NBU - Firewall

Hi,

Would like to confirm on firewall settings of NBU.

Originally, customer's firewall is off for NBU environment. Now, they opened ports 13782, 13724, 1556, 13720 and 13783 and wants to turn on firewall.

I believe backups will still run because the important ports are open. Is it safe to say that they can turn on their firewall even there are on-going backups? Will backups be interrupted?

Thanks!

NBU version is 7.6.0.4 running on Win 2008 R2

Backup and Recovery

NetBackup

Troubleshooting

Windows Server (2003-2008)

Marianne
10 years ago
Most of those ports were needed in pre-6.x days. NBU 7.6 only needs port 1556 for normal backup and restore. There are more ports needed for dedupe and certain other features, so best to have a look at the NBU Ports Reference Guide : http://www.veritas.com/docs/DOC6716
Nicolai
10 years ago
What brand of firewall is it - do you have a model number ?

Most firewall are not designed for bulk traffic - so backup will be negative affected by the firewall.

Typical they have a fixed bandwidth - lets say 50MB/sec.

One client - no problem 50MB/sec

Two clients - well backup speed down to 25/sec per client

Four 4 backup clients - 12.MB/sec per client

8 clients - well figure it out :-) Furthermore it will very hard to reach a agreed backup window at that speed.

6 Replies

Marianne
Level 6
10 years ago
Most of those ports were needed in pre-6.x days. NBU 7.6 only needs port 1556 for normal backup and restore. There are more ports needed for dedupe and certain other features, so best to have a look at the NBU Ports Reference Guide : http://www.veritas.com/docs/DOC6716
nbuengr
Level 5
10 years ago
Thanks Marianne!

Given we open the required ports and turn on the firewall will it have impact on running backups?
Marianne
Level 6
10 years ago
I am not a firewall expert. You need to ask your firewall admin what happens to established ports when firewall is activated.
Mouse
Moderator
10 years ago
This higly depends upon type of backup you doing, if it's just a normal LAN backup to a media server then you should be good with 1556, however if you're running old clients using VNETD, deduplication or any direct-to-OST 3-rd party storage, it's a different kettle of fish.

The ports guide suggested above gives all required details you or your network team need to figure out what ports are required in your configuration. It's not a product question, it's your network and backup configuration question and we collectively have no clue about either.
Nicolai
Moderator
10 years ago
What brand of firewall is it - do you have a model number ?

Most firewall are not designed for bulk traffic - so backup will be negative affected by the firewall.

Typical they have a fixed bandwidth - lets say 50MB/sec.

One client - no problem 50MB/sec

Two clients - well backup speed down to 25/sec per client

Four 4 backup clients - 12.MB/sec per client

8 clients - well figure it out :-) Furthermore it will very hard to reach a agreed backup window at that speed.
Michael_G_Ander
Level 6
10 years ago
Do be aware that hardware firewalls often require both source and destination ports to be configured, not just the destination ports given in the network port guide from Veritas

Would always turn firewalls on outside the backup window if possible, and make sure that monitoring/logging on them was enable to see dropped/rejected connections

Forum Discussion

NBU - Firewall

6 Replies

Related Content

NetBackup Firewall Ports ????

NBU v10 retention

Backup Exec 15 firewall ports requirements

NBU error 58

Windows Firewall problems