This repository has been archived by the owner on Mar 19, 2021. It is now read-only.
/
lanaddress.tex
98 lines (81 loc) · 3.05 KB
/
lanaddress.tex
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
\section{Using different IP Adresses for SD -- FD Communication}
\label{LanAddress}
\index[general]{Lan Address}
Bareos supports network
topologies where the \bareosFd and \bareosSd are situated inside of a LAN, but the \bareosDir is
outside of that LAN in the Internet and accesses the \bareosFd and \bareosSd via SNAT / port forwarding.
Consider the following scheme:
\begin{commands}{}
/-------------------\
| | LAN 10.0.0.1/24
| |
| FD_LAN SD_LAN |
| .10 .20 |
| |
\___________________/
|
NAT Firewall
FD: 8.8.8.10 -> 10.0.0.10
SD: 8.8.8.20 -> 10.0.0.20
|
/-------------------\
| |
| | WAN / Internet
| DIR |
| 8.8.8.100 |
| |
| FD_WAN SD_WAN |
| .30 .40 |
\___________________/
\end{commands}
The \bareosDir can access the \host{FD_LAN} via the IP 8.8.8.10, which is
forwarded to the IP 10.0.0.10 inside of the LAN.
The \bareosDir can access the \host{SD_LAN} via the IP 8.8.8.20 which is
forwarded to the IP 10.0.0.20 inside of the LAN.
There is also a \bareosFd and a \bareosSd outside of the LAN, which have the IPs
8.8.8.30 and 8.8.8.40
All resources are configured so that the \configdirective{Address} directive gets the
address where the \bareosDir can reach the daemons.
Additionally, devices being in the LAN get the LAN address configured in
the \configdirective{Lan Address} directive. The configuration looks as follows:
\begin{bareosConfigResource}{bareos-dir}{client}{FD\_LAN}
Client {
Name = FD_LAN
Address = 8.8.8.10
LanAddress = 10.0.0.10
...
}
\end{bareosConfigResource}
\begin{bareosConfigResource}{bareos-dir}{client}{SD\_LAN}
Storage {
Name = SD_LAN
Address = 8.8.8.20
LanAddress = 10.0.0.20
...
}
\end{bareosConfigResource}
\begin{bareosConfigResource}{bareos-dir}{client}{FD\_WAN}
Client {
Name = FD_WAN
Address = 8.8.8.30
...
}
\end{bareosConfigResource}
\begin{bareosConfigResource}{bareos-dir}{client}{SD\_WAN}
Storage {
Name = SD_WAN
Address = 8.8.8.40
...
}
\end{bareosConfigResource}
This way, backups and restores from each \bareosFd using each \bareosSd are possible
as long as the firewall allows the needed network connections.
The \bareosDir simply checks if both the involved \bareosFd and \bareosSd
both have a \configdirective{Lan Address}
(\linkResourceDirective{Dir}{Client}{Lan Address} and \linkResourceDirective{Dir}{Storage}{Lan Address}) configured.
In that case, the initiating daemon is ordered to connect to the \configdirective{Lan Address}
instead of the \configdirective{Address}. In active client mode, the \bareosFd connects to the \bareosSd, in
passive client mode (see \nameref{PassiveClient}) the \bareosSd connects to the \bareosFd.
If only one or none of the involved \bareosFd and \bareosSd have a \configdirective{Lan Address}
configured, the \configdirective{Address} is used as connection target for the
initiating daemon.