public:ahsaycbs
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
public:ahsaycbs [2019/08/08 16:45] ronnie.chan |
public:ahsaycbs [2022/11/28 10:45] (current) kirk.lim Last modified: 2019/08/21 15:38 by ronnie.chan |
||
|---|---|---|---|
| Line 1: | Line 1: | ||
| ====== AhsayCBS ====== | ====== AhsayCBS ====== | ||
| - | Below are the FAQs / Issues related to AhsayCBS. | + | Last modified: 2019/08/21 |
| + | (Note: Content written for AhsayCBS v7+v8, and still generally apply to latest product release) | ||
| + | |||
| + | AhsayCBS is the server-side centralized management console for running either on your own backup server hosted in datacenter, or on a cloud VM such as Microsoft Azure or Amazon EC2. It is the core application for managing all backup users. It can also be used for hosting all the backup data, and for managing cloud backup destinations that are being used for hosting backup data. | ||
| + | |||
| + | AhsayOBM / AhsayACB user can also login to AhsayCBS for checking statuses and reports, and running their backup jobs that can be run on AhsayCBS (e.g. Office 365, cloud files, etc.). | ||
| + | |||
| + | Below is the front page of AhsayCBS when logging in as administrator. | ||
| + | |||
| + | {{public:ahsay_wiki_software_ahsaycbs_front.png?640}} | ||
| + | |||
| + | ---- | ||
| + | |||
| + | ===== System Overview ===== | ||
| + | AhsayCBS consists of six core software components. | ||
| + | * AhsayOBM, AhsayACB and AhsayMOB are backup clients for installing on servers, desktops, laptop computers, or mobile devices that you need to back up. | ||
| + | * AhsayOBM, AhsayACB, AhsayOBR and AhsayMOB are restore clients for installing on servers, desktops, laptop computers, or mobile devices that you need to restore the backup data on. | ||
| + | * AhsayCBS is the server software which bundles a Backup Server, Replication Server and Redirector. | ||
| + | * Backup Server is the module that will host all the AhsayOBM/AhsayACB/AhsayMOB backup users and their backup data. | ||
| + | * Replication Server is the module to provide additional backup of the Backup Server. | ||
| + | * Redirector is the module to provide your backup environment with high scalability solution. | ||
| + | |||
| + | {{public:ahsay_wiki_software_cbs_requirement_01.png?640}} | ||
| + | |||
| + | ---- | ||
| + | |||
| + | ===== Requirements ===== | ||
| + | |||
| + | Before you install the AhsayCBS, please pay attention to the following system requirements and make sure that the requirements are met before getting started. | ||
| + | |||
| + | The AhsayCBS should be deployed on a machine supporting 64-bit multiple CPU and multiple cores environment. A 64-bit operating system will allow AhsayCBS to run on a 64-bit Java OpenJDK 1.8 platform, as 64-bit Java is capable of supporting sufficient capacity for future business expansion, to meet the need of existing customers and to support new AhsayCBS server features. It should also have the GNU C Library version 2.14 or higher installed to support AhsayCBS NFS service. | ||
| + | |||
| + | When you deploy the AhsayCBS, please consider to assign a dedicated disk for the system home, user home and replication home. It is not suggested to install AhsayCBS on a disk which contains your operating system. Due to backup data growth this can quickly fill up the system drive which makes the operating system unstable and may even crash the AhsayCBS server. | ||
| + | |||
| + | ==== Software Requirements ==== | ||
| + | For details of the operating systems, applications and databases supported by AhsayCBS, refer to: [[public:8001_faq:ahsay_software_compatibility_list_scl_for_version_8.1_or_above|Ahsay Software Compatibility List (SCL)]] | ||
| + | |||
| + | For the list of compatible operating system for Granular Restore, refer to: [[public:5250_faq:ahsay_software_compatibility_list_scl_for_granular_and_opendirect_restore|Ahsay Software Compatibility List (SCL) for Granular and OpenDirect Restore]] | ||
| + | |||
| + | ==== Hardware Requirements ==== | ||
| + | You can deploy AhsayCBS server on a physical machine, on a virtual machine, or on a cloud environment. The server requirements are outlined in the following sections. Refer to this link for details of the hardware requirements needed to run AhsayCBS successfully: [[public:8000_faq:ahsay_hardware_requirement_list_hrl_for_version_8.1_or_above|Ahsay Hardware Requirement List (HRL)]] | ||
| + | |||
| + | <WRAP indent> | ||
| + | === Best Performance for Running Agentless Backup and Restore === | ||
| + | For partners who wish to use our new agentless backup/restore (Run on Server) feature using AhsayCBS User Web Console for Cloud File (for example: Dropbox, Google Drive), you may need to allocate additional RAM on your AhsayCBS to support this feature, as each running Cloud File backup set requires approximately 170MB of additional memory. | ||
| + | |||
| + | However, for Office 365 backup such as mailbox, OneDrive and SharePoint files, the memory requirement is dependent on the number of OneDrive and Site Collections / Personal Site(s) selected for backup. It is recommended to allocate 100 MB per OneDrive account and 150 MB per Site Collections / Personal Site. It is also recommended to have an additional 2 – 4 GB for the AhsayCBS server operation on top of the recommended allocation for OneDrive account and Site Collections / Personal Site(s). | ||
| + | |||
