Re: Unable to backup clients
Hi! But the backups fail. Checking the logs in /tmp/amanda (on the clients), I see things like: sendbackup: time 0.000: stream_server: waiting for connection: 0.0.0.0.33011 sendbackup: time 0.001: stream_server: waiting for connection: 0.0.0.0.33012 sendbackup: time 0.001: stream_server: waiting for connection: 0.0.0.0.33013 sendbackup: time 0.001: waiting for connect on 33011, then 33012, then 33013 sendbackup: time 29.991: stream_accept: timeout after 30 seconds sendbackup: time 29.991: timeout on data port 33011 sendbackup: time 59.991: stream_accept: timeout after 30 seconds sendbackup: time 59.991: timeout on mesg port 33012 sendbackup: time 89.991: stream_accept: timeout after 30 seconds sendbackup: time 89.991: timeout on index port 33013 sendbackup: time 89.991: pid 1873 finish time Thu Jan 8 01:05:15 2004 All hosts were configured with: --with-tcpportrange=850,854 --with-udpportrange=850,854 So why am I getting connections on port 33011? I have 850-854 opened on the firewall, but if it's trying to connect on 33xxx then of course it's not going to work. On the server, my /etc/services has: amanda 850/udp # amanda backup services amanda 850/tcp kamanda 851/tcp # amanda backup services (Kerberos) kamanda 851/udp # amanda backup services (Kerberos) amandaidx 852/tcp # amanda backup services amidxtape 853/tcp # amanda backup services There have been a lot of messages in this thread, but IMHO a point is still being missed. Let me try. The 'portrange' parameter has nothing to do with ports where amandad, amandaidxd and amidxtaped listen. These ports should always be 10080, 10081, 10082. These ports are only used to initiate backup/restore sessions, not for actual transfer of data. These are also the ports that should be listed in /etc/services and configured in (x)inetd.conf. The ports from 'portrange' don't need to be listed in /etc/services. When the client is being backed up, the process called 'sendbackup' is started on the client, listening on a port from 'portrange' (or random port if compiled without portrange option). The server then connects to this port to get the actual backup data. In your case, I guess sendbackup can't bind to ports in your 'portrange', because you have mistakenly started Amanda services on these same ports. So it goes for the next thing it can do, which is random high number port. -- Toomas Aas | [EMAIL PROTECTED] | http://www.raad.tartu.ee/~toomas/ * I spilled spot remover on my dog. Now he's gone.
Re: Unable to backup clients
Don, I'll give that a try, thanks. I'm recompiling the server and clients as I write this. Can you tell me what your /etc/services looks like for the amanda services? Thanks, Mike [EMAIL PROTECTED] wrote: Mike: There may be a bit of misunderstanding here. The TCP ports may be in the unprivileged range, since the ones we use here are 5-50040. We do have the UDP ports in the range of 890-899. See if you can try a different range on TCP ports and, if possible, allocate a larger range of ports (since Amanda will reuse them, but cannot use more than the port range at one time). Our options to the configure are: --with-portrange=5,50040 --with-udpportrange=890,899 Best of luck, Don Donald L. (Don) Ritchey E-mail: [EMAIL PROTECTED] -Original Message- From: Mike Heller [mailto:[EMAIL PROTECTED]] Sent: Monday, January 12, 2004 3:58 PM To: [EMAIL PROTECTED] Subject: Re: Unable to backup clients Jon LaBadie wrote: On Mon, Jan 12, 2004 at 11:32:22AM -0800, Mike Heller wrote: I fixed the problem of the "high server load" by installing amanda version 2.4.4p1 on the server and the clients. ... But the backups fail. Checking the logs in /tmp/amanda (on the clients), I see things like: sendbackup: time 0.000: stream_server: waiting for connection: 0.0.0.0.33011 sendbackup: time 0.001: stream_server: waiting for connection: 0.0.0.0.33012 sendbackup: time 0.001: stream_server: waiting for connection: 0.0.0.0.33013 sendbackup: time 0.001: waiting for connect on 33011, then 33012, then 33013 sendbackup: time 29.991: stream_accept: timeout after 30 seconds sendbackup: time 29.991: timeout on data port 33011 sendbackup: time 59.991: stream_accept: timeout after 30 seconds sendbackup: time 59.991: timeout on mesg port 33012 sendbackup: time 89.991: stream_accept: timeout after 30 seconds sendbackup: time 89.991: timeout on index port 33013 sendbackup: time 89.991: pid 1873 finish time Thu Jan 8 01:05:15 2004 All hosts were configured with: --with-tcpportrange=850,854 --with-udpportrange=850,854 So why am I getting connections on port 33011? I have 850-854 opened on the firewall, but if it's trying to connect on 33xxx then of course it's not going to work. Note, I'm speaking from a position of ZERO experience on this: From the PORT.USAGE document: Pick the max of (2 * inparallel) and (3 * largest maxdumps). Allocate at least that many ports in the unprivileged (1024 or larger) range. Three questions: Did you allocate sufficient number of ports? Looking at that, I don't think so. I have inparallel=4, and I have no maxdumps set so the default is 1. I can reduce the inparallel number to see if that makes a difference. Currently I have ports 850-854, which is only 5 Are they in the unprivileged range? No, they are not, but that seems to contradict the Amanda FAQ which is what I followed. http://amanda.sourceforge.net/fom-serve/cache/139.html /You must pick ports under 1024 or amanda will complain of "insecure ports used" those ports should of course not conflict with other services listed in /etc/services. ( I suggest 850-854 or 859)/ Is the proper syntax for the option ...=N1,N2 or ...