More data from the job report:
This is from the e-mail status report:
12-Dec 16:20 herodotus-dir: RunBefore: Starting SSH-tunnel to
locus.dist-ed.uaf.edu...
12-Dec 16:42 herodotus-dir: Start Backup JobId 8846,
Job=locus.2005-12-12_16.20.36
12-Dec 16:47 locus-fd: locus.2005-12-12_16.20.36 Warning: bnet.c:767 Could not
connect to Storage daemon on localhost:9103. ERR=Connection refused
Retrying ...
12-Dec 16:47 locus-fd: locus.2005-12-12_16.20.36 Fatal error: Failed to
connect to Storage daemon: localhost:9103
12-Dec 16:47 herodotus-dir: locus.2005-12-12_16.20.36 Fatal error: Socket
error from Filed on Storage command: ERR=No data available
You'll notice at 16:20 the RunBefore fires off, and completes. But it is not
until I kill the tunnel 22 minutes later that the "Start Backup" actually
appears, but of course by then it can't connect.
Ideas? Are there other ports I need to forward?
j----- k-----
On Monday 12 December 2005 16:55, Joshua Kugler wrote:
> All -
>
> After using Bacula for almost a year, I'm having to make some configuration
> changes due to network topology and firewalls.
>
> The situation is this: The network server is behind a firewall. The
> clients I'm trying to back up are on the "other side" of the firewall (a
> DMZ of sorts). The network server can connect to any of the client it
> wants to, but the clients cannot connect back behind the firewall, thus
> cannot make the connection back to the backup server. So, I thought I'd
> try SSH tunneling.
>
> I modified the example ssh-tunnel script a bit, and here is my command
> line:
>
> /usr/bin/ssh -fnCN2 -o PreferredAuthentications=publickey \
> -i /usr/local/bacula/ssh/id_dsa -l $USER -R 9101:$LOCAL:9101 \
> -R 9103:$LOCAL:9103 $CLIENT
>
> The $USER is replaced with bacula (a valid account), $CLIENT is replaced
> with the client's FQDN, and $LOCAL is replaced with the FQDN of the backup
> server, and all this is run from a "Run Before Job" directive for the
> client.
>
> Here is my storage resource that I use for clients on the other side of the
> firewall. It is identical to my regular storage resource, but uses
> localhost as the address so the clients will connect to localhost:9103.
>
> Storage {
> Name = herodotus-sd-ops
> Address = localhost
> SDPort = 9103
> Password = "apasswordgoeshere"
> Device = AdicFastStor22
> Media Type = DLT8000
> Autochanger = yes
> Maximum Concurrent Jobs = 30
> }
>
> When I fire off the job, messages reports that the ssh-tunnel script
> completed successfully, and I can see the ports listening on the clients.
> However, things just hang from there.
>
> Director status shows job running.
> Client status shows no job running.
> Storage status shows no job running.
> Netstat shows no new connections on either side.
> Messages never gives the "12-Dec 16:42 herodotus-dir: Start Backup JobId
> ...., Job=...."
>
> I can even connect to localhost:9103 (on the client), type a few
> characters, and it will disconnect me, just as it would if connected
> directly to the server and did that.
>
> BUT!! When I kill the tunnel, then, and only then, the "Start Backup"
> message appears, but of course it just hangs because the client can't
> contact the server because the tunnel is down. I then have to cancel the
> backup job. When I do, SD termination status says "Waiting on FD."
>
> I'm sure it's something sadly simple, but I have been messing with this for
> the better part of 4 hours, and I still can't figure out what I am doing
> wrong. Can anyone offer any tips? When I figure this out, I'll write up a
> section for the manual so we'll have something more for ssh tunneling than
> just "Please see the script..." which isn't very helpful to someone
> unacquainted with the intricacies of ssh tunneling, key-gen/key usage, etc.
>
> Any help would be great! Thanks!
>
> j----- k-----
--
Joshua Kugler
CDE System Administrator
http://distance.uaf.edu/
-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems? Stop! Download the new AJAX search engine that makes
searching your log files as easy as surfing the web. DOWNLOAD SPLUNK!
http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click
_______________________________________________
Bacula-users mailing list
Bacula-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/bacula-users
