Computer operating system that functions on only one type of computer. Proprietary operating systems limit the ability of Software applications to run on other systems and also limit the market for any Application Software.
Data ONTAP is a proprietary operating system developed by Network Appliance; it is not based on the Windows OS. Consequently, the current Data ONTAP operating system requires additional rights assigned to the user or to the precreated device object when an administrator or administrator equivalent account is not used. Once the computer object has successfully joined the Active Directory domain, the user account credentials will no longer be used and are not stored in any way in the OS. They are used only to allow the N series storage system to become an active member of Active Directory and to write standard properties to the object during the join process.
Setting up CIFS shares and joining the ActiveDirectory
http://www.techworld.com/applications/whitepapers/index.cfm?whitepaperid=3276
Sunday, 18 March 2007
Data ONTAP by Network Appliance :
NetApp's proprietary OS is called Data ONTAP. Due to licensing deals with Microsoft, however, NetApp is compatible with Windows-based NAS appliances. This allows you to utilize a non-Windows device that interoperates with Windows. Another big plus of Data ONTAP is that it was created specifically for NAS applications and offers the greatest range of high-end features such as advanced mirroring and snapshots. You can use Data ONTAP, for example, for hundreds of data snapshots and point-in-time copies every hour if you require it.
NetApp has established a common architecture across all products based on Data ONTAP and its WAFL (write anywhere file layout) file system. These two elements underlie all its platforms and are a big reason that NetApp dominates in the primary storage part of the NAS landscape. And that's the whole point — NAS was designed to simplify storage management compared to traditional SANs.
"With NAS, the FC part is disguised so a lot less is required of the storage administrator," said Karthik Kannan, director of technology and strategy at NetApp.
But complexity is a relative concept. Compared to some Snap and Windows gear some NetApp filers are quite complex. But as new versions of the OS are released, greater simplification is apparent. The newest edition, Data ONTAP 7G (Grid), adds dynamic virtualization and removes some of the administration from disk configuration at the physical level. This means more time managing data as opposed to managing systems and disks.
"Administrators no longer have to worry about how many disks are attached to a volume and program for backups, and so on," said Kannan.
Version 7G is just the start of NetApp's grid vision. Its acquisition of Spinnaker Networks last year was part of the plan to move into enterprise grid computing. That vision will come into being over the next 12 to 24 months.
NetApp has established a common architecture across all products based on Data ONTAP and its WAFL (write anywhere file layout) file system. These two elements underlie all its platforms and are a big reason that NetApp dominates in the primary storage part of the NAS landscape. And that's the whole point — NAS was designed to simplify storage management compared to traditional SANs.
"With NAS, the FC part is disguised so a lot less is required of the storage administrator," said Karthik Kannan, director of technology and strategy at NetApp.
But complexity is a relative concept. Compared to some Snap and Windows gear some NetApp filers are quite complex. But as new versions of the OS are released, greater simplification is apparent. The newest edition, Data ONTAP 7G (Grid), adds dynamic virtualization and removes some of the administration from disk configuration at the physical level. This means more time managing data as opposed to managing systems and disks.
"Administrators no longer have to worry about how many disks are attached to a volume and program for backups, and so on," said Kannan.
Version 7G is just the start of NetApp's grid vision. Its acquisition of Spinnaker Networks last year was part of the plan to move into enterprise grid computing. That vision will come into being over the next 12 to 24 months.
GuardianOS from Snap Appliance :
GuardianOS by Snap is particularly strong in the workgroup and departmental markets. Now that it has been acquired by Adaptec, there are signs that it is moving into larger enterprise environments. Newer appliances, for example scale up beyond 29 TB.
GuardianOS is now up to version 3.1. This latest version adds iSCSI support, block-based services, some dynamic provisioning capabilities and the ability to expand an iSCSI LUN on the fly. Another feature is Snap EDR – enterprise data replication. This is replication and aggregation software that enables remote backups and data transfer over a WAN.
According to Steven Rogers, director of technical marketing for Adaptec's Snap Appliance division, Guardian OS is a more streamlined and resilient NAS OS than Windows or Data ONTAP.
