NBU Encryption issues - Quantum and Symantec
I could use some advice here - currently have cases open with the vendors but wanted to get some outside perspectives as well.
We are using NetBackup for a data migration, nothing fancy: Backup the current data at site A, ship the tapes to site B and restore.
Info for both sites:
site A: Spectra T120, LTO5 drives, NBU 7.0 (I could not convince them to upgrade and we are doing catalog recoveries, so stuck at 7.0)
site B: Quantum i500, LTO5 drives, NBU 7.0
It's been problematic - since day one the restore have been painfully slow, using LTO5 drives and 2-8gb connections I was seeing restore speeds no better than 5mb/sec. There was a lot of troubleshooting done, cases opened and closed, optimizing, etc. Nothing seems to break that barrier of horrible throughput. We tested outside of NBU, network and disk speeds are just fine, there is no reason those restores should perform so poorly.
Then I had the idea to rule out the incoming tapes, try a local backup and restore with fresh tapes. Bingo! Decent speeds, no errors, etc. Until I tried to use KMS - trying to write encrypted backups fails with these types of errors:
Error bptm(pid=2272) FREEZING media id <Media ID>, Encryption unavailable for an ENCR pool
Now this is where it gets odd - KMS has been replicated from site A to site B, and from the begining there were never any indications that anything was misconfigured; the tapes coming from site A were always able to be read, and running nbkmsutil on both sites shows identical info. I followed the simple instructions on exporting/importing keys so no surprises there.
The case I opened with Symantec found errors in bptm that point to the hardware being the issue - Quantum got involved and are confused as well. Heck, I am confused too - the tapes I am not able to create encrypted backups on are from the same pool we use in our production site, there are no issues with them. I looked at them personally, they are in fact LTO5 tapes, no damage, and so far six of them give me that Encr error, yet I can run a non encrypted backup and restore with them with no problems at respectable speeds,
While I wait for Symantec and Quantum to review logs I am still poking around trying to find clues, if anybody has seen anything like this please let me know.