Can it be done : NDMP (Isilon) via secondary IP on MediaAgent using DIP

Hi @bRonDoh can you go to the array management, I would not be surprised if your Isilon was registered there using the “old” IP. Can you confirm.

Hi @tph , Yes the Isilon is defined as an array. However Isilon is registered with an IP/Hostname that is on a different ip/subnet from both the NDMP server pool of IP’s and the MediaAgent IP. This stuff can get very complicated… So let me flesh it out a bit more and hopefully a bit more clearly.

The CommServe (aka the DMA) : a vm with IP 192.168.2.2

The MediaAgent : a physical box with primary IP of 192.168.2.1 and a new secondary IP of 192.168.1.250

The Isilon management IP : 192.168.3.1

The Isilon NDMP IP Pool : 192.168.1.1 - .4

(Note all the above IPs are not the act

ual IPs, but they convey the topology wrt subnets used.)

IF I understand the traffic flow - the CommServe sends NDMP instructions / options to the Isilon on the Isilon Management IP. The Isilon initiates and NDMP backup per the instructions from the CommServe. One of those instructions from the CommServe is the hostname/ip addres of the MediaAgent that the Isilon NDMP server is supposed to talk to. The Isilon initiates the tcp/ip  session from an IP adress from its defined pool of NDMP preferred IPs.

The CommServe only ever tells the Isilon to use the primary IP of the MediaAgent. This causes the comms to fail if the MediaAgent has an IP on the same subnet as the Isilon NDMP preferred IP subnet - this is due to asymmetric routing.

Looking at the Array Management configuration I do not see any knob that would let me define the use of a secondary IP on the MediaAgent for NDMP comms. Maybe it is embedded/implicit in the configuration of the array since it was done when the MediaAgent had only one IP. Perhaps if I recreated the array now that the MediaAgent has a secondary IP it would allow me the option of picking the IP to use for NDMP backups - ie either the MediaAgents primary or secondary IP…

Thanks,

Ron

@bRonDoh 

When no DIPs are being used, we simply use whatever is the first IP address as per the OS’s binding order. We also do not tell the Isilon what IP address to talk to for us. This is why DIPs are sometimes needed.

@bRonDoh

Correct. A DIP is not a pre-requisite for NDMP backups, but I may have mis-understood your previous statements, thinking you are referring to general connectivity without the use of a DIP.

The CommServe doesn’t tell the Isilon what IP address to talk to for the MediaAgent unless there is a DIP in place. Without a DIP this would occur via DNS and whatever IP address the MediaAgent resolves as.

If you are having issues with the backup I would suggest getting a Support case opened to verify the DIP configuration is set correctly and to investigate the cause of the issue.

Just adding some of the log info showing the NDMP control options being set by the DMA - specifically the hostname/ipaddress of the MediaAgent for the Isilon to talk to.

4108  d74   06/16 14:42:23 47686 Scheduler  Phase [4-Backup] (0,0) started on [s01.ok.ubc.ca] in [0] second(s) - NasBackup.exe -j 47686 -a 2:69 -t 1 -d s01.ok.ubc.ca*s01*8400*8402 -c clokadmis01.ok.ubc.ca  -jt 47686:4:1:0:0:51936  -idxma s01.ok.ubc.ca*s01*8400*8402  -lastMA :  -numstreams 2
4108  d9c   06/16 14:42:23 47686 Servant    Reg [Control] received. Client [s01] plattype = 4. Token [47686:4:1:0:0:51936]
4108  d9c   06/16 14:42:26 47686 Servant    Reg [NotControl] received. Client [s01] plattype = 4. Token [47686:4:1:0:0:51936]
4108  213c  06/16 14:42:26 47686 Servant    Reg [NotControl] received. Client [s01] plattype = 4. Token [47686:4:1:0:0:51936]
4108  d9c   06/16 14:43:44 47686 Scheduler  Set pending cause [Client [clokadmis01.ok.ubc.ca] was unable to connect to the tape server [s01] on port [50689]. Please check network connectivity.]::Client [s01] Application [NasBackup] Message Id [654311848] Error code [39:424] RCID [0] ReservationId [0].  Level [0] flags [0] id [0] overwrite [0] append [0] CustId[0].
4108  213c  06/16 14:43:44 47686 Scheduler  Ignored pending cause [Client [clokadmis01.ok.ubc.ca] was unable to connect to the tape server [s01] on port [58665]. Please check network connectivity.]::Client [s01] Application [NasBackup] Message Id [654311848] RCID [0] Reservation Id [0].  Level [0] flags [0] id [0] overwrite [0] append [0] CustId[0].
4108  d9c   06/16 14:44:50 47686 Scheduler  Got stream complete message for RCID [104331], status [2]. [s01/cv02.ok.ubc.ca/SockIP(192.168.2.1)/192.168.2.1:0/0 NasBackup(15180:d11df740)]
4108  213c  06/16 14:44:50 47686 Scheduler  Got stream complete message for RCID [104332], status [2]. [s01/cv02.ok.ubc.ca/SockIP(192.168.21)/192.168.2.1:0/0 NasBackup(15180:d11df740)]

Now, I am guessing here that the hostname/ip address I’ve highlighted in the above log (JobManager.log)  is the bit that the DMA sends to the Isilon NDMP server. The NDMP server on the Isilon has no idea where to send the backup data - there is no configuration of that on the Isilon. You can configure a pool of IPs on the Isilon that are used by the Isilon as the source IP for NDMP backup, but you do not configure a destination IP. The destination IP has to be provided to the Isilon by the DMA (Data Managemnt Agent, ie the CommServe). From the log it appears that the CommServ provides the destination hostname/ip in the NasBackup.exe command in the paramter “-d s01.ok.ubc.ca*s01*8400*8402” or maybe not. I could not find any documentation of this command - not in CommVault Docs, not in man pages, not in the built in command help. So this may not be where/how the NDMP destination IP is set. However I am pointing out that no matter whether a DIP is defined or not there is no change in the hostname/ipaddress that is recorded in the log. Maybe I am looking in the wrong log?

Cheers,

Ron

@Collin Harper I have opened a ticket with support. Thanks to all for taking the time to try and assist.

Cheers,

Ron

Sure - it is 220617-515. I have a follow up zoom session today. Will post the outcome when there is one.

Cheers,

Ron