=N1-N2? --with-tcpportrange=low,high bind unreserved TCP server sockets to ports within this range unlimited --with-udpportrange=low,high bind reserved UDP server sockets to ports within this range unlimited So the command I used --with-tcpportrange=850,854 should be correct. Mike This e-mail and any of its attachments may contain Exelon Corporation proprietary information, which is privileged, confidential, or subject to copyright belonging to the Exelon Corporation family of Companies. This e-mail is intended solely for the use of the individual or entity to which it is addressed. If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution, copying, or action taken in relation to the contents of and attachments to this e-mail is strictly prohibited and may be unlawful. If you have received this e-mail in error, please notify the sender immediately and permanently delete the original and any copy of this e-mail and any printout. Thank You. -- Mike Heller _ Mike Heller Software Developer Destiny Media Technologies Inc. clipstream.com T: (604) 609-7736 F: (604) 609 0611 [EMAIL PROTECTED]
RE: Unable to backup clients
Mike: The Amanda entries in /etc/services are unchanged from the stock Amanda settings. # AMANDA (Advanced Maryland Automated Network Disk Archiver)## Amanda 2.2 service#amanda 10080/udpamandaidx 10082/tcpamidxtape 10083/tcp What changes with the portrangeand udpportrange are the unadvertised and random ports that Amanda uses to perform the work of backup and recovery. The Amanda UDP port on 10080 is (apparently) used for job control and reporting between amanda servers and clients. The actual backup is done on three TCP ports allocated to each backup task (for standard-in, standard-out, and standard-error connects from the server to the client). You will need firewall ports opened for all three Amanda ports, but the Amanda 10080 port must be open from the server to the clients for initiating and controlling backups. The other two must be open from the clients to the server, since they are used by the clients to request an amrecover or amrestore session. Good luck and best wishes, Don Donald L. (Don) Ritchey E-mail: [EMAIL PROTECTED] -Original Message-From: Mike Heller [mailto:[EMAIL PROTECTED]Sent: Tuesday, January 13, 2004 10:46 AMTo: [EMAIL PROTECTED]Subject: Re: Unable to backup clientsDon, I'll give that a try, thanks. I'm recompiling the server and clients as I write this.Can you tell me what your /etc/services looks like for the amanda services?Thanks,Mike[EMAIL PROTECTED] wrote: Mike: There may be a bit of misunderstanding here. The TCP ports may be in the unprivileged range, since the ones we use here are 5-50040. We do have the UDP ports in the range of 890-899. See if you can try a different range on TCP ports and, if possible, allocate a larger range of ports (since Amanda will reuse them, but cannot use more than the port range at one time). Our options to the configure are: --with-portrange=5,50040 --with-udpportrange=890,899 Best of luck, Don Donald L. (Don) Ritchey E-mail: [EMAIL PROTECTED] -Original Message- From: Mike Heller [mailto:[EMAIL PROTECTED]] Sent: Monday, January 12, 2004 3:58 PM To: [EMAIL PROTECTED] Subject: Re: Unable to backup clients Jon LaBadie wrote: On Mon, Jan 12, 2004 at 11:32:22AM -0800, Mike Heller wrote: I fixed the problem of the "high server load" by installing amanda version 2.4.4p1 on the server and the clients. ... But the backups fail. Checking the logs in /tmp/amanda (on the clients), I see things like: sendbackup: time 0.000: stream_server: waiting for connection: 0.0.0.0.33011 sendbackup: time 0.001: stream_server: waiting for connection: 0.0.0.0.33012 sendbackup: time 0.001: stream_server: waiting for connection: 0.0.0.0.33013 sendbackup: time 0.001: waiting for connect on 33011, then 33012, then 33013 sendbackup: time 29.991: stream_accept: timeout after 30 seconds sendbackup: time 29.991: timeout on data port 33011 sendbackup: time 59.991: stream_accept: timeout after 30 seconds sendbackup: time 59.991: timeout on mesg port 33012 sendbackup: time 89.991: stream_accept: timeout after 30 seconds sendbackup: time 89.991: timeout on index port 33013 sendbackup: time 89.991: pid 1873 finish time Thu Jan 8 01:05:15 2004 All hosts were configured with: --with-tcpportrange=850,854 --with-udpportrange=850,854 So why am I getting connections on port 33011? I have 850-854 opened on the firewall, but if it's trying to connect on 33xxx then of course it's not going to work. Note, I'm speaking from a position of ZERO experience on this: From the PORT.USAGE document: Pick the max of (2 * inparallel) and (3 * largest maxdumps). Allocate at least that many ports in the unprivileged (1024 or larger) range. Three questions: Did you allocate sufficient number of ports? Looking at that, I don't think so. I have inparallel=4, and I have no maxdumps set so the default is 1. I can reduce the inparallel number to see if that makes a difference. Currently I have ports 850-854, which is only 5 Are they in the unprivileged range? No, they are not, but that seems to contradict the Amanda FAQ which is what I followed. http://amanda.sourceforge.net/fom-serve/cache/139.html /You must pick ports under 1024 or amanda will complain of "insecure ports used" those ports should of course not conflict with other services listed in /etc/services. ( I suggest 850-854 or 859)/ Is the proper syntax for the option ...=N1,N2 or ...=N1-N2? --with-tcpportrange=low,high bind unreserved TCP server sockets to ports within this range unlimited --with-udpportrange=low,high bind reserved UDP server sockets to ports within this range unlimited So the command I used --with-tcpportrange=850,854 shou
Re: Unable to backup clients [possibly fixed!]
