Wiki Page Request: document high port usage #241
Comments
|
Hey @DaveAtFraud, Thank you for reporting this. I will check with the Amanda team and get back to you on this. I will document the list of allowed ports or port ranges I will push it to wiki.zmanda.com for future reference. |
|
Hey @DaveAtFraud, I want to understand your problem a little better.
These are server logs right? Is the server |
|
So I reviewed the code. If you're not a privileged user, we use unreserved ports between If you can confirm, I will add this piece of information into the documentation. |
I'm getting ready to do some hardware and OS (CentOS 7 -> Rocky 9) improvements that include my amanda server. I have cut in a temporary amanda server as part of this process with both the old and new server currently running in parallel at different times so there is no conflict. I'm seeing apparently random backup failures of some hosts. I traced this to the amanda client attempting to open some ports to the amanda server. What I see in the amanda debug logs is:
Sat Nov 11 18:15:08 2023: thd-0x55fa2bd08e00: amandad: dgram_send_addr(addr=0x55fa2bd12b70, dgram=0x7f744b4a97c8)
Sat Nov 11 18:15:08 2023: thd-0x55fa2bd08e00: amandad: (sockaddr_in *)0x55fa2bd12b70 = { 2, 778, 192.168.0.4 }
Sat Nov 11 18:15:08 2023: thd-0x55fa2bd08e00: amandad: dgram_send_addr: 0x7f744b4a97c8->socket = 0
Sat Nov 11 18:15:18 2023: thd-0x55fa2bd08e00: amandad: timeout
Sat Nov 11 18:15:18 2023: thd-0x55fa2bd08e00: amandad: timeout waiting for ACK for our REP
Sat Nov 11 18:15:18 2023: thd-0x55fa2bd08e00: amandad: security_close(handle=0x55fa2bd12b30, driver=0x7f744b48c720 (BSD))
Sat Nov 11 18:15:27 2023: thd-0x55fa2bd08e00: amandad: timeout exit
Sat Nov 11 18:15:27 2023: thd-0x55fa2bd08e00: amandad: pid 8845 finish time Sat Nov 11 18:15:27 2023
Looking up the amandad debug log I saw:
Sat Nov 11 23:06:23 2023: thd-0x558f5c36ce00: amandad: bind_portrange2: Try port 20435: Available - Address already in use
Sat Nov 11 23:06:23 2023: thd-0x558f5c36ce00: amandad: bind_portrange2: Try port 20436: Available - Success
Sat Nov 11 23:06:23 2023: thd-0x558f5c36ce00: amandad: stream_server: waiting for connection: 0.0.0.0:20436
Sat Nov 11 23:06:23 2023: thd-0x558f5c36ce00: amandad: security_streaminit(stream=0x558f5c39a140, driver=0x7f2f1fe2a720 (BSD))
Sat Nov 11 23:06:23 2023: thd-0x558f5c36ce00: amandad: stream_server opening socket with family 2 (requested family was 2)
Sat Nov 11 23:06:23 2023: thd-0x558f5c36ce00: amandad: try_socksize: send buffer size is 65536
Sat Nov 11 23:06:23 2023: thd-0x558f5c36ce00: amandad: try_socksize: receive buffer size is 65536
Sat Nov 11 23:06:23 2023: thd-0x558f5c36ce00: amandad: bind_portrange2: Try port 20435: Available - Address already in use
Sat Nov 11 23:06:23 2023: thd-0x558f5c36ce00: amandad: bind_portrange2: Try port 20436: Available - Address already in use
Sat Nov 11 23:06:23 2023: thd-0x558f5c36ce00: amandad: bind_portrange2: Try port 20437: Available - Success
Sat Nov 11 23:06:23 2023: thd-0x558f5c36ce00: amandad: stream_server: waiting for connection: 0.0.0.0:20437
which seems to indicate that amandad on the client is attempting to open random (?) ports back to the amanda server system. I'm surprised this works at all since I only open the documented amanda client port. Amanda works as expected if I disable the firewall on the amanda server but this is not an acceptable workaround. At a minimum the specific ports or port range used should be documented. Better would be to have the ports configurable but this would be a software change.
The text was updated successfully, but these errors were encountered: