Fedora Core 6 questions: correct image + NetBackup client
(new user... hope I'm posting in the right forum...)
For a file server within our small department I downloaded Fedora Core 6 and put it on an older model Intel platform box (Dell Optiplex GX270). Everything has worked so far, except the NetBackup client. I installed xinetd thinking it was more a communications problem, but things were still not working after what I thought would be the proper communications setup. Doing further reading leads me to two questions: 1 - How do I tell for sure if I am using the most functional level of Fedora Core 6 possible for my hardware platform? I installed the i386 images. I'm not sure how to tell if I could be using a more feature-rich image or not. 2 - Other readings lead me to believe that the NetBackup client won't work on Fedora Core 6. Another post had a user going back to Fedora Core 4 due to the lack of support for LinuxThreads at Fedora Core 5+. Is there any possibliity of getting this client software to work on Fedora Core 6? periodic tars of the critical directories is my only other choice at this point. Thanks! |
The good news is FC6 while not supported does work (at least for NB 5.1 MP4).
By default xinetd doesn't get installed on Fedora Core 6 (or 5 and probably 4). The NetBackup (5.1) client install being brain dead checks for xinetd and assumes there is inetd if not found so creates /etc/inetd.conf. However FC doesn't use inetd either so this file is totally useless. Also since FC isn't "officially" supported by NetBackup I've given up trying to load the client from the master. The way I got it to work (5.1MP4): 1) yum install xinetd 2) Put the NBU client CD in the drive of the FC6 box and did the install from that. (Picked 2.4 kernel I believe since it doesn't have FC.) This created the correct xinetd entries. 3) Did firewall setup (iptables was running on the FC6 box) Notes below are from when I first had to do firewall for RedHat but should work as they are what I referred to when doing FC5 and FC6 clients a month or so ago: The following is what I did in NetBackup for backing up client Open Netbackup Java GUI Go to Host Properties Go to Master Servers Double click on master server In Master Server Properties box go to Client Attributes Click Add Type in name of client and hit enter to add it to list. Select (highlight) the client from list Under BPCD Connect Back click the VNETD Port radio button Click OK. Exit and you're done with the GUI. After that at command line on master run "bprdreq -rereadconfig". (Note - this worked but manual and support indicated bouncing daemons is the only SURE way to do it.) Also for above to work if you have an firewall between the machines you must be sure must open the following ports on the internal firewall: Media >> Client 13782 (bpcd) Client >> Media 13724 (vnetd) Media being the media server (master server in this case). Unfortunately it requires a separate port coming back instead of using the one that initiated which is why you have to open both. If you have Network/Security admin they'll complain about that but this is the only way it works. At least this does limit it to the above - without the GUI config done above it would use random ports . ================================================================================ iptables rules I used (host based firewall) (preFC6 may be slightly different there - didn't record it if so) To add permission to iptables on client: Verify iptables is running with iptables -L and that its last entry is to block icmp. (If not running iptables -L will only show about 3 lines.) 