Hello again Don, Well, I recompiled with the options you suggested, updated my /etc/services, and opened up the firewall on the server and clients on the ports specified. I ran a small test backup and it seems to have worked with no errors. The whole process was a bit confusing because of how the ports are used. I'll run the full backups tonight to see how they do. Thank you kindly, your help is very appreciated. Mike [EMAIL PROTECTED] wrote: Mike: The Amanda entries in /etc/services are unchanged from the stock Amanda settings. # AMANDA (Advanced Maryland Automated Network Disk Archiver) # # Amanda 2.2 service # amanda 10080/udp amandaidx 10082/tcp amidxtape 10083/tcp What changes with the portrangeand udpportrange are the unadvertised and random ports that Amanda uses to perform the work of backup and recovery. The Amanda UDP port on 10080 is (apparently) used for job control and reporting between amanda servers and clients. The actual backup is done on three TCP ports allocated to each backup task (for standard-in, standard-out, and standard-error connects from the server to the client). You will need firewall ports opened for all three Amanda ports, but the Amanda 10080 port must be open from the server to the clients for initiating and controlling backups. The other two must be open from the clients to the server, since they are used by the clients to request an amrecover or amrestore session. Good luck and best wishes, Don Donald L. (Don) Ritchey E-mail: [EMAIL PROTECTED] -Original Message- From: Mike Heller [mailto:[EMAIL PROTECTED]] Sent: Tuesday, January 13, 2004 10:46 AM To: [EMAIL PROTECTED] Subject: Re: Unable to backup clients Don, I'll give that a try, thanks. I'm recompiling the server and clients as I write this. Can you tell me what your /etc/services looks like for the amanda services? Thanks, Mike [EMAIL PROTECTED] wrote: Mike: There may be a bit of misunderstanding here. The TCP ports may be in the unprivileged range, since the ones we use here are 5-50040. We do have the UDP ports in the range of 890-899. See if you can try a different range on TCP ports and, if possible, allocate a larger range of ports (since Amanda will reuse them, but cannot use more than the port range at one time). Our options to the configure are: --with-portrange=5,50040 --with-udpportrange=890,899 Best of luck, Don Donald L. (Don) Ritchey E-mail: [EMAIL PROTECTED] -Original Message- From: Mike Heller [mailto:[EMAIL PROTECTED]] Sent: Monday, January 12, 2004 3:58 PM To: [EMAIL PROTECTED] Subject: Re: Unable to backup clients Jon LaBadie wrote: On Mon, Jan 12, 2004 at 11:32:22AM -0800, Mike Heller wrote: I fixed the problem of the "high server load" by installing amanda version 2.4.4p1 on the server and the clients. ... But the backups fail. Checking the logs in /tmp/amanda (on the clients), I see things like: sendbackup: time 0.000: stream_server: waiting for connection: 0.0.0.0.33011 sendbackup: time 0.001: stream_server: waiting for connection: 0.0.0.0.33012 sendbackup: time 0.001: stream_server: waiting for connection: 0.0.0.0.33013 sendbackup: time 0.001: waiting for connect on 33011, then 33012, then 33013 sendbackup: time 29.991: stream_accept: timeout after 30 seconds sendbackup: time 29.991: timeout on data port 33011 sendbackup: time 59.991: stream_accept: timeout after 30 seconds sendbackup: time 59.991: timeout on mesg port 33012 sendbackup: time 89.991: stream_accept: timeout after 30 seconds sendbackup: time 89.991: timeout on index port 33013 sendbackup: time 89.991: pid 1873 finish time Thu Jan 8 01:05:15 2004 All hosts were configured with: --with-tcpportrange=850,854 --with-udpportrange=850,854 So why am I getting connections on port 33011? I have 850-854 opened on the firewall, but if it's trying to connect on 33xxx then of course it's not going to work. Note, I'm speaking from a position of ZERO experience on this: From the PORT.USAGE document: Pick the max of (2 * inparallel) and (3 * largest maxdumps). Allocate at least that many ports in the unprivileged (1024 or larger) range. Three questions: Did you allocate sufficient number of ports? Looking at that, I don't think so. I have inparallel=4, and I have no maxdumps set so the default is 1. I can reduce the inparallel number to see if that makes a difference. Currently I have ports 850-854, which is only 5 Are they in the unprivil
