[Discuss] Ideas for solving a remove backup quandary

John Blomfield jabfield at shaw.ca
Fri May 9 17:02:32 PDT 2008 

I am doing my best to understand your network(s) see below:

John Blomfield

Jeremy Kiffiak wrote:
> Ok, here is my attempt at trying to explain concisely what I am hoping 
> to accomplish.
>
> I have a computer at one location (lets call it LOCAL) from which I 
> wish to back up certain data to a remote computer (lets call it 
> REMOTE).  Now if that was all that it entailed I could quite easily 
> and simply use rsync via ssh and would not need to compose this 
> email.  However there are a few extra's twists.
>
> REMOTE is running some virtualization software (VMWare Server 1.04) 
> and the "system" I want to back up to is a VM (Virtual Machine)(lets 
> call this VM REMOTE-BACKUP).  I realize that even this does not pose 
> much of a problem with the proper port forwarding or perhaps SSH 
> tunneling. REMOTE-BACKUP is itself behind a proxy/firewall/gateway VM 
> (REMOTE-GW).
>
> REMOTE-GW has multiple virtual NIC's to provide each of the other VM's 
> its own private network addressing space (yes I could do something via 
> netmask) with the following IP setup for all mentioned systems and VM's.
>
> LOCAL = 192.168.10.100
> REMOTE = 192.168.18.254
Am I correct in that the above two real machines are on the same network 
i.e. netmask 192.168.255.255 or similar?
>
> REMOTE-GW(IP1) = 192.168.18.100
> REMOTE-GW(IP2) = 10.10.8.1
Its probably my lack of knowledge but does not the above gateway 
generate the network netmask 10.10.8.255 by NAT which effectively blocks 
any attempt to access REMOTE-BACKUP unless its in a DMZ, since IP 
10.10.8.1 is meaningless to anything on the other side of REMOTE-GW(1P2).

> REMOTE-BACKUP = 10.10.8.128
>
> I have been fumbling my way through making a BASH script to help 
> automate the process.  The script I have previously used (when the 
> remote BACKUP system was directly accessible via SSH) was this:
>
> #!/bin/sh
> rsync --archive --delete --verbose --compress --rsh=ssh \
> /home/<username>/<dir_to_backup>/  \
> <username>@:/home/jmkiffiak/mysql_backups/  \
> /home/<username>/logs/ >> rsync.log
>
> I would like to do something similar with the new backup system as 
> well.  I thought to include an SSH tunnel at the beginning of my 
> script but the script hangs on that line.  The new (borked) script 
> follows.  I have added a few "echo" commands to try and see where the 
> script was hanging.  I am using port 10022 for 2 reasons.  First it is 
> non-standard so hopefully less script-kiddy port scans will find it.  
> Second I have multiple boxes running SSH on the REMOTE network.  On 
> the remote router port 10022 forwards to port 22 on REMOTE-GW(IP1).
>
> #!/bin/sh
> echo "Creating remote tunnel . . ."
> ssh -p 10022 -C -N <username>@REMOTE1    \
>     -L localhost:18128:10.10.8.128:22 &&
> echo "Tunnel created successfully!"
> echo "Starting backup process"
> scp -p -P 18128 <username>@localhost:~/
> echo "File(s) backed up!"
>
> How can I create a BASH script that initially creates an SSH tunnel 
> that rsync or scp can use to access the machine behind the gateway VM?
>
> Jeremy
>
> ps:  And if you understand all of that very much non-concise mess give 
> yourself a high-five or pat on the head or a shot of your favorite 
> drink as a reward.  As for me it's time for a nap.  My brain hurts.
> _______________________________________________
> Discuss mailing list
> Discuss at vlug.org
> http://ladybug.vlug.org/cgi-bin/mailman/listinfo/discuss
>

More information about the Discuss mailing list