Re: Do I get this right ?

Mon, 05 Mar 2001 12:54:51 -0800 

>I'm in new in this amanda world.

Welcome!

>First the cron job on the server launches the amdump
>The amanda checks the disklist and connect to the client via UDP
>The Client answer back via UDP and launches amandad which takes care of
>the transit.
>Is it right ?

Pretty much, although the actual data transfer of the backup image,
error messages and catalogue (if enabled) is done with TCP.

It goes like this:

  Amanda Server                           Amanda Client
  =============                           =============
  send UDP request to client:10082
                                          inetd sees UDP request and starts
                                          amandad

                                          amandad reads and decodes packet,
                                          performs security checks and starts
                                          the requested "service" (selfcheck,
                                          sendsize, sendbackup)

                                          sendbackup creates two or three
                                          TCP sockets (data, messages,
                                          index/catalogue) and sends those
                                          port numbers back to the server in
                                          a UDP packet

                                          client waits for incoming connections
                                          on the new ports

  get port numbers from client and
  connect via TCP

                                          accepts connections and transfers
                                          data

>One other question, can soemone tells me which port I have to open on the
>client side ? 

UDP 10080 is the only thing a client needs.  The server needs TCP 10082
and 10083 if you plan on using amrecover.

When the sendbackup TCP sockets are created on the client and when
the corresponding sockets are created on the server, ports are chosen
first from the range you gave ./configure with --with-portrange (if
you set that at all), then privileged ports (512 .. 1023) are tried,
then any available port.  When programs are not running as root (such
as sendbackup), they cannot get a privileged port, so that part does
not apply.

UDP ports are bound to specific ranges just like TCP ports.  Amcheck,
planner and dumper use that so you can limit the values selected to get
through a firewall.

>I have removed the UDP 10080, TCP 10082 - 10083 from the
>"services" file on the client machine, restarted inetd and amcheck still
>works. Is it normal ?

I don't know how that could work.  After removing those entries from your
services file, inetd should have been unhappy with your configuragion file
and not accepted connections.  There must be something else going on here.

>Olivier Collet

John R. Jackson, Technical Software Specialist, [EMAIL PROTECTED]

Reply via email to