| + | As a result, the maximum number of scheduled concurrent agentless backup jobs is limited to two by default. To ensure agentless backup jobs do not consume all available Java memory which may affect the stability of the AhsayCBS service. | ||
| + | |||
| + | The formula to estimate the additional memory needed for your Office 365 backup is [(100 MB * number of OneDrive account) + (150 MB * number of Site Collections / Personal Site)] + 2 – 4 GB. For example, you have 100 Site Collections selected for backup, then you will need to add at least 19 GB. That is 15 GB (150 MB * 100) + 4 GB which is equal to 19 GB. | ||
| + | |||
| + | <WRAP info> | ||
| + | The Java heap size to be configured should not exceed 2/3 of RAM available to allow sufficient resources for the operating system. | ||
| + | </WRAP> | ||
| + | |||
| + | Please refer to: | ||
| + | * [[public:5197_faq:how_do_i_increase_the_number_of_scheduled_concurrent_agentless_cloud_file_and_office365_exchange_backup_jobs_on_my_ahsaycbs_server|How to set the maximum concurrent backup jobs on AhsayCBS]] | ||
| + | * [[https://www.ahsay.com/download/download_document_v8_cbs-user.jsp|How to run agentless backup/ restore jobs using AhsayCBS user web console]] | ||
| + | |||
| + | === AhsayCBS on Physical Machine === | ||
| + | When you deploy a physical machine, please consider to purchase a more powerful machine. This will reduce the need for frequent hardware upgrades when your backup business grows, which will require services down time for hardware upgrades and data migration. | ||
| + | |||
| + | It is a good idea to ensure your AhsayCBS server is equipped with some redundancy features, i.e. power supply, and is connected to a UPS (Uninterruptible Power Supply). | ||
| + | |||
| + | === Additional Disk Storage === | ||
| + | Connect a Direct-Attached Storage (DAS) with e.g. a 12 hard disk bays filled with 4TB hard disks via the SCSI interface, extra SCSI controller card required. | ||
| + | With the above setup, it should be able to handle 100 users with around 30TB of storage and a total of 1000 backup sets. With this server setup, it is not yet reaching the server’s physical limitation. There are still other factors that may limit the growth of users, e.g.: network bandwidth. Also, it is easier to manage from administration point of view. | ||
| + | |||
| + | There are 2 assumptions: | ||
| + | * Each user has around 300GB of backup data, with constant 3% of changes daily. | ||
| + | * Each user account has configured 10 backup sets. These backup sets could be run on different machines and backup to the AhsayCBS at the same time. | ||
| + | |||
| + | AhsayOBM/AhsayACB backup clients are enhanced to utilize multiple threads for backup and restore. It is recommended to keep the maximum number of concurrent backup jobs on the AhsayCBS to 1000, to avoid potential performance problems. | ||
| + | |||
| + | **Additional Storage on Cloud** - Besides local storage, you can set up network storage, FTP/SFTP and common cloud storages (Google Drive, Dropbox, OneDrive, Amazon Drive, Box, etc.) for the AhsayCBS. | ||
| + | |||
| + | === AhsayCBS on Virtual Environment === | ||
| + | It is more flexible when you deploy AhsayCBS on virtual machine environment, as you can increase memory size, process cores according to the actual need. | ||
| + | If VM snapshots are not required, please try to delete or reduce the amount of snapshots stored on your disk. Please also check on the storage requirement on virtual environment. | ||
| + | |||
| + | **Additional Storage on Cloud** - Besides local storage on your virtual machine, you can set up network storage, FTP/SFTP and common cloud storages (Google Drive, Dropbox, OneDrive, Amazon Drive, Box, etc.) for the AhsayCBS. | ||
| + | |||
| + | === AhsayCBS on Cloud Environment === | ||
| + | To host an AhsayCBS on cloud, the basic requirement would be similar with setting up a physical machine. It is more flexible when you need to increase memory size, process cores, and disk space. In addition, you will need to take the running cost of a server instance and network usage, which are considered as a hidden cost for the setup. | ||
| + | You can consider hosting a cloud server instance such as Amazon or Azure. | ||
| + | |||
| + | === AhsayCBS on Standby Server === | ||
| + | To ensure you have a backup of your Backup Server in the event of any hardware issues. We recommend replicating your data on the Backup Server to the Replication Server. | ||
| + | |||
| + | In case you need to shut down your Backup Server for maintenance, you can simply switch your Replication Server to the Backup Server, and change the DNS record from your current Backup Server to the Replication Server. | ||
| + | |||
| + | The hardware requirement of the Replication Server would be similar as your Backup Server and usually configured with more storage than your Backup Server. | ||
| + | |||
| + | Although both Backup Server and Replication Server are bundled in AhsayCBS, both backup and replication services are activated post installation. | ||
| + | |||
| + | It is not recommended to configure and use both services on one machine, as they will compete for system resources, i.e. CPU, memory and storage. This could affect the performance and stability of your backup service. Also, it will completely defeat the purpose of Replication Server as a backup or standby server to your Backup Server. | ||
| + | |||