1) iptables -D RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited ### Deletes the icmp rule 2) iptables -A RH-Firewall-1-INPUT -m state --state NEW -p tcp --dport bpcd-j ACCEPT --src <ip of master server> ### Opens bpcd port for master server to use. 3) iptables -A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited ### Readds the icmp rule as last rule. 4) iptables-save >/etc/sysconfig/iptables ### Saves to file read on iptables start. Step 2 above assumes 13782 for bpcd tcp is in /etc/services already. Step 4 is necessary so after a reboot or bounce of iptables it will reestablish the rules. P.S. Left out in step 2 - also applied the MP4 update from a CD I'd burned for the purpose. I got it working without the update on the client but wanted it there since that was the level the master was at. |
ok i am trying to install netback up client on redhat enterprise 4
this is the dump i am getting . could anyone shed some light. OS Level Options ---------------- 1. IBMpSeriesRedHat2.6 2. IBMpSeriesSuSE2.6 3. IBMzSeriesLinux2.4.21 4. RedHat2.4 q To quit from this script If your Operating System is a newer level than those listed, choose the highest level. Enter Choice [1 - 4] 4 This package will install Linux/RedHat2.4 client. NetBackup client is currently at release level 6.0MP4. This package will install NetBackup client 6.0MP4. /usr/openv/netbackup/bin/bpps: error while loading shared libraries: libstdc++-l ibc6.2-2.so.3: cannot open shared object file: No such file or directory openv/ openv/lib/ openv/lib/libVmangle.so openv/lib/libVnbatST.so_new openv/lib/libVnbat.so openv/lib/libVnbatST64.so_new openv/lib/libVnbat64.so openv/lib/libVcvcomb.so openv/lib/libVcvcombMT.so openv/lib/libVxSS_helper.so_new openv/lib/libVxSS_helperMT.so openv/lib/libVcvcomb64.so openv/lib/libVcvcombMT64.so openv/lib/libVxSS_helper64.so_new openv/lib/libVxSS_helperMT64.so openv/lib/libvnoauth.so_new openv/lib/libvnoauth64.so_new openv/lib/libvopie.so_new openv/lib/libvopie64.so_new openv/lib/libVnbconf.so_new penv/lib/libVnbconfMT.so openv/lib/libVnbconf64.so_new openv/lib/libVnbconfMT64.so openv/lib/libcatbackup.so openv/lib/libcatbackupMT.so openv/lib/libSigScheduleJNI.so openv/lib/libubs.so openv/lib/libdbsb.so openv/lib/libxbsa.so openv/lib/libxbsa64.so openv/lib/libnbbeclass.so openv/lib/libnbbestdutl.so openv/lib/libnbbedscomn.so openv/lib/libxm.so openv/lib/libubsMT.so openv/lib/libnbbeclassMT.so openv/lib/map/ openv/lib/map/libdisk.so openv/lib/map/librawp.so openv/lib/libnbbestdutlMT.so openv/lib/libnbbedscomnMT.so openv/lib/libxbsaMT.so openv/lib/libxbsaMT64.so openv/lib/libdbsbMT.so openv/lib/libVcvcomb_noul.so openv/lib/libVnbconf_noul.so openv/lib/libVcvcomb64_noul.so openv/lib/libVnbconf64_noul.so openv/lib/libvxACE.so.3 openv/lib/libvxACEST.so.3 openv/lib/libvxicui18n.so openv/lib/libvxicudata.so openv/lib/libvxicuuc.so openv/lib/libvxstlport.so openv/lib/libvxustdio.so openv/lib/libvxxml4c.so openv/lib/libvxxml4cST.so openv/lib/libvxicui18nST.so_new openv/lib/libvxicudataST.so_new openv/lib/libvxicuucST.so_new openv/lib/libvxstlportST.so_new