Firstly, let me say that - from the security point of view - it's usualy
best idea to let the connection come from the director to the clients
(you usually connect from safer zone to less safe one).
Secondly -
https://docs.bareos.org/TasksAndConcepts/NetworkSetup.html#section-clientinitiatedconnection
"When both connection directions are allowed, the Bareos Director
1. checks, if there is a waiting connection from this client.
2. tries to connect to the client (using the usual timeouts).
3. waits for a client connection to appear (using the same timeout as
when trying to connect to a client)."
So I'd try to run debug on client first (run the client with appropriate
-d level, run tcpdump/wireshark) to see whether the client tries to
connect to daemon. If it does it's up to you to find on the network
level why it fails.
I'm also not sure how SELinux copes with client-initiated connections
(in case you use SELinux of course).
Best regards,
MK
On 13.09.2019 11:45, Jörg Steffens wrote:
The first thing you should check is if the client is connected to the
Director.
For this, use the bconsole.
In there use the command
"status dir"
It shows you the list of clients that are connected to the Director.
Header is:
Client Initiated Connections (waiting for jobs):
If your client does not show up there, it is not connected to the
Director and will therefore fail.
regards,
Jörg
On 13.09.19 at 10:35 wrote John Saruni:
Hi Listers,
I am running Bareos (Director and FD) Version: 18.2.5. I have clients
behind a NAT gateway. It is not feasible to configure 1:1 NAT for all
the clients. A little research pointed me to a client initiated network
connection model. My config files for this model are:
1.Director's client resource
[root@bareos ~]# cat /etc/bareos/bareos-dir.d/client/activeclient.conf
Client {
Name = activeclient
Address = ww.xx.yy.zz
Password = xxxxxxx
Connection From Director To Client = no
Connection From Client To Director = yes
Heartbeat Interval = 60
}
[root@bareos ~]#
2.FD's director resource
[root@backup ~]# cat /etc/bareos/bareos-fd.d/director/bareos-dir.conf
Director {
Name = bareos-dir
Address = zz.yy.xx.ww
Password = "[md5]xxxxxxxxxx"
Connection From Client To Director = yes
}
[root@backup ~]#
All the other director configs (schedule, fileset, jobdef, job, etc) are
as per the default model (where the Bareos Director connects to the
clients).
The backup job fails with the following errors:
Fatal error: Failed to connect to client "activeclient".
Fatal error: No Job status returned from FD.
This means the director is still initiating requests.
I have confirmed that the FD is running and respective Bareos ports
allowed on the firewall
Has anyone successfully implemented the active client model? Please assist
Thanks in advance.
--
You received this message because you are subscribed to the Google
Groups "bareos-users" group.
To unsubscribe from this group and stop receiving emails from it, send
an email to [email protected]
<mailto:[email protected]>.
To view this discussion on the web visit
https://groups.google.com/d/msgid/bareos-users/ecf0c4bf-abcc-483b-a5da-b40d739c788e%40googlegroups.com
<https://groups.google.com/d/msgid/bareos-users/ecf0c4bf-abcc-483b-a5da-b40d739c788e%40googlegroups.com?utm_medium=email&utm_source=footer>.
--
You received this message because you are subscribed to the Google Groups
"bareos-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/bareos-users/069ab8f3-be82-9a68-5451-d49e0120b46b%40gmail.com.
