I understand how it's supposed to work (FD to SD), that's why I'm asking if
there was some cryptic config option or something I was missing to make it
do the reverse. It exists as Active/Passive in FTP, so it's not too crazy
to think something similar might exist for Bacula. I guess not though.
I'll look into the SSH tunneling, hopefully it won't be too bad!
On Mon, Jun 20, 2011 at 1:05 PM, Gavin McCullagh <gavin.mccull...@gcd.ie>wrote:
> Hi,
>
> On Mon, 20 Jun 2011, Kevin O'Connor wrote:
>
> > Bacula Server (DIR, SD) -> Firewall/NAT -> Server to be backed up (FD)
> >
> > The FD is accessible from anywhere, but the DIR/SD is not (NAT/FW).
> >
> > When I start the backup, the Director connects to the FD without a
> problem,
> > but then when the Director tells the FD to connect back to the SD it
> fails
> > because of the NAT. I'm in a situation where I can't get the ports
> > forwarded, but it would seem that there should be a way to have the SD
> > connect out to the FD or something along those lines to get this working.
> > Is there a way to do that that I've missed in the docs or is really the
> > only way to get this working is to expose the SD?
>
> As far as I understand it, both backups and restores involve a TCP session
> opening from the FD to the SD -- not the reverse.
>
> What you could do is to have software on the SD open up a channel onto the
> FD with a port forward. There are different tools for this but one is ssh
> or autossh.
>
> sd-host% ssh -L 9103:localhost:9103 fd-host
>
> then have the FD connect to localhost instead of the sd-host (in the
> director configuration). With autossh if the connection dies it'll restart
> itself. I've done this in one case and it worked pretty well. With SSH
> you are adding the extra load of encrypting all of the data in transit
> which might or might not be a problem, depending on your available CPU
> cycles and the quantities of data you need to ship.
>
> The same tunnel should work for a restore.
>
> Gavin
>
>
>
>
> ------------------------------------------------------------------------------
> EditLive Enterprise is the world's most technically advanced content
> authoring tool. Experience the power of Track Changes, Inline Image
> Editing and ensure content is compliant with Accessibility Checking.
> http://p.sf.net/sfu/ephox-dev2dev
> _______________________________________________
> Bacula-users mailing list
> Bacula-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/bacula-users
>
------------------------------------------------------------------------------
EditLive Enterprise is the world's most technically advanced content
authoring tool. Experience the power of Track Changes, Inline Image
Editing and ensure content is compliant with Accessibility Checking.
http://p.sf.net/sfu/ephox-dev2dev
_______________________________________________
Bacula-users mailing list
Bacula-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/bacula-users