openv/lib/libvxustdioST.so_new openv/lib/libvxexticu.so openv/lib/libvxlis.so openv/lib/libvxul.so openv/lib/libvxexticuST.so_new openv/lib/libvxlisST.so_new openv/lib/libvxulST.so_new openv/lib/libmap.so openv/lib/libvfutil.so openv/netbackup/ openv/netbackup/bin/ openv/netbackup/bin/bpbkar openv/netbackup/bin/bpcd_new openv/netbackup/bin/bpdynamicclient openv/netbackup/bin/bpfilter openv/netbackup/bin/bpbackup openv/netbackup/bin/bprestore openv/netbackup/bin/bplist openv/netbackup/bin/bpclimagelist openv/netbackup/bin/bpclntcmd openv/netbackup/bin/bphdb openv/netbackup/bin/bpmount openv/netbackup/bin/bpfis openv/netbackup/bin/merge_auth_templates openv/netbackup/bin/bpjava-msvc openv/netbackup/bin/bpjava-usvc openv/netbackup/bin/bp openv/netbackup/bin/mtfrd openv/netbackup/bin/bpnbat openv/netbackup/bin/vxss_db_paths openv/netbackup/bin/bmrsavecfg openv/netbackup/bin/bmrsetupclient openv/netbackup/bin/vxlogcfg openv/netbackup/bin/vxlogmgr openv/netbackup/bin/vxlogview openv/netbackup/bin/bmrc openv/netbackup/bin/private/ openv/netbackup/bin/private/nblogcfg openv/netbackup/bin/private/nbloggen openv/netbackup/bin/private/nblogmgr openv/netbackup/bin/private/nblogview openv/netbackup/bin/bptpcinfo openv/netbackup/bin/bpps openv/netbackup/bin/bp.kill_all openv/netbackup/bin/support/ openv/netbackup/bin/support/bin/ openv/netbackup/bin/support/bin/nbsauth openv/netbackup/bin/support/bin/nbsemmconf openv/netbackup/bin/support/bin/nbsfscoverage openv/netbackup/bin/support/bin/nbsndmpattr openv/netbackup/bin/support/bin/nbsresolve openv/netbackup/bin/support/doc/ openv/netbackup/bin/support/doc/nbsupport_help.html openv/netbackup/bin/support/doc/nbsupport_readme.txt openv/netbackup/bin/support/nbsupport openv/netbackup/nblog.conf.template openv/bin/ openv/bin/vauth_testd openv/bin/vauth_util openv/bin/vauth_test openv/bin/vopie_util openv/bin/vopied openv/bin/vnetd_new openv/var/ openv/var/auth/ openv/var/auth/template.methods.txt openv/var/auth/template.methods_allow.txt openv/var/auth/template.methods_deny.txt openv/var/auth/template.names_allow.txt openv/var/auth/template.names_deny.txt openv/var/vnetd/ openv/var/vnetd/inetd_bpcd.txt openv/var/vnetd/inetd_bpjava-msvc.txt openv/var/vnetd/inetd_vopied.txt openv/resources/ openv/resources/bmrcommon_root.res openv/resources/bmrd_root.res openv/resources/bmrmedia_root.res openv/resources/bmrpkg_root.res openv/resources/bmrc_root.res openv/resources/bmrsavecfg_root.res openv/resources/bmrsetup_root.res openv/resources/bmrsrt_root.res openv/resources/bmrrestore_root.res openv/resources/vxul_root.res openv/msg/ openv/msg/.conf /usr/openv/netbackup/bin/bpps: error while loading shared libraries: libstdc++-l ibc6.2-2.so.3: cannot open shared object file: No such file or directory + /bin/cp NB-Java.tar.Z /usr/openv Installing NB-Java. + /bin/cp ./nbj.conf /usr/openv/java /usr/openv/netbackup/bin/bmrsetupclient: error while loading shared libraries: libstdc++-libc6.2-2.so.3: cannot open shared object file: No such file or directory Send a SIGHUP to inetd or xinetd so the (x)inetd.conf file will be reread. Reloading configuration: [ OK ] File /usr/openv/tmp/install_trace.399 contains a trace of this install. That file can be deleted after you are sure the install was successful. [root@localhost NB_60MP4_CLIENTS2_20061204b]# |
As noted above it worked with 5.1 MP4. Hadn't tried 6.0 yet.
