Expiring Today—Celebrate National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

netapp filer snapmirror tunneling with ssh

Posted on 2008-10-16
10
Medium Priority
?
2,016 Views
Last Modified: 2013-11-05
Hello all,

Can any one please give me some info if snapmirror can be tunneled over ssh? I am trying to do that and then while searching for some info I came across some comments mentioning that it is not possible.

Thanks
0
Comment
Question by:naufal
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 4
10 Comments
 
LVL 30

Expert Comment

by:Duncan Meyers
ID: 22737053
No, it can't. It uses a straight IP connection, so the only way you can send it through an encrypted tunnel is to set up a VPN and send the traffic down that. Having said that, I thought SnapMirror encrypted replication traffic by default - but that may depend on the filer model and version of DataONTAP you're running.
0
 

Author Comment

by:naufal
ID: 22737070
Hi,

Thanks for your reply. Can you please tell me some source from where I can get this documented for my boss!!! Also what exactly do you mean by straight IP conenction? like straight as in straight no tunneling or some thing. I'll check on the netapp website about the filer model and data ontap version to see if encryption is possible in any of the model. Netapp support never mentioned this fact that it might be supoprted on any other filer models or Data ontap version.

Thanks a bunch again! I was trying to do this for days! thought should be pretty straight forward.
0
 
LVL 30

Expert Comment

by:Duncan Meyers
ID: 22737148
My apologies - SnapMirror does not encrypt traffic. See: http://now.netapp.com/NOW/cgi-bin/bol?Type=Detail&Display=75206

SnapMirror either uses a Fibre Channel connection or IP - it expects to be able to talk to another NetApp array either via FC or IP. You configure the IP addresses of the other NetApp array when you configure SnapMirror and it uses TCP to communicate.
0
Learn Veeam advantages over legacy backup

Every day, more and more legacy backup customers switch to Veeam. Technologies designed for the client-server era cannot restore any IT service running in the hybrid cloud within seconds. Learn top Veeam advantages over legacy backup and get Veeam for the price of your renewal

 

Author Comment

by:naufal
ID: 22737167
Please correct me if I a wrong but does the SSH tunnel also not use IP. ITs just that the traffic is encrypted beneath no? What Ia am doing is that instead of directly giving the IP of the source filer which would be another private IP I am telling the destination filer the IP of my machine which has SSH tunnel up for the source filer.

Regards
0
 
LVL 30

Expert Comment

by:Duncan Meyers
ID: 22738083
Yes, of course it does - but it has to be invisible to the filers - like a VPN tunnel.
0
 

Author Comment

by:naufal
ID: 22741540
so does is invisible in case of SSH tunnel!? May be is it that source filer makes an arbitrary connection back to destination filer which SSH tunnel cannot handle? But as far as I know, its the destination filer which connects to the source at port 10566 to initiate the transfer.



0
 
LVL 30

Expert Comment

by:Duncan Meyers
ID: 22754377
Perhaps you've got a routing issue or port 10566 isn't going across the tunnel. See http://communities.netapp.com/thread/2171;jsessionid=4FFB40AE0AEAB790753734F98B4C5AE8?tstart=0

0
 
LVL 30

Accepted Solution

by:
Duncan Meyers earned 200 total points
ID: 22754390
0
 

Author Comment

by:naufal
ID: 22761664
Hey,

Thanks, I got it!!! it was not only port 10566 but others as well.

Thanks,

0
 
LVL 30

Expert Comment

by:Duncan Meyers
ID: 22761675
Thanks! Glad I could help.
0

Featured Post

Does Your Cloud Backup Use Blockchain Technology?

Blockchain technology has already revolutionized finance thanks to Bitcoin. Now it's disrupting other areas, including the realm of data protection. Learn how blockchain is now being used to authenticate backup files and keep them safe from hackers.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Concerto Cloud Services, a provider of fully managed private, public and hybrid cloud solutions, announced today it was named to the 20 Coolest Cloud Infrastructure Vendors Of The 2017 Cloud  (http://www.concertocloud.com/about/in-the-news/2017/02/0…
Windows Server 2003 introduced persistent Volume Shadow Copies and made 2003 a must-do upgrade.  Since then, it's been a must-implement feature for all servers doing any kind of file sharing.
This video teaches viewers how to encrypt an external drive that requires a password to read and edit the drive. All tasks are done in Disk Utility. Plug in the external drive you wish to encrypt: Make sure all previous data on the drive has been …
This tutorial will walk an individual through the process of installing the necessary services and then configuring a Windows Server 2012 system as an iSCSI target. To install the necessary roles, go to Server Manager, and select Add Roles and Featu…
Suggested Courses

719 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question