Re: Unable to backup clients
Note the tape error is because I haven't yet switched the tape, it's not the cause of the failed backups. Just wanted to clarify that. Thanks, Mike Mike Heller wrote: I fixed the problem of the high server load by installing amanda version 2.4.4p1 on the server and the clients. amcheck daily now reports: Amanda Tape Server Host Check - Holding disk /big/backup/amanda/dumps: 1034688 KB disk space available, using 215488 KB ERROR: /dev/nst0: rewinding tape: Input/output error (expecting tape DailySet1-003 or a new tape) NOTE: skipping tape-writable test Server check took 30.099 seconds Amanda Backup Client Hosts Check Client check: 3 hosts checked in 1.076 seconds, 0 problems found (brought to you by Amanda 2.4.4p1) But the backups fail. Checking the logs in /tmp/amanda (on the clients), I see things like: sendbackup: time 0.000: stream_server: waiting for connection: 0.0.0.0.33011 sendbackup: time 0.001: stream_server: waiting for connection: 0.0.0.0.33012 sendbackup: time 0.001: stream_server: waiting for connection: 0.0.0.0.33013 sendbackup: time 0.001: waiting for connect on 33011, then 33012, then 33013 sendbackup: time 29.991: stream_accept: timeout after 30 seconds sendbackup: time 29.991: timeout on data port 33011 sendbackup: time 59.991: stream_accept: timeout after 30 seconds sendbackup: time 59.991: timeout on mesg port 33012 sendbackup: time 89.991: stream_accept: timeout after 30 seconds sendbackup: time 89.991: timeout on index port 33013 sendbackup: time 89.991: pid 1873 finish time Thu Jan 8 01:05:15 2004 All hosts were configured with: --with-tcpportrange=850,854 --with-udpportrange=850,854 So why am I getting connections on port 33011? I have 850-854 opened on the firewall, but if it's trying to connect on 33xxx then of course it's not going to work. On the server, my /etc/services has: amanda 850/udp # amanda backup services amanda 850/tcp kamanda 851/tcp # amanda backup services (Kerberos) kamanda 851/udp # amanda backup services (Kerberos) amandaidx 852/tcp # amanda backup services amidxtape 853/tcp # amanda backup services The clients have: amanda 850/udp amanda 850/tcp kamanda 851/udp amandaidx 852/tcp -- _ *Mike Heller* Software Developer Destiny Media Technologies Inc. clipstream.com http://clipstream.com T: (604) 609-7736 F: (604) 609 0611 [EMAIL PROTECTED] mailto:[EMAIL PROTECTED]
RE: Unable to backup clients
But the backups fail. Checking the logs in /tmp/amanda (on the clients), I see things like: sendbackup: time 0.000: stream_server: waiting for connection: 0.0.0.0.33011 sendbackup: time 0.001: stream_server: waiting for connection: 0.0.0.0.33012 sendbackup: time 0.001: stream_server: waiting for connection: 0.0.0.0.33013 sendbackup: time 0.001: waiting for connect on 33011, then 33012, then 33013 sendbackup: time 29.991: stream_accept: timeout after 30 seconds sendbackup: time 29.991: timeout on data port 33011 sendbackup: time 59.991: stream_accept: timeout after 30 seconds sendbackup: time 59.991: timeout on mesg port 33012 sendbackup: time 89.991: stream_accept: timeout after 30 seconds sendbackup: time 89.991: timeout on index port 33013 sendbackup: time 89.991: pid 1873 finish time Thu Jan 8 01:05:15 2004 All hosts were configured with: --with-tcpportrange=850,854 --with-udpportrange=850,854 So why am I getting connections on port 33011? I have 850-854 opened on the firewall, but if it's trying to connect on 33xxx then of course it's not going to work. On the server, my /etc/services has: amanda 850/udp # amanda backup services amanda 850/tcp kamanda 851/tcp # amanda backup services (Kerberos) kamanda 851/udp # amanda backup services (Kerberos) amandaidx 852/tcp # amanda backup services amidxtape 853/tcp # amanda backup services The clients have: amanda 850/udp amanda 850/tcp kamanda 851/udp amandaidx 852/tcp All I can tell you is that for me to be able to back up my firewall, I had to create a rule that allowed my amanda server full access to all of my high ports (1023). I had this problem and this is what Joshua from this listserv came back with. Worked like a charm. I would suggest trying this.
