Previous  |  Next >  
Product: NetBackup System Administrator's Help  

Configuration Example

The example network in the next figure, Master to Media Server and Clients Example, shows a master server in a private (internal) network that is inside a firewall. You are going to use the administration client to manage the master server from outside the firewall. To meet the port requirements shown in this figure, you must configure NetBackup to:

  • Limit external connections to NetBackup in the private network by allowing nonreserved port connections to bpcd on the master server and the clients.
  • Limit NetBackup connections out of the private network by:
    • Allowing the master server to use only ports 923 through 1023 for reserved-port connections to the administration client (the default is 512 through 1023).
    • Allowing the clients to use only ports 4900 through 5000 for nonreserved-port connections to the administration client (the default is 1024 through 5000).
      • Note   Note    Any port limitations you configure on a NetBackup host apply to connections with all other NetBackup hosts, not just those on the other side of the firewall. Therefore, leave enough ports available to allow the necessary connections. The main factors to consider are the number of clients and whether multiplexing is used. If NetBackup runs out of ports, backups and restores cannot occur.

      Master to Media Server and Clients Example

      Click the thumbnail above to view full-sized image.

To configure NetBackup, perform the following steps on the master server. No configuration is required on the administration client.

  1. Add CLIENT_RESERVED_PORT_WINDOW=923 1023 to the bp.conf file.
    This specifies the reserved ports that the master server can use to originate connections, including those to the administration client.
  2. Specify that the master server can accept connections on its bpcd from nonreserved ports by adding ALLOW_NONRESERVED_PORTS to the bp.conf file.
  3. Specify that the clients can accept connections to their bpcd from nonreserved ports by running the following command:
      cd /usr/openv/netbackup/bin/admincmd
      ./bpclient -client client_name -add -connect_nr_port 1
      Where client_name is the name of the client (run the command for each client).
  4. On the clients:
    1. Add ALLOW_NONRESERVED_PORTS to the bp.conf file.
    2. Add CLIENT_PORT_WINDOW=4900 5000 to the bp.conf file.
        3. This specifies the nonreserved ports the client can use to originate connections.
 ^ Return to Top Previous  |  Next >  
Product: NetBackup System Administrator's Help  
VERITAS Software Corporation
www.veritas.com