Your libstdc++ errors though - often you'll see this on newer OSes when loading older packages. run "rpm -qa |grep libstdc" You should of course make sure you have libstdc++<version> installed and that it is at least greater than you see in your message. A lot of times having "compat-libstdc++<version>" installed will make your system backwardly comaptible. I'm guessing your rpm -qa won't show you have compat-libstdc++. If not you can install it with yum: On my FC6 system I have two different compat-libstdc++ loaded: compat-libstdc++-33-3.2.3-61 compat-libstdc++-296-2.96-138 You can install the latest -33 and -296 by doing: yum install compat-libstdc++-33 yum install compat-libstdc++-296 Also insure you've already installed xinetd - as noted in my earlier post it doesn't get installed by default in FC6. yum install xinetd. After that I'd reinstall the NBU client to insure it was OK. |
5.1MP4 client with 6.0MP4 server
We've just recently purchased NetBackup 6.0 and I'm trying to get it to work. Here's my setup:
NetBackup Server OS: RHEL 3.0 U8 | NB Version: 6.0MP4 Clients OS: (2) RHEL 3.0 U8 | NB Version: 6.0MP4 (2) RHEL 4.0 | NB Version: 6.0MP4 (2) FC6 | NB Version: 5.1MP4 Should work, right? It doesn't. I've followed the instructions above, except for the iptables stuff; it isn't running on the FC6 machines or the NB server. rpm -qa |grep libstdc compat-libstdc++-33-3.2.3-61 compat-libstdc++-296-2.96-138 libstdc++-4.1.1-51.fc6 libstdc++-devel-4.1.1-51.fc6 nmap localhost.backup|grep backup 13722/tcp open VeritasNetbackup 13782/tcp open VeritasNetbackup 13783/tcp open VeritasNetbackup Veritas/Symantec says the the 5.1 client will work with a 6.0 server, you guys say the 5.1 client works on FC6, but it isn't working for me. If I go to Host Properties -> Clients and select my FC6 machines, I get "cannot connect on socket (Status 25)". Like I said earlier, there's no firewalls running, so I don't understand why it can't connect at all. With the 6.0 client, I was at least getting socket read and socket write errors. Any ideas why this isn't working? |
I don't see where you mention xinetd. NBU install is brain dead - it will check for xinetd and if not there will assume you have inetd. However by default FC6 doesn't come with either. You can install xinetd THEN reinstall the NBU client. You should also remove the /etc/inetd.conf file NBU created on the first install as it has no validity. On the reinstall with xinetd in place it should create files in /etc/xinetd.d for:
bpcd bpjava-msvc vnetd vopied xinetd and inetd are two different ways of doing essentially the same thing. Rather than run a daemon that is "listening" all the time and taking up CPU cycles and memory when not in use these mechanisms do the listening for the ports and open the daemon only when they see a request for it. In this way there is only one daemon for all the services instead of a daemon for each of them. What does "rpm -q xinetd" show? |
I didn't mention it, but yeah, xinetd is installed, and was before the NB client install
rpm -q xinetd xinetd-2.3.14-8 |
You got "cannot connect on socket". This was AFTER you successfully installed NBU client on the FC6 box?
If so it may mean you have ports blocked somewhere on your network. e.g. firewall external to the server, iptables, SELinux or something else on the Linux server or some firewall you're running on your master server itself. What happens if you try "telnet <client> bpcd" from the master? What happens if you try "telnet <client> vnetd" from the master? On the client what happens if you try "telnet 127.0.0.1 bpcd"? On the client what happens if you try "telnet 127.0.0.1 vnetd"? FYI: If you get something like: Trying... Connected to <client or 127.0.0.1> Escape character is '^]'. You hit Ctrl and ] to get a telnet prompt then type "quit" to exit the connection. If the 127.0.0.1 on client works but the telnet from master doesn't work then it means something IS blocking the ports. |
pohl is the server, bradbury is the client:
[kevin@pohl kevin]$ telnet bradbury bpcd Trying 192.168.100.155... Connected to bradbury (192.168.100.155). Escape character is '^]'. gethostbyaddr: Success Connection closed by foreign host. [kevin@pohl kevin]$ telnet bradbury vnetd Trying 192.168.100.155... Connected to bradbury (192.168.100.155). Escape character is '^]'. ^] telnet> quit Connection closed. [kevin@pohl kevin]$ ssh bradbury kevin@bradbury's password: Last login: Mon Mar 26 12:31:01 2007 from 192.168.1.158 [kevin@bradbury ~]$ telnet 127.0.0.1 bpcd Trying 127.0.0.1... Connected to bradbury.booksense.com (127.0.0.1). Escape character is '^]'. ^] telnet> quit Connection closed. [kevin@bradbury ~]$ telnet 127.0.0.1 vnetd Trying 127.0.0.1... Connected to bradbury.booksense.com (127.0.0.1). Escape character is '^]'. ^] telnet> quit Connection closed. |
It seems there's a problem with bpcd on the client. Only the FC6 machines are returning:
gethostbyaddr: Success Connection closed by foreign host. I'll have to look into that, I've added server_args = -debug to /etc/xinetd.d/bpcd and now when I connect I get bind(13782) failed: 98 Connection closed by foreign host. any hints? |
From your results it appears something IS listening on the bpcd port and allowing connection locally but blocking it from remote. That would suggest to me it is a firewall issue.