Microsoft Windows Storage Server 2003 :
According to IDC, NAS appliances running the Microsoft operating system are expected to account for about half of all appliances in the market by the end of 2004. They offer interoperability with Windows environments and can scale from one TB to over 60 TB. Windows Storage Server 2003 is now the central operating system of NAS appliances from a variety of vendors such as HP, EMC and Dell. In addition, the OS is readily available to entry-level customers, and applications for backup, security and management can be acquired from any vendor.
Microsoft has made major changes between the 2000 and 2003 versions and is clearly intent on capturing market share. On the downside, however, some criticize Windows Storage Server as being little more than a server with a browser console. Further, security concerns continue to plague the Windows OS. Due to its ubiquity, it is a magnet for hackers. Thus when security of data is a factor, GuardianOS and NetApp come out ahead. Data ONTAP, in fact, is designed with security in mind. The microkernel of the OS contains all the key features required for backup, replication, WORM etc. With all the software embedded into it, there is no need to load additional software modules that could compromise security. "Windows comes with traditional bugs and flaws," said Kannan. "Data ONTAP's code is tightly compiled for storage so there is no place for a script to execute."
http://www.netapp.com/go/techontap/
matl/sample/0206tot_monthlytool.html
Microsoft has made major changes between the 2000 and 2003 versions and is clearly intent on capturing market share. On the downside, however, some criticize Windows Storage Server as being little more than a server with a browser console. Further, security concerns continue to plague the Windows OS. Due to its ubiquity, it is a magnet for hackers. Thus when security of data is a factor, GuardianOS and NetApp come out ahead. Data ONTAP, in fact, is designed with security in mind. The microkernel of the OS contains all the key features required for backup, replication, WORM etc. With all the software embedded into it, there is no need to load additional software modules that could compromise security. "Windows comes with traditional bugs and flaws," said Kannan. "Data ONTAP's code is tightly compiled for storage so there is no place for a script to execute."
http://www.netapp.com/go/techontap/
matl/sample/0206tot_monthlytool.html
Thursday, 15 March 2007
iptables firewall
The iptables firewall feature also referred to as netfilter is the default firewall software when you install Red Hat Linux 8.0 and 9.0. This firewall can be configured to block ports and thus disallow TCP traffic to and from the Backup Exec server. The Backup Exec Unix Agent on the Linux server/workstation broadcasts every 30 seconds by default to port 6101 on the backup server and listens on TCP port 8192 on the Linux system. Port 8192 must be opened on the Linux server/workstation to allow backup traffic to flow to and from the Backup Exec Unix/Linux Agent.
To determine if iptables is installed,Type:
rpm -qa iptables
To view the currently loaded iptables rules in the kernel, type:
iptables -L
To append a rule to the current rules that allows incoming TCP packets with a source of the media server's IP address to any TCP port on the Linux server/workstation, type:
iptables -A INPUT -p tcp -m tcp -s -j ACCEPT
For a more secure firewall setting that appends a rule to allow TCP packets from the media server through port 8192 on the Linux workstation/server, type:
iptables -A INPUT -p tcp -m tcp -s -d --dport 8192 -j ACCEPT
To determine if iptables is installed,Type:
rpm -qa iptables
To view the currently loaded iptables rules in the kernel, type:
iptables -L
To append a rule to the current rules that allows incoming TCP packets with a source of the media server's IP address to any TCP port on the Linux server/workstation, type:
iptables -A INPUT -p tcp -m tcp -s
For a more secure firewall setting that appends a rule to allow TCP packets from the media server through port 8192 on the Linux workstation/server, type:
iptables -A INPUT -p tcp -m tcp -s
Wednesday, 14 March 2007
Can Backup Exec for Windows Servers encrypt data on media?
Backup Exec (tm) does not encrypt data on media. Backup Exec can only password protect media. If the password is set, then it is required when you catalog or restore media. Information contained on media cannot be read without the correct password.
Note: Password protected media can be "erased" without providing the password.
Note: Password protected media can be "erased" without providing the password.
Tuesday, 13 March 2007
How to enable ARCHIVELOG mode in Oracle 10g (10.1)..
Starting with Oracle Database 10g release 10.1, the LOG_ARCHIVE_START initialization parameter has been deprecated. Archiving is now automatically started when the database is placed in ARCHIVELOG mode.
