12-07-2011 01:15 AM
Hi All,
I am recently doing client encryption testing. I had enabled encryption on both the policy shcedule and client perporities.
But after that, the backup failed with below error:
12/7/2011 4:35:23 PM - Error bpbrm(pid=6984) could not send server status message
12/7/2011 4:35:25 PM - end writing; write time: 00:00:29
allocation failed(10)
12/7/2011 4:35:30 PM - Info bpbkar32(pid=3528) done. status: 10: allocation failed
Both the client and server was 7.1
Solved! Go to Solution.
12-07-2011 04:47 AM
Did you configure the keys on the client?
C:\Program Files\VERITAS\NetBackup\bin>bpkeyutil -display
See Page 37 and Page 266 of the NetBackup Security and Encryption Guide.
Standard encryption backup process
The prerequisites for encrypting a standard backup are as follows:
■ Note: In NetBackup 7.1 the encryption software is automatically installed with
the NetBackup UNIX server and client installations.
A key file must exist. The key file is created when you run the bpkeyutil
command from the server or from the client.
■ The Encryption attribute must be selected on the NetBackup policy that
includes the client.
If the prerequisites are met, the backup takes place as follows:
■ The client takes the latest key from the key file.
For each file that is backed up, the following occurs:
■ The client creates an encryption tar header. The tar header contains a
checksum of the key and the cipher that NetBackup used for encryption.
■ To write the file data that was encrypted with the key, the client uses the
cipher that the CRYPT_CIPHER configuration entry defines. (The default
cipher is AES-128-CFB.)
Note: Only file data is encrypted. File names and attributes are not encrypted.
■ The backup image on the server includes a flag that indicates whether the
backup was encrypted.
12-07-2011 02:25 AM
Unix or Windows?
12-07-2011 04:47 AM
Did you configure the keys on the client?
C:\Program Files\VERITAS\NetBackup\bin>bpkeyutil -display
See Page 37 and Page 266 of the NetBackup Security and Encryption Guide.
Standard encryption backup process
The prerequisites for encrypting a standard backup are as follows:
■ Note: In NetBackup 7.1 the encryption software is automatically installed with
the NetBackup UNIX server and client installations.
A key file must exist. The key file is created when you run the bpkeyutil
command from the server or from the client.
■ The Encryption attribute must be selected on the NetBackup policy that
includes the client.
If the prerequisites are met, the backup takes place as follows:
■ The client takes the latest key from the key file.
For each file that is backed up, the following occurs:
■ The client creates an encryption tar header. The tar header contains a
checksum of the key and the cipher that NetBackup used for encryption.
■ To write the file data that was encrypted with the key, the client uses the
cipher that the CRYPT_CIPHER configuration entry defines. (The default
cipher is AES-128-CFB.)
Note: Only file data is encrypted. File names and attributes are not encrypted.
■ The backup image on the server includes a flag that indicates whether the
backup was encrypted.
12-07-2011 05:22 PM
Hi VirtualED,
Thanks.
i use bpkeyutil to create the key and it can backup now.