Forum Discussion

K_Miller's avatar
K_Miller
Level 4
10 years ago

Library not enabled - Drive Control is AVR

We have just added to our environment, a new NBU 7.6.0.2 Linux media server that sits behind a firewall.

The new media server is configured for SSO and has access to all SAN attached drives in-scope, emm server shows correctly, all drives show UP and robotic definition looks normal.

The NetBackup console shows the library connection for the new media server as NOT enabled and all associated tape drives are in AVR control.

We have popped some holes through the FW for port 1556 but I'm wondering if there are other ports required? Port 1556 is opened between the new media server, master server and the library control host which is also configured seperately.

The library is completely functional for everything except the new media server.

Any ideas what direction I should be looking in?

Thx,

-Kevin

  • 1556 should be the only port that needs to be open bi-directional between master and media server and between robot control host and media server. Check forward and reverse name lookup in all directions and SERVER entries for one another. Find out if any NAT'ing is in place. You may need to add hosts entries on master and robot control host for NAT'ed IP address. Use bptestbpcd in all directions to test connectivity.
  • 1556 should be the only port that needs to be open bi-directional between master and media server and between robot control host and media server. Check forward and reverse name lookup in all directions and SERVER entries for one another. Find out if any NAT'ing is in place. You may need to add hosts entries on master and robot control host for NAT'ed IP address. Use bptestbpcd in all directions to test connectivity.
  • Remember the 1556 is the destination inbound port for pbx, the source port is usually in the non-reserved port range. Think the firewall/port guide does not describe this properly.

    The problem can be that on dedicated firewalls you need to give both the source and destination ports.

    I would talk with the firewall administrator and get him/her to see if there was any drops/blocked connections