To enable ARCHIVELOG mode in Oracle 10g (10.1):
http://support.veritas.com/docs/266835
To enable ARCHIVELOG mode in Oracle 10g (10.1):
http://support.veritas.com/docs/266835
Recommended PORT consideration for Firewall/TCP Filtered environment:
When performing remote backups through a firewall, one should select a specific range under Network & Firewall defaults dialog box in the Backup Exec console and open the exact range on the Firewall/TCP Filtering.
Note: According to IANA (INTERNET ASSIGNED NUMBERS AUTHORITY),Ports which we think is Dynamic and Free are not TRUE, Infact when we go through the List of ports given by IANA authority we will find that most ports which we assign are either well known ports OR registered ports and therefore when we specify them in Backup Exec console (Under Network & Firewall) option it does not follow the rule and often get rejected/Refused by the remote server.
According to IANA :
http://www.iana.org/assignments/port-numbers
PORT NUMBERS =(last updated 2007-03-12)
The port numbers are divided into three ranges:
1.The Well Known Ports.
The Well Known Ports are those from 0 through 1023.
2.The Registered Ports.
The Registered Ports are those from 1024 through 49151
3.The Dynamic and/or Private Ports.
The Dynamic and/or Private Ports are those from 49152 through 65535 (Here we need to search for unassigned ports)
As we can see port between 1024 and 49151 is registered and therefore even if we specify these range on the Backup Exec(under tools--options--network & firewall) and similar range on the remote server Firewall/TCP Filerting it may not backup or "refuse to communicate" as seen in the SGMON error.
Resolution:
To overcome this problem, its recommended to specify maximum FREE (UNASSINGED Dynamic Port) range available and stated by IANA and as per the IANA information it looks like the maximum range available is :5204-5221 which is about 17 ports. Its up to the system administrator to open all the "17" ports or just assign "10" ports. You may refer to IANA website to refer other range.
Note: According to IANA (INTERNET ASSIGNED NUMBERS AUTHORITY),Ports which we think is Dynamic and Free are not TRUE, Infact when we go through the List of ports given by IANA authority we will find that most ports which we assign are either well known ports OR registered ports and therefore when we specify them in Backup Exec console (Under Network & Firewall) option it does not follow the rule and often get rejected/Refused by the remote server.
According to IANA :
http://www.iana.org/assignments/port-numbers
PORT NUMBERS =(last updated 2007-03-12)
The port numbers are divided into three ranges:
1.The Well Known Ports.
The Well Known Ports are those from 0 through 1023.
2.The Registered Ports.
The Registered Ports are those from 1024 through 49151
3.The Dynamic and/or Private Ports.
The Dynamic and/or Private Ports are those from 49152 through 65535 (Here we need to search for unassigned ports)
As we can see port between 1024 and 49151 is registered and therefore even if we specify these range on the Backup Exec(under tools--options--network & firewall) and similar range on the remote server Firewall/TCP Filerting it may not backup or "refuse to communicate" as seen in the SGMON error.
Resolution:
To overcome this problem, its recommended to specify maximum FREE (UNASSINGED Dynamic Port) range available and stated by IANA and as per the IANA information it looks like the maximum range available is :5204-5221 which is about 17 ports. Its up to the system administrator to open all the "17" ports or just assign "10" ports. You may refer to IANA website to refer other range.
Monday, 5 March 2007
Sunday, 4 March 2007
Network Data Management Protocol (NDMP/10000)...
NDMP is an acronym for Network Data Management Protocol, which is an open standard protocol for enterprise-wide backups of heterogeneous network-attached storage. NDMP is an Internet-Draft standard that uses port 10000 by default.
For more details on NDMP Protocol please see the following site:
http://www.ndmp.org.
Architectural Model:
The architecture follows a client-server model and the backup software is considered to be a client to the NDMP server. For every connection between the client and the NDMP host, there is a virtual state machine on the NDMP host that is controlled using NDMP. This virtual state machine is referred to as the NDMP server.
Architectural Model:
The architecture follows a client-server model and the backup software is considered to be a client to the NDMP server. For every connection between the client and the NDMP host, there is a virtual state machine on the NDMP host that is controlled using NDMP. This virtual state machine is referred to as the NDMP server.
