Hello everybody,I need your advice. A security admin says me than a communication is registered by firewall, from Netbackup Server to a IP. This IP is configured on a server which don't have Netbackup client...I had verified, all client registred in client list on master, by pinging them. No success.Firewall saved communications in a laps time where as, activity monitor doesn't running anything.Obviously, I've executed bptestbpclntcmd without any success ("can't connect on socket").How can I research any information about this strange thing ?Port communication are 1556 and 13724.Thanks.

Hello, You may want to check Policy deployment in your console, I had a kind of similar problem ebfoer, and by checking this side, I found that the client was in a deployment policy, once we deleted it, we had no more errors.. btw, the errors we had were logged in Problems report, do you have that too? good luck

Likely the client is defined somewhere in the Netbackup environment. To get a idea, I would something like this # vxlogview -p 51216 -t 01:30:00 | grep -i NAME_OF_SERVER -t 01:30:00 will in all logs back for 1 hour and 30 minutes Hopefully the log output will give some clue/ideas where client is specified.. Technotes about vxlogview: https://www.veritas.com/support/en_US/article.100017099https://www.veritas.com/support/en_US/article.100017292 Best RegardsNicolai

As mentioned by others, check and make sure there's not another interface on the Client that NetBackup DOES know about. You may also want to do a quick nslookup or such on the client's IP, see if it points to multiple hostnames - maybe one old & one new ? Or a box with one IP but different apps access it using different DNS aliases ? I've seen cases where an old hostname got reused for a new box, as well as cases where the DNS minions forgot to clean out the old IP map entries entirely and you get multiple names pointing to the same IP. If there's only the one interface in DNS and on the Client then as far as tracking under v8.1 goes : On the Master - egrep -i "clienthostname | clientIP" /etc/hosts (where clientshorthostname & clientIP are replaced by the appropriate values, of course) ls -l /usr/openv/netbackup/db/images |egrep -i "clientshorthostname | clientIP " (again, replace those values) That will tell you what the Master knows about. If you have entries in the images directory, the Master was told at some point to talk to that Client - or at least a Client with that particular name (which is yet another reason why it's bad to backup an IP instead of a hostname). If you do see an entry in images you can do a quick search and see what backup images, if any, still exist for that name. sudo /usr/openv/netbackup/bin/admincmd/bpimagelist -d 1/1/1970 -U -client hostnameinimages $5 says NetBackup is doing exactly what it's been told to though. =)

did you run bpcltncmd -clear_host_cache ? what is the name of the previous client that has that ip adresse ? and what is the ip adresse too? you may want to share your nbsu from the master server?? also check master's props (resilient network, proxies..) do you have errors in your problem reports? do you have those entries at the same time everyday? or like every 1 hour?

You can increase logging levels by modifying the VERBOSE setting in bp.conf. Do you know if the firewall is seeing the hostname or the IP? I'd search the NBU logs for both hostname and IP, too. Use the same DNS servers the Master is using to do a reverse lookup of the IP to see what it resolves to on the Master, too, that might help. If this IP was used elsewhere previously, it is entirely conceivable the hostname is not being resolved according to its new settings. It could be a single DNS server didn't update properly, something is cached somewhere inside NBU, or a hosts file has an entry in it. Have you checked /etc/hosts?

Trace netbackup communication with an IP

jnardello
Moderator
5 years ago
As mentioned by others, check and make sure there's not another interface on the Client that NetBackup DOES know about. You may also want to do a quick nslookup or such on the client's IP, see if it points to multiple hostnames - maybe one old & one new ? Or a box with one IP but different apps access it using different DNS aliases ? I've seen cases where an old hostname got reused for a new box, as well as cases where the DNS minions forgot to clean out the old IP map entries entirely and you get multiple names pointing to the same IP. If there's only the one interface in DNS and on the Client then as far as tracking under v8.1 goes : On the Master - egrep -i "clienthostname | clientIP" /etc/hosts (where clientshorthostname & clientIP are replaced by the appropriate values, of course) ls -l /usr/openv/netbackup/db/images |egrep -i "clientshorthostname | clientIP " (again, replace those values) That will tell you what the Master knows about. If you have entries in the images directory, the Master was told at some point to talk to that Client - or at least a Client with that particular name (which is yet another reason why it's bad to backup an IP instead of a hostname). If you do see an entry in images you can do a quick search and see what backup images, if any, still exist for that name. sudo /usr/openv/netbackup/bin/admincmd/bpimagelist -d 1/1/1970 -U -client hostnameinimages $5 says NetBackup is doing exactly what it's been told to though. =)
- AntBar
  Level 5
  5 years ago
  bpcltncmd -clear_host_cache don't help.
  I've review HOST file on master, and IP is not present.
  Browsing Client backup from earliest and IP, don't help, same result from catalog.
  All agents listed in Netbackup Admin console respond with thier IP normally.
  Somewhere in Netbackup configuration, I have a process which call this IP...but where...
  - Hamza_H
    Moderator
    5 years ago
    you may want to check opscenter too..? just in case..
Nicolai
Moderator
5 years ago
Is it only the master server that is trying to connect to the client, or does the firewall also show reply from client ?

How are IP assigned, uing DHCP or static, if using DHCP try clearing out Netbackup host cache:

bpclntcmd -clear_host_cache
- AntBar
  Level 5
  5 years ago
  Only the master try to access it.
  IP are fixed.
  - Nicolai
    Moderator
    5 years ago
    Likely the client is defined somewhere in the Netbackup environment. To get a idea, I would something like this
    
    # vxlogview -p 51216 -t 01:30:00 | grep -i NAME_OF_SERVER
    
    -t 01:30:00 will in all logs back for 1 hour and 30 minutes
    
    Hopefully the log output will give some clue/ideas where client is specified..
    
    Technotes about vxlogview:
    
    https://www.veritas.com/support/en_US/article.100017099
    https://www.veritas.com/support/en_US/article.100017292
    
    Best Regards
    Nicolai

Forum Discussion

Trace netbackup communication with an IP

Related Content

NetBackup BMR Restore failed communication master server

netbackup server and client communication

MySQL 5.1.36 Community Edition

Netbackup 8 communicate problem

Netbackup client communication error