Re: Unable to backup clients
Rebecca Pakish Crum wrote: But the backups fail. Checking the logs in /tmp/amanda (on the clients), I see things like: sendbackup: time 0.000: stream_server: waiting for connection: 0.0.0.0.33011 sendbackup: time 0.001: stream_server: waiting for connection: 0.0.0.0.33012 sendbackup: time 0.001: stream_server: waiting for connection: 0.0.0.0.33013 sendbackup: time 0.001: waiting for connect on 33011, then 33012, then 33013 sendbackup: time 29.991: stream_accept: timeout after 30 seconds sendbackup: time 29.991: timeout on data port 33011 sendbackup: time 59.991: stream_accept: timeout after 30 seconds sendbackup: time 59.991: timeout on mesg port 33012 sendbackup: time 89.991: stream_accept: timeout after 30 seconds sendbackup: time 89.991: timeout on index port 33013 sendbackup: time 89.991: pid 1873 finish time Thu Jan 8 01:05:15 2004 All hosts were configured with: --with-tcpportrange=850,854 --with-udpportrange=850,854 So why am I getting connections on port 33011? I have 850-854 opened on the firewall, but if it's trying to connect on 33xxx then of course it's not going to work. On the server, my /etc/services has: amanda 850/udp # amanda backup services amanda 850/tcp kamanda 851/tcp # amanda backup services (Kerberos) kamanda 851/udp # amanda backup services (Kerberos) amandaidx 852/tcp # amanda backup services amidxtape 853/tcp # amanda backup services The clients have: amanda 850/udp amanda 850/tcp kamanda 851/udp amandaidx 852/tcp All I can tell you is that for me to be able to back up my firewall, I had to create a rule that allowed my amanda server full access to all of my high ports (1023). I had this problem and this is what Joshua from this listserv came back with. Worked like a charm. I would suggest trying this. I suppose that could be the next option, but it still does not explain why amanda is connecting on port 33xxx when I compiled with restrictions to ports 850-854. I'm hoping someone can explain some of this to me. Mike
RE: Unable to backup clients
Mike: Did you install the modified Amanda software on both client and server? They have to match so that their port expectations and limitations are consistent. We use this configuration here with great success, but you have to install the portlist modifications on both ends of the connection. Don Donald L. (Don) Ritchey E-mail: [EMAIL PROTECTED] -Original Message- From: Mike Heller [mailto:[EMAIL PROTECTED] Sent: Monday, January 12, 2004 1:59 PM To: Rebecca Pakish Crum Cc: [EMAIL PROTECTED] Subject: Re: Unable to backup clients Rebecca Pakish Crum wrote: But the backups fail. Checking the logs in /tmp/amanda (on the clients), I see things like: sendbackup: time 0.000: stream_server: waiting for connection: 0.0.0.0.33011 sendbackup: time 0.001: stream_server: waiting for connection: 0.0.0.0.33012 sendbackup: time 0.001: stream_server: waiting for connection: 0.0.0.0.33013 sendbackup: time 0.001: waiting for connect on 33011, then 33012, then 33013 sendbackup: time 29.991: stream_accept: timeout after 30 seconds sendbackup: time 29.991: timeout on data port 33011 sendbackup: time 59.991: stream_accept: timeout after 30 seconds sendbackup: time 59.991: timeout on mesg port 33012 sendbackup: time 89.991: stream_accept: timeout after 30 seconds sendbackup: time 89.991: timeout on index port 33013 sendbackup: time 89.991: pid 1873 finish time Thu Jan 8 01:05:15 2004 All hosts were configured with: --with-tcpportrange=850,854 --with-udpportrange=850,854 So why am I getting connections on port 33011? I have 850-854 opened on the firewall, but if it's trying to connect on 33xxx then of course it's not going to work. On the server, my /etc/services has: amanda 850/udp # amanda backup services amanda 850/tcp kamanda 851/tcp # amanda backup services (Kerberos) kamanda 851/udp # amanda backup services (Kerberos) amandaidx 852/tcp # amanda backup services amidxtape 853/tcp # amanda backup services The clients have: amanda 850/udp amanda 850/tcp kamanda 851/udp amandaidx 852/tcp All I can tell you is that for me to be able to back up my firewall, I had to create a rule that allowed my amanda server full access to all of my high ports (1023). I had this problem and this is what Joshua from this listserv came back with. Worked like a charm. I would suggest trying this. I suppose that could be the next option, but it still does not explain why amanda is connecting on port 33xxx when I compiled with restrictions to ports 850-854. I'm hoping someone can explain some of this to me. Mike This e-mail and any of its attachments may contain Exelon Corporation proprietary information, which is privileged, confidential, or subject to copyright belonging to the Exelon Corporation family of Companies. This e-mail is intended solely for the use of the individual or entity to which it is addressed. If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution, copying, or action taken in relation to the contents of and attachments to this e-mail is strictly prohibited and may be unlawful. If you have received this e-mail in error, please notify the sender immediately and permanently delete the original and any copy of this e-mail and any printout. Thank You.