Currently an NDMP server can be thought of providing two services:
A DATA server - This service either reads from disk and produces an NDMP data stream (in a specified format) or reads an NDMP data stream and writes to disk, depending upon whether a backup or restore is taking place.
A TAPE server - This service either reads an NDMP data stream and writes it to tape or reads from tape and writes an NDMP data stream, depending upon whether a backup or restore is taking place. All tape-handling functions, such as split-image issues, are dealt with by this service.
NDMP Filers (NAS):
DMP Filers, or NAS devices, reside on the network with the primary purpose of providing file services. NAS devices that use standard operating systems (for example, Windows-powered NAS devices) support the installation of backup agents, and can therefore be backed up like any other file server. However, some NAS devices use a custom operating system that does not support third party backup agents. A standard backup interface for NAS devices exists in the form of the network data management protocol (NDMP), which is a backup standard for NAS devices that do not support installation of a backup agent.
NDMP - Direct Attached:(Shown above in Figure)
In the direct-attached or local model, the backup server uses NDMP over the LAN to instruct the filer to start the backup. The filer then sends the data contained in the backup to a tape device attached directly to the filer via Fibre Channel or SCSI. During the backup, information about files and directories written to tape is transferred via NDMP over the LAN to the backup server where it is maintained in an index. For a restore operation, the backup server uses NDMP over the LAN to instruct the filer to start restoring files. Data is read from the filer's locally attached tape device and stored by the filer. During backup and restore, the backup server does not ever receive the actual data being written or read from tape. As a result, this model is commonly referred to as "LAN-free" backup.
NDMP - Filer to Filer (3-way): (Shown above in Figure)
In the filer-to-filer model, often referred to as three-way, the backup server uses NDMP over the LAN to instruct filer A to start backing up data to tape devices attached to filer B via either the same network or a private backup network. During the backup, information about files and directories written to tape is transferred from filer A via NDMP over the LAN to the backup server, where it is maintained in an index.
This is known as 3-way backup, since typically 3 hosts are involved.
The host running the NDMP client (1).
The host running the NDMP DATA server (2).
The host running the NDMP TAPE server (3).
RPM Overview ............
FREE RPM Downloads:
http://rpm.pbone.net/index.php3/stat/3/srodzaj/1/search/compat-gcc
For more details on RPM commands one can refer to following pdf file:http://home.frognet.net/~aalug/docs/rpm.pdf
The RPM Package Manager (RPM) is a powerful command line driven package management system capable of installing, uninstalling, verifying, querying, and updating computer software packages. Each software package consists of an archive of files along with information about the package like its version, a description, and the like. There is also a related API ("Application Program Interface"), permitting advanced developers to bypass 'shelling out' to a command line, and to manage such transactions from within a native coding language. RPM has become the defacto format for LSB compliant distributions.
Basic RPM Commands:
1. -U Update or install the chosen package. This can be done via http or ftp in addition to using local files.
2. -i Install the selected package, allows for multiple versions.
3. -e Remove. This allows you to remove the packages you specify.
4. -v Verbose. Print out more information than usual.
5. -F Freshen. This is similar to -U but will only work on if an earlier version of the package is already installed.
6. -h Hash. This makes rpm pretty when you install packages, and gives you a progress bar.
7. -qa Query all. This allows you to query for every package installed on the system. You can limit the search by giving it a value like rpm -qa "send*".
8. -ql lists the files associated with a package.
9. -qg lists all installed packages in a specific group, for example "System Environment/Shells".
10. -qi lists the spec file header for the given package. This is one of the things that makes rpm useful for automation.
http://rpm.pbone.net/index.php3/stat/3/srodzaj/1/search/compat-gcc
For more details on RPM commands one can refer to following pdf file:http://home.frognet.net/~aalug/docs/rpm.pdf
The RPM Package Manager (RPM) is a powerful command line driven package management system capable of installing, uninstalling, verifying, querying, and updating computer software packages. Each software package consists of an archive of files along with information about the package like its version, a description, and the like. There is also a related API ("Application Program Interface"), permitting advanced developers to bypass 'shelling out' to a command line, and to manage such transactions from within a native coding language. RPM has become the defacto format for LSB compliant distributions.
