Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

Why we need Reverse lookup for backup

Created: 29 Mar 2013 • Updated: 29 Mar 2013 | 5 comments
This issue has been solved. See solution.

Hello All.

 

Why there is a need of reverse lookup for backup the client?

Actually platform team wants to know this..

Please share..

Operating Systems:

Comments 5 CommentsJump to latest comment

Andrew Madsen's picture

In addition it wants to determine host name authentication because for the vast amount of restores you want to restore to the same machine and if you did not have some form of authentication anyone could spoof the name and get to information they should not have.

There are way to do redirected restores but they are a bit more involved than renaming a server and doing a restore.  

The above comments are not to be construed as an official stance of the company I work for; hell half the time they are not even an official stance for me.

Marianne's picture

Reverse lookup is a form of security to ensure that only authorised servers can backup your critical company data.

When you install a new client, you add a list of media server names that are allowed to backup this client.

When media server connects to client, only IP address from server arrives at client with backup/connect request. Client now needs to resolve this IP address to a hostname and then compare with list of SERVER names to ensure that connection request is from a valid server.
You can see all of this in bpcd log when backup on client is started.
You have also experienced failed reverse lookup recently with your status 59 post.

This security measure prevents data being backed up by anybody that manages to gain access to your network (although your firewall should prevent unauthorised access).

Supporting Storage Foundation and VCS on Unix and Windows as well as NetBackup on Unix and Windows
Handy NBU Links

SOLUTION
Nicolai's picture

FYI: You can disable the reverse lookup check by using setting the REVERSE_NAME_LOOKUP option.

http://www.symantec.com/docs/HOWTO42552

http://www.symantec.com/docs/HOWTO34273

http://www.symantec.com/docs/HOWTO34272

Assumption is the mother of all mess ups.

If this post answered your'e qustion -  Please mark as a soloution.