On Monday 02 April 2007 23:47, Drew Tomlinson wrote: > I run Bacula v1.38 on my home network. Both the director and the client > with which I am having trouble are running FreeBSD 6.1. Things worked > flawlessly until I changed my firewall from ipfw2 to pf, backups fail > intermittently on my router due to "broken network pipes" usually after > somewhere around 10 MB - 12 MB has been transfered. Thus small > incremental backups are successful but larger full backups are not. I > do not have this problem when I disable pf on the router, nor do I have > problems when completing backups with other machines on my internal > network. My setup looks like this: > > bacula director --------- router (client) > 192.168.1.4 (fxp0) 192.168.1.2 (dc0) > > Communication takes place on ports 9102 and 9103. I captured this > output from pflog0 after starting a backup: > > blacksheep# tcpdump -netttti pflog0 "( host blacksheep or blacklamb ) > and ( port 9102 or port 9103 )" > tcpdump: WARNING: pflog0: no IPv4 address assigned > tcpdump: verbose output suppressed, use -v or -vv for full protocol decode > listening on pflog0, link-type PFLOG (OpenBSD pflog file), capture size > 96 bytes > 2007-04-02 13:57:21.021122 rule 7/0(match): pass in on dc0: > 192.168.1.4.52295 > 192.168.1.2.9102: S 2822997678:2822997678(0) win > 65535 <mss 1460,nop,wscale 1,[|tcp]> > 2007-04-02 13:57:23.532037 rule 13/0(match): pass out on dc0: > 192.168.1.2.64955 > 192.168.1.4.9103: S 2265048451:2265048451(0) win > 65535 <mss 1460,nop,wscale 1,[|tcp]> > 2007-04-02 13:57:23.532323 rule 7/0(match): pass in on dc0: > 192.168.1.4.9103 > 192.168.1.2.64955: S 3452777266:3452777266(0) ack > 2265048452 win 65535 <mss 1460,nop,wscale 1,[|tcp]> > > And the rules are: > > @7 pass in log on dc0 inet proto tcp from 192.168.1.0/24 to any modulate > state queue(std_out, ack_out) > @13 pass out log on dc0 inet all > > Any ideas why Bacula would have such a problem? Other things to check?
It sounds like it is clearly a problem with pf or your configuration of pf, and so you probably should bring it up with the OpenBSD pf group. The Bacula manual has a section some place with a schematic of all the connections that take place between the daemons for those who work with firewalls. With that info in hand, a pf firewall expert should be able to resolve the problem. > > Thanks, > > Drew > > -- > Be a Great Magician! > Visit The Alchemist's Warehouse > > http://www.alchemistswarehouse.com > > > ------------------------------------------------------------------------- > Take Surveys. Earn Cash. Influence the Future of IT > Join SourceForge.net's Techsay panel and you'll get the chance to share your > opinions on IT & business topics through brief surveys-and earn cash > http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV > _______________________________________________ > Bacula-users mailing list > Bacula-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/bacula-users > ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ Bacula-users mailing list Bacula-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bacula-users