Re: Unable to backup clients
Yes, I used essentially the same config string on both server and clients except on the client side I added: --without-server --without-restore Mike [EMAIL PROTECTED] wrote: Mike: Did you install the modified Amanda software on both client and server? They have to match so that their port expectations and limitations are consistent. We use this configuration here with great success, but you have to install the portlist modifications on both ends of the connection. Don Donald L. (Don) Ritchey E-mail: [EMAIL PROTECTED] -Original Message- From: Mike Heller [mailto:[EMAIL PROTECTED]] Sent: Monday, January 12, 2004 1:59 PM To: Rebecca Pakish Crum Cc: [EMAIL PROTECTED] Subject: Re: Unable to backup clients Rebecca Pakish Crum wrote: But the backups fail. Checking the logs in /tmp/amanda (on the clients), I see things like: sendbackup: time 0.000: stream_server: waiting for connection: 0.0.0.0.33011 sendbackup: time 0.001: stream_server: waiting for connection: 0.0.0.0.33012 sendbackup: time 0.001: stream_server: waiting for connection: 0.0.0.0.33013 sendbackup: time 0.001: waiting for connect on 33011, then 33012, then 33013 sendbackup: time 29.991: stream_accept: timeout after 30 seconds sendbackup: time 29.991: timeout on data port 33011 sendbackup: time 59.991: stream_accept: timeout after 30 seconds sendbackup: time 59.991: timeout on mesg port 33012 sendbackup: time 89.991: stream_accept: timeout after 30 seconds sendbackup: time 89.991: timeout on index port 33013 sendbackup: time 89.991: pid 1873 finish time Thu Jan 8 01:05:15 2004 All hosts were configured with: --with-tcpportrange=850,854 --with-udpportrange=850,854 So why am I getting connections on port 33011? I have 850-854 opened on the firewall, but if it's trying to connect on 33xxx then of course it's not going to work. On the server, my /etc/services has: amanda 850/udp # amanda backup services amanda 850/tcp kamanda 851/tcp # amanda backup services (Kerberos) kamanda 851/udp # amanda backup services (Kerberos) amandaidx 852/tcp # amanda backup services amidxtape 853/tcp # amanda backup services The clients have: amanda 850/udp amanda 850/tcp kamanda 851/udp amandaidx 852/tcp All I can tell you is that for me to be able to back up my firewall, I had to create a rule that allowed my amanda server full access to all of my high ports (1023). I had this problem and this is what Joshua from this listserv came back with. Worked like a charm. I would suggest trying this. I suppose that could be the next option, but it still does not explain why amanda is connecting on port 33xxx when I compiled with restrictions to ports 850-854. I'm hoping someone can explain some of this to me. Mike This e-mail and any of its attachments may contain Exelon Corporation proprietary information, which is privileged, confidential, or subject to copyright belonging to the Exelon Corporation family of Companies. This e-mail is intended solely for the use of the individual or entity to which it is addressed. If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution, copying, or action taken in relation to the contents of and attachments to this e-mail is strictly prohibited and may be unlawful. If you have received this e-mail in error, please notify the sender immediately and permanently delete the original and any copy of this e-mail and any printout. Thank You.
