5 1 0:Backup in Different Networks

From SEPsesam


Welcome to the latest SEP sesam documentation version 5.1.0 Apollon. For previous documentation version(s), check documentation archive.


Overview


This article describes how to configure backup clients in different network segments by using a backup LAN. To be able to perform a backup in different networks, you have to configure network settings, hosts and interfaces.

Configuration example

In our example, the network consists of multiple segments:

192.168.59.0/24 : Network for regular service traffic (user LAN)
172.16.1.0/24   : Network for backup related tasks (backup LAN)

The following example shows how to perform a backup using the dedicated backup network 172.16.1.0/24.

Step 1: Network configuration

Make sure that the SEP sesam Server and all servers which should be backed up via the separate backup LAN have a network card in both network segments. Make sure that a TCP connection between hosts works properly. In this example, the backup server is a Linux system and has multiple network cards:

eth0: 192.168.59.200
eth1: 172.16.1.200

Step 2: Name resolution/hosts file configuration on the backup server

For both network segments (172.16.1.0/24 and 192.168.59.0/24) the SEP sesam Server should have a proper DNS entry. SEP strongly recommends to use a central DNS (Domain Name System) server. For details on DNS name resolution, see How to check DNS configuration.

If your environment does not have a DNS server, you have to configure the hosts files on all systems for a working name resolution.

Configure the hostnames in the system's hosts file to make them available via a DNS name. The location of the hosts file depends on the operating system:

On Linux

/etc/hosts

On Windows

C:\Windows\system32\drivers\etc\hosts 

Open the hosts file in your text editor and add an entry.

# SEP sesam Server main IP, licensed IP and name
192.168.59.200  backup-server.mydomain.com        backup-server
# SEP sesam device server IP for data transfer over a separated LAN
172.16.1.200    backup-server-172.mydomain.com    backup-server-172

# all clients that should be backed up
192.168.59.10   client01.mydomain.com             client01
192.168.59.11   client02.mydomain.com             client02

Note
The first entry must match the server name as specified in the SEP sesam license.

Step 3: Hosts configuration on the clients

This step is only required if you do not have a central DNS server.

The backup client client02 should be backed up using the network 172.16.1.0/24. In this case, the control communication will take place over the network 193.28.59.0/24, the data transfer will run over 172.16.1.0/24 and a hosts file on the client have to include:

# my client IP and name
193.28.59.2     client02.mydomain.com             client02
# name <-> IP resolution for control communication
193.28.59.200   backup-server.mydomain.com        backup-server
# name <-> IP resolution for data transfer
172.16.1.200    backup-server-172.mydomain.com    backup-server-172

Step 4: Control configuration on the clients

During the Windows client software installation, the SEP sesam Server is added to the allowed hosts to communicate with the client (via SMSSH and CTRL). In case of a Linux client, you have already executed the command /opt/sesam/bin/sesam/sm_setup set_client <name of backup server>.

In both cases the SEP sesam Server is added in the CTRL file <sesam_var_dir>/var/ini/sm_ctrld.auth on the client and the SEP sesam Server public SSH key is inserted in the <sesam_var_dir>/var/ini/sm_ssh/authorized_keys file on the client.

You have to add the second name of the SEP sesam Server to the client authentication possibilities by specifying the following command (for Windows and Linux):

/opt/sesam/bin/sesam/sm_setup set_client backup-server-172.mydomain.com
c:\program files\SEPsesam\bin\sesam\sm_setup set_client backup-server-172.mydomain.com

Step 5: Interfaces configuration

With working DNS name resolution or after configuring the hosts files, switch to the SEP sesam GUI -> Components -> Clients and double-click the SEP sesam server (backup server) to open its properties.

In the Interfaces field, check/add both hostnames. Add the hostnames multiple times with the different prefixes and suffixes for the different SEP sesam data transfer modes (ftp,http,https). SEP recommends to use always the fully qualified domain name (FQDN) for the interfaces.

In our example, these are:

backup-server.mydomain.com
http://backup-server.mydomain.com:11000
https://backup-server.mydomain.com:11443
backup-server-172.mydomain.com
http://backup-server-172.mydomain.com:11000
https://backup-server-172.mydomain.com:11443



Then configure your backup as described in Standard Backup Procedure. You can either schedule your backup or start it immediately, but make sure that you select the relevant interface from the drop-down list.


In our example, the selected interface is http://backup-server-172.mydomain.com:11000. This means that the backup server will connect to the client via the network 192.168.59.0/24 and the data transfer will take place over the 172.16.1.0/24 network. So there is no impact to the user LAN during the backup.


See also

Client propertiesStandard Backup Procedure

Copyright © SEP AG 1999-2024. All rights reserved.
Any form of reproduction of the contents or parts of this manual is allowed only with the express written permission from SEP AG. When compiling and designing user documentation SEP AG uses great diligence and attempts to deliver accurate and correct information. However, SEP AG cannot issue a guarantee for the contents of this manual.