until...
>
> 21-Oct 16:16 dogbert-dir: Nightly_Backup_-Dilbert.2005-10-21_16.01.35 Fatal
> error: Network error with FD during Backup: ERR=Connection reset by peer
> 21-Oct 16:17 dogbert-dir: Nightly_Backup_-Dilbert.2005-10-21_16.01.35 Fatal
> error: No Job status returned from FD.
>
> I tried this several times.
> It kept taking appr. 15 minutes, until the backup job always terminates with
> this error:
>
> After investigating the firewall rules, the default rule for traffic from
> lan to dmz had 15 minute "Inactivity Timeout". To be quite honest, I don't
> know what this exactly means. Anyway, I changed this to 5 minutes, and then
> the same error started appear in 5 minutes.
>
> Of course, I need to find out what this timeout means, but now I'm wondering
> what kind of connection used by Bacula causes this? Is there a connection
> from director to file daemon that is opened at the beginning of the job, but
> there is no traffic anyway?
>
> I wouldn't like to change this timeout permanently to any very long time,
> unless I really know it is necessary...
Timo, you are aware that just port 9103 isn't enough, right? The
Director will tell the FD which SD to dsend data to, and the client will
send data directly to the SD. So that port needs to be open too. I'd
play safe and open 9101-9103, then try it again and see if it works like
that. Also enable the heartbeat for that client.
--
Phil Stracchino [EMAIL PROTECTED]
Renaissance Man, Unix generalist, Perl hacker
Mobile: 603-216-7037 Landline: 603-886-3518
-------------------------------------------------------
This SF.Net email is sponsored by:
Power Architecture Resource Center: Free content, downloads, discussions,
and more. http://solutions.newsforge.com/ibmarch.tmpl
_______________________________________________
Bacula-users mailing list
Bacula-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/bacula-users