Re: Unable to backup clients
Gene, Not if the drive is in the eject (operate handle) status, you can't do anything with the tape at that point. Mike Gene Heskett wrote: On Monday 12 January 2004 14:34, Mike Heller wrote: Note the tape error is because I haven't yet switched the tape, it's not the cause of the failed backups. Just wanted to clarify that. Thanks, Mike No Mike, thats a real error. Amcheck would have rewound the tape and read the label if the system was working. Mike Heller wrote: I fixed the problem of the "high server load" by installing amanda version 2.4.4p1 on the server and the clients. amcheck daily now reports: Amanda Tape Server Host Check - Holding disk /big/backup/amanda/dumps: 1034688 KB disk space available, using 215488 KB ERROR: /dev/nst0: rewinding tape: Input/output error (expecting tape DailySet1-003 or a new tape) NOTE: skipping tape-writable test Server check took 30.099 seconds Amanda Backup Client Hosts Check Client check: 3 hosts checked in 1.076 seconds, 0 problems found (brought to you by Amanda 2.4.4p1) But the backups fail. Checking the logs in /tmp/amanda (on the clients), I see things like: sendbackup: time 0.000: stream_server: waiting for connection: 0.0.0.0.33011 sendbackup: time 0.001: stream_server: waiting for connection: 0.0.0.0.33012 sendbackup: time 0.001: stream_server: waiting for connection: 0.0.0.0.33013 sendbackup: time 0.001: waiting for connect on 33011, then 33012, then 33013 sendbackup: time 29.991: stream_accept: timeout after 30 seconds sendbackup: time 29.991: timeout on data port 33011 sendbackup: time 59.991: stream_accept: timeout after 30 seconds sendbackup: time 59.991: timeout on mesg port 33012 sendbackup: time 89.991: stream_accept: timeout after 30 seconds sendbackup: time 89.991: timeout on index port 33013 sendbackup: time 89.991: pid 1873 finish time Thu Jan 8 01:05:15 2004 All hosts were configured with: --with-tcpportrange=850,854 --with-udpportrange=850,854 So why am I getting connections on port 33011? I have 850-854 opened on the firewall, but if it's trying to connect on 33xxx then of course it's not going to work. On the server, my /etc/services has: amanda 850/udp # amanda backup services amanda 850/tcp kamanda 851/tcp # amanda backup services (Kerberos) kamanda 851/udp # amanda backup services (Kerberos) amandaidx 852/tcp # amanda backup services amidxtape 853/tcp # amanda backup services The clients have: amanda 850/udp amanda 850/tcp kamanda 851/udp amandaidx 852/tcp -- Mike Heller _ Mike Heller Software Developer Destiny Media Technologies Inc. clipstream.com T: (604) 609-7736 F: (604) 609 0611 [EMAIL PROTECTED]
Re: Unable to backup clients
On Mon, Jan 12, 2004 at 11:32:22AM -0800, Mike Heller wrote: I fixed the problem of the high server load by installing amanda version 2.4.4p1 on the server and the clients. ... But the backups fail. Checking the logs in /tmp/amanda (on the clients), I see things like: sendbackup: time 0.000: stream_server: waiting for connection: 0.0.0.0.33011 sendbackup: time 0.001: stream_server: waiting for connection: 0.0.0.0.33012 sendbackup: time 0.001: stream_server: waiting for connection: 0.0.0.0.33013 sendbackup: time 0.001: waiting for connect on 33011, then 33012, then 33013 sendbackup: time 29.991: stream_accept: timeout after 30 seconds sendbackup: time 29.991: timeout on data port 33011 sendbackup: time 59.991: stream_accept: timeout after 30 seconds sendbackup: time 59.991: timeout on mesg port 33012 sendbackup: time 89.991: stream_accept: timeout after 30 seconds sendbackup: time 89.991: timeout on index port 33013 sendbackup: time 89.991: pid 1873 finish time Thu Jan 8 01:05:15 2004 All hosts were configured with: --with-tcpportrange=850,854 --with-udpportrange=850,854 So why am I getting connections on port 33011? I have 850-854 opened on the firewall, but if it's trying to connect on 33xxx then of course it's not going to work. Note, I'm speaking from a position of ZERO experience on this: From the PORT.USAGE document: Pick the max of (2 * inparallel) and (3 * largest maxdumps). Allocate at least that many ports in the unprivileged (1024 or larger) range. Three questions: Did you allocate sufficient number of ports? Are they in the unprivileged range? Is the proper syntax for the option ...=N1,N2 or ...=N1-N2? jl -- Jon H. LaBadie [EMAIL PROTECTED] JG Computing 4455 Province Line Road(609) 252-0159 Princeton, NJ 08540-4322 (609) 683-7220 (fax)
Re: Unable to backup clients
Jon LaBadie wrote: On Mon, Jan 12, 2004 at 11:32:22AM -0800, Mike Heller wrote: I fixed the problem of the high server load by installing amanda version 2.4.4p1 on the server and the clients. ... But the backups fail. Checking the logs in /tmp/amanda (on the clients), I see things like: sendbackup: time 0.000: stream_server: waiting for connection: 0.0.0.0.33011 sendbackup: time 0.001: stream_server: waiting for connection: 0.0.0.0.33012 sendbackup: time 0.001: stream_server: waiting for connection: 0.0.0.0.33013 sendbackup: time 0.001: waiting for connect on 33011, then 33012, then 33013 sendbackup: time 29.991: stream_accept: timeout after 30 seconds sendbackup: time 29.991: timeout on data port 33011 sendbackup: time 59.991: stream_accept: timeout after 30 seconds sendbackup: time 59.991: timeout on mesg port 33012 sendbackup: time 89.991: stream_accept: timeout after 30 seconds sendbackup: time 89.991: timeout on index port 33013 