The master server initiates TCP connections through ports 13724, 1556 with IP addresses that are not clients of this server. Information obtained from TCP dump.
Analysis of the bpcd points to the refreshing procedure of the Certificate Revocation List:
“… Executing nbcertcmd -getAllCRL to get CRL for all domains”
Question: to what range does the “for all domains” action apply?
Question: why does Master Server initiate TCP connections to IP addresses that are not clients? How can this be disabled?
Thanks in advance for answer
I can answer part of the question. All domains in this context means all NetBackup domains the master servers knows about. On a linux master I have a fuller extract from the bpcd logs makes it a bit clearer what is going on:
bpcd main: Starting CRL refresh for all domains
refreshAllCRLs: Calling getAllCRL() for configured NBCAs
executeCommand: execv </usr/openv/netbackup/bin/nbcertcmd -getAllCRL>
refreshAllCRLs: Removing expired CRLs via cleanupCRLCache()
executeCommand: execv </usr/openv/netbackup/bin/nbcertcmd -cleanupCRLCache -expired>
As for why the connections are being initiated to IPs that are not clients, not sure. However, does this master server participate as a replication source or target - so have NBCAs (NetBackup Certificate Authority) - if so, this may be why it is attempting to contact IPs outside the immediate NetBackup domain.