We have 30+ clients all on a VPN matrix. We have one central backuppc
server remotely collecting data from each client, storing only critical
data. We have a local backuppc server at each client doing local disk
storage including all of their PC's and servers.
The system works very well. Whether you have a local backuppc server or
not, the openvpn solution has been a very smooth approach to connectivity
to each client. Each client has their own unique subnet, by design. We
use the rsyncd method to backing up remotely as it allows us to throttle
the connection speed.
-- Brad Triem
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Les
Mikesell
Sent: Wednesday, September 12, 2007 11:24 AM
To: Ing. Daniel Manrique
Cc: backuppc-users@lists.sourceforge.net
Subject: Re: [BackupPC-users] operation with client sending its backup to
the server?
Ing. Daniel Manrique wrote:
> Due to ongoing reorganization of our network, I'll be faced with having
> several groups of clients behind firewalling routers. Behind each
> router, clients will get a private address via DHCP. While the routers
> themselves will have public, static IP, the clients inside each NATed
> network will be basically a soupy mess, so assigning a port for each
> client would be a chore. This wreaks havoc with having the backuppc
> server contacting each client for backup, since the clients are
> inaccessible from the outside, unless they are the ones starting the
> connection as per usual transparent NAT/proxying.
>
> I think the easiest way would be having a client on each computer, being
> responsible for waking up and initiating communication with the backuppc
> server, which will have a public IP address. Has this been done, is it
> possible?
You can do this with an ssh connection that sets up port-forwarding
started by the client, and configuring backuppc to connect to a
different local port for each machine. I think something like this has
been posted to the mail list.
> My second option at this point is to establish a sort of VPN between the
> NATed segments and my backuppc server. Does someone have a setup like
this?
This is much more straightforward if all of the private address ranges
are unique. Set up something like openvpn on a single machine on each
private subnet connecting to either the backuppc machine or another
machine that can be used as a router to reach them. Then it becomes
ordinary routing and can be used for other management and connectivity
operations among the private networks. Openvpn works pretty well in
this scenario using UDP with keepalives to keep the NAT connection
working.
--
Les Mikesell
[EMAIL PROTECTED]
-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2005.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
BackupPC-users mailing list
BackupPC-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/backuppc-users
http://backuppc.sourceforge.net/
No virus found in this incoming message.
Checked by AVG Free Edition.
Version: 7.5.485 / Virus Database: 269.13.15/1003 - Release Date:
9/12/2007 10:56 AM
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.5.485 / Virus Database: 269.13.15/1003 - Release Date:
9/12/2007 10:56 AM
-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2005.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
BackupPC-users mailing list
BackupPC-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/backuppc-users
http://backuppc.sourceforge.net/