sendbackup: time 89.991: pid 1873 finish time Thu Jan 8 01:05:15 2004 All hosts were configured with: --with-tcpportrange=850,854 --with-udpportrange=850,854 So why am I getting connections on port 33011? I have 850-854 opened on the firewall, but if it's trying to connect on 33xxx then of course it's not going to work. Note, I'm speaking from a position of ZERO experience on this: From the PORT.USAGE document: Pick the max of (2 * inparallel) and (3 * largest maxdumps). Allocate at least that many ports in the unprivileged (1024 or larger) range. Three questions: Did you allocate sufficient number of ports? Looking at that, I don't think so. I have inparallel=4, and I have no maxdumps set so the default is 1. I can reduce the inparallel number to see if that makes a difference. Currently I have ports 850-854, which is only 5 Are they in the unprivileged range? No, they are not, but that seems to contradict the Amanda FAQ which is what I followed. http://amanda.sourceforge.net/fom-serve/cache/139.html /You must pick ports under 1024 or amanda will complain of insecure ports used those ports should of course not conflict with other services listed in /etc/services. ( I suggest 850-854 or 859)/ Is the proper syntax for the option ...=N1,N2 or ...=N1-N2? --with-tcpportrange=low,high bind unreserved TCP server sockets to ports within this range unlimited --with-udpportrange=low,high bind reserved UDP server sockets to ports within this range unlimited So the command I used --with-tcpportrange=850,854 should be correct. Mike
RE: Unable to backup clients
Mike: There may be a bit of misunderstanding here. The TCP ports may be in the unprivileged range, since the ones we use here are 5-50040. We do have the UDP ports in the range of 890-899. See if you can try a different range on TCP ports and, if possible, allocate a larger range of ports (since Amanda will reuse them, but cannot use more than the port range at one time). Our options to the configure are: --with-portrange=5,50040 --with-udpportrange=890,899 Best of luck, Don Donald L. (Don) Ritchey E-mail: [EMAIL PROTECTED] -Original Message- From: Mike Heller [mailto:[EMAIL PROTECTED] Sent: Monday, January 12, 2004 3:58 PM To: [EMAIL PROTECTED] Subject: Re: Unable to backup clients Jon LaBadie wrote: On Mon, Jan 12, 2004 at 11:32:22AM -0800, Mike Heller wrote: I fixed the problem of the high server load by installing amanda version 2.4.4p1 on the server and the clients. ... But the backups fail. Checking the logs in /tmp/amanda (on the clients), I see things like: sendbackup: time 0.000: stream_server: waiting for connection: 0.0.0.0.33011 sendbackup: time 0.001: stream_server: waiting for connection: 0.0.0.0.33012 sendbackup: time 0.001: stream_server: waiting for connection: 0.0.0.0.33013 sendbackup: time 0.001: waiting for connect on 33011, then 33012, then 33013 sendbackup: time 29.991: stream_accept: timeout after 30 seconds sendbackup: time 29.991: timeout on data port 33011 sendbackup: time 59.991: stream_accept: timeout after 30 seconds sendbackup: time 59.991: timeout on mesg port 33012 sendbackup: time 89.991: stream_accept: timeout after 30 seconds sendbackup: time 89.991: timeout on index port 33013 sendbackup: time 89.991: pid 1873 finish time Thu Jan 8 01:05:15 2004 All hosts were configured with: --with-tcpportrange=850,854 --with-udpportrange=850,854 So why am I getting connections on port 33011? I have 850-854 opened on the firewall, but if it's trying to connect on 33xxx then of course it's not going to work. Note, I'm speaking from a position of ZERO experience on this: From the PORT.USAGE document: Pick the max of (2 * inparallel) and (3 * largest maxdumps). Allocate at least that many ports in the unprivileged (1024 or larger) range. Three questions: Did you allocate sufficient number of ports? Looking at that, I don't think so. I have inparallel=4, and I have no maxdumps set so the default is 1. I can reduce the inparallel number to see if that makes a difference. Currently I have ports 850-854, which is only 5 Are they in the unprivileged range? No, they are not, but that seems to contradict the Amanda FAQ which is what I followed. http://amanda.sourceforge.net/fom-serve/cache/139.html /You must pick ports under 1024 or amanda will complain of insecure ports used those ports should of course not conflict with other services listed in /etc/services. ( I suggest 850-854 or 859)/ Is the proper syntax for the option ...=N1,N2 or ...=N1-N2? --with-tcpportrange=low,high bind unreserved TCP server sockets to ports within this range unlimited --with-udpportrange=low,high bind reserved UDP server sockets to ports within this range unlimited So the command I used --with-tcpportrange=850,854 should be correct. Mike This e-mail and any of its attachments may contain Exelon Corporation proprietary information, which is privileged, confidential, or subject to copyright belonging to the Exelon Corporation family of Companies. This e-mail is intended solely for the use of the individual or entity to which it is addressed. If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution, copying, or action taken in relation to the contents of and attachments to this e-mail is strictly prohibited and may be unlawful. If you have received this e-mail in error, please notify the sender immediately and permanently delete the original and any copy of this e-mail and any printout. Thank You.
