Hello List, Although there's some information on 'Dealing_with_Firewalls.html' about this, it seems to not describe the solution to this problem.
Problem: A single storage daemon listens on 64.12.34.56 AND 192.168.1.2, and provides a certificate (myhost.domain.com corresponding to 64.12.34.56) to incoming connections from directors and file daemons. Incoming connections to 192.168.1.2 fail, because mycert.domain.com only resolves to the first of the two IP addresses. The configuration keyword TLS Require is set to 'yes' (as it should be.) This seems to be a design problem in any daemon that can listen on multiple addresses. Because Kern just today said that he puts emphasis on design, I'm wondering what is wrong with this picture. The OSs involved are Solaris IA32 and Linux X86_64, while all Bacula versions are 3.0.2. Should I post a bacula-sd.conf? Tested solution: I've tried running two almost identical storage daemons. In this case there are two configuration files, only differening in the listening IP address and having two different certificates. Although this should work, running 'bacula-sd <options> -c second-sd.conf' fails silently and no new bacula-sd process is created. What is the proper way to go about listening on two subnets while presenting the proper certificate to incoming TLS connections? Regards, Eduard ------------------------------------------------------------------------------ Come build with us! The BlackBerry® Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9-12, 2009. Register now! http://p.sf.net/sfu/devconf _______________________________________________ Bacula-users mailing list Bacula-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bacula-users