Do "grep bpcd" /etc/services on both client and master to be sure they have the same port number (should be 13782) defined. That will verify you were using same port remotely and locally. Assuming you have SELinux disabled (most people do) then turnning off iptables on the client would be the next thing I'd try: service iptables stop Do your remote telnet test again and if it works then its an issue in your iptables setup.. You can turn iptables back on by running "service iptables start". |
It is bpcd that is listening on the port. The /etc/services entries are there and correct, its listed twice in fact, but that shouldn't make a difference. As for SElinux and iptables, they're both disabled/off. iptables, (and ip6tables now, too!) are turned off on all my servers because of random port assignment from our previous backup software.
If I turn xinted off, I get a "Connection refused" and the only services that xinetd has enabled are: bpcd, bpjava-msvc, vnetd, and vopied. So, there's something wrond specifically with bpcd; I just don't know what... |
One thing. This requires at least one port open from the client to the server and one from the server to the client. (That is to say it doesn't do a single two-way connection like many things but rather opens two different one way ports.) Make sure you don't have something on the NBU master server that is preventing connections back.
Also NetBackup does random port assignments unless you configure it for firewall. Maybe it will help to set it up as if it were firewalled from NetBackup's perspective. I did that to prevent the random port assignments you speak of so I could turn on iptables. Notes I wrote myself about doing this: FYI the following is what I did in NetBackup for backing up a client. Open Netbackup Java GUI Go to Host Properties Go to Master Servers Double click on master server In Master Server Properties box go to Client Attributes Click Add Type in name of client and hit enter to add it to list. Select (highlight) the client from list Under BPCD Connect Back click the VNETD Port radio button Click OK. Exit and you're done with the GUI. After that at command line on master run "bprdreq -rereadconfig". (Note - this worked but manual and support indicated bouncing daemons is the only SURE way to do it.) Also for above to work the following ports on the internal firewall have to be open if you have one: Media >> Client 13782 (bpcd) Client >> Media 13724 (vnetd) Media being the media server (the master server in this case). ================================================================================ Notes on iptables (host based firewall) to allow above to work: Verify iptables is running with iptables -L and that its last entry is to block icmp. (If not running iptables -L will only show about 3 lines.) 1) iptables -D RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited ### Deletes the icmp rule 2) iptables -A RH-Firewall-1-INPUT -m state --state NEW -p tcp --dport bpcd -j ACCEPT --src <IP of master server> ### Opens bpcd port for master server. 3) iptables -A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited ### Readds the icmp rule as last rule. 4) iptables-save >/etc/sysconfig/iptables ### Saves to file read on iptables start. Step 2 above assumes 13782 for bpcd tcp is in /etc/services already. Step 4 is necessary so after a reboot or bounce of iptables it will reestablish the rules |
So did you get it working?
|
Sorry, I haven't gotten it to work yet. I was away on vacation last week and haven't done much with it. We had a few hardware failures(two HDs and an HBA) while I was gone and I'm working on fixing that. I'm going to follow your suggestions later this week. Thanks for your help and I'll post my results later. Thanks!
|
All times are GMT -5. The time now is 12:03 AM. |