Basic RPM Commands:
1. -U Update or install the chosen package. This can be done via http or ftp in addition to using local files.
2. -i Install the selected package, allows for multiple versions.
3. -e Remove. This allows you to remove the packages you specify.
4. -v Verbose. Print out more information than usual.
5. -F Freshen. This is similar to -U but will only work on if an earlier version of the package is already installed.
6. -h Hash. This makes rpm pretty when you install packages, and gives you a progress bar.
7. -qa Query all. This allows you to query for every package installed on the system. You can limit the search by giving it a value like rpm -qa "send*".
8. -ql lists the files associated with a package.
9. -qg lists all installed packages in a specific group, for example "System Environment/Shells".
10. -qi lists the spec file header for the given package. This is one of the things that makes rpm useful for automation.
What is "NAMED PIPES" in Unix\LINUX..
Unix\LINUx supports a special form of pipes known as "named pipes". Very simply, a named pipe is an entry on the disk that looks like a file to the programs that write and read it, but it really doesn't contain any data. It helps connecting the output of one program to another without using the pipe character. A named pipe special file is recognizable by the file type character:
p as in prw-rw---- mypipe
1. Determine potential pipe files, On the Unix or Linux console type the following command:
ls -l
2. Look for anything with a "p" in the first column of the permissions metadata. This indicates a pipe type resource as shown in Figure above..
NOTE: It is recommended to Exclude all pipe type targets during Backup process.
NDMP port 10000 is in use by another application...
Certain Backup vendors are NDMP compatible and they require NDMP port to be free on PORT-10000, sometimes its used by other applications and could cause the Backup failure.
Resolution:
To resolve the issue, it is required to determine the application/service which is using port 10000, and then either free the port or change the NDMP port on the <>\etc\services file and also on the Bakup as well as Agents server. Its most recommended to FREE the ndmp 10000 port.
Follow the steps given below to determine the port usage:
1. On the RedHat Linux system, open the terminal/command line prompt and type the command given below.
Note: There are number of different commands to check the port status. Choose the command you are most comfortable with. This is what i use, for details on basic linux commands see the links on the right.
lsof -i tcp:10000
The figure above shows that port 10000 is listening for the process ID 17923.
The next step is to determine which application is using this process.
2. To determine the application using a given process, type the command shown below.
ps -ax grep 17923
The figure above is showing that an application called "Webmin" is using NDMP port 10000. The Administrator will need to either free the port or change the NDMP port number to be used by Backup Software.
Note: It is recommended to FREE the port instead of changing the NDMP port to be used by Backup Software, because if you opt to change the NDMP port then this change must be made not only to the Backup Server but too all the agents server.
What is Webmin:
Webmin is a web-based interface for system administration for Unix. Using any browser that supports tables and forms (and Java for the File Manager module), you can setup user accounts, Apache, DNS, file sharing and so on. Webmin consists of a simple web server, and a number of CGI programs which directly update system files like /etc/inetd.conf and /etc/passwd.
Webmin by default uses the port 10000 when installed.
Webmin is a web-based interface for system administration for Unix. Using any browser that supports tables and forms (and Java for the File Manager module), you can setup user accounts, Apache, DNS, file sharing and so on. Webmin consists of a simple web server, and a number of CGI programs which directly update system files like /etc/inetd.conf and /etc/passwd.
Webmin by default uses the port 10000 when installed.
Saturday, 3 March 2007
Backup fails while backing up SNAP/NAS/Netapp servers:
This could occur if the Backup agent is not ndmp compatible.
1. To check the NDMP daemon status on the Filer, telnet to the filer and input the following command at the prompt.
ndmpd status
2. If the NDMP is ON, then switch the state to OFF, input the following command at the prompt.
ndmpd off
3. Try to backup again.
NDMP compatible products
http://www.ndmp.org/products/index.shtml#backup
1. To check the NDMP daemon status on the Filer, telnet to the filer and input the following command at the prompt.
ndmpd status
2. If the NDMP is ON, then switch the state to OFF, input the following command at the prompt.
ndmpd off
3. Try to backup again.
NDMP compatible products
http://www.ndmp.org/products/index.shtml#backup
Subscribe to:
Posts (Atom)