| + | Please also check the details on the replication setup. | ||
| + | </WRAP> | ||
| + | |||
| + | ==== Storage Requirements ==== | ||
| + | When you are setting up storage for your AhsayCBS, please consider the following: | ||
| + | * Type of RAID to fit your requirement (for local physical server or virtual environment) | ||
| + | * If you are deploying the storage locally, you are required to set up storage with redundancy, such as RAID 5 or RAID 6. This is important especially when you are delivering a backup service with good disk performance as well as good fault tolerance. | ||
| + | * Dedicated storage location for the system, user home and replication home | ||
| + | * Physical storage, virtual storage, and cloud storage | ||
| + | |||
| + | <WRAP indent> | ||
| + | === Redundant Disk Setup for Physical and Virtual Storage === | ||
| + | We would recommend setting a rack mount server with several hard disk bays and/or attach a DAS for future expansion. | ||
| + | |||
| + | When you are setting up a rack mount server with 10 4TB hard disks, you may have concerns whether formatting the disk volume with RAID 5 or RAID 6. The following table lists out the differences between the 2 disk array setup. | ||
| + | |||
| + | ^ ^ RAID 5 ^ RAID 6 ^ | ||
| + | ^ Total capacity | Around 36TB | Around 32TB | | ||
| + | ^ Fault tolerance | 1-drive failure | 2-drive failure | | ||
| + | ^ Speed gain | 9x read speed | 8x read speed | | ||
| + | |||
| + | As the cost of hard disk has reduced a lot nowadays, it is strongly recommended that you format your disk volume with RAID 6 that maximizes the protection. | ||
| + | |||
| + | <WRAP indent> | ||
| + | == Dedicated Storage on AhsayCBS == | ||
| + | When you partition the disk in your new server, please consider to set up dedicated virtual disk volumes for operating system, application system, user homes and replication home (if Replication Server is enabled), respectively. It is a common practice that application system home, user homes and replication homes are not located in the system volume, which may fill up easily, causing the system to become unstable. | ||
| + | |||
| + | == Space required for application system home with replication setup == | ||
| + | If you have replication setup on the Backup Server, please consider to dedicate a volume for the application home with sufficient disk space to store the transaction log. As there is no exact formula for estimating the size of the application home, the amount of space used for the transaction log is dependent upon: | ||
| + | * The period of time that the replication reached the replay mode | ||
| + | * The amount of daily backup data uploaded to your backup server | ||
| + | For example, if daily customer backup jobs generate an average of 20GB of data. Your previous replication takes about 5 days to the replay mode, and then your application home partition will require at least 100GB (20GB x 5 days) of free disk space. | ||
| + | |||
| + | This is only a general rule of thumb, this estimation does not take into consideration the growth of daily backup data, or the accumulation of backup data on the backup server which will result in a longer time to reach replay mode. | ||
| + | |||
| + | Setup multiple dedicated disks for each replication receiver. | ||
| + | |||
| + | If your Replication Server has setup several replication by multiple Backup Server, it is recommended that each receiver is located on its own individual disk. The advantages of this type of setup is that it minimizes the I/O on each disk, therefore improving replication performance. | ||
| + | |||
| + | Also, if one of the Backup Servers suffers an outage, there is the option of swapping the disk to the affected Backup Server. | ||
| + | </WRAP> | ||
| + | |||
| + | === Physical Storage === | ||
| + | If you plan to have physical backup server, you are expected to have a fast local backup storage such as local hard disks, DAS or SAN. It is a solution for your business which wants to host the backup data with your physical backup server in your server room or data center. | ||
| + | |||
| + | Please avoid using network storage such as NAS, share drive on another computer as the backup and restore performance is lower. | ||
| + | |||
| + | === File System Tuning for Virtual Storage Environment === | ||
| + | If your backup server and user’s data are hosted on a virtual environment, you need to check on the following to make sure the performance has been optimized. | ||
| + | |||
| + | When you set up a disk to attach on a virtual machine, please consider choosing the “thick provisioning” option or the “allocate all disk space” option. This is because choosing “thin provisioning” or “non-allocate all disk space” option may slow down disk performance when the amount of data grows. | ||
| + | |||
| + | Please also consider running the user home on a dedicated virtual disk, which is configured on fast and non-busy physical disks. | ||
| + | |||
| + | === Cloud Storage === | ||
| + | If you are considering hosting your backup server instance with a commercial cloud services provider such as Google, Amazon, Azure etc., you need to set up cloud storage for your user home, predefined destination or replication home as well. | ||
| + | </WRAP> | ||
| + | |||
| + | ==== Requirements for Using AhsayCBS User Web Console ==== | ||
| + | In order to use the AhsayCBS user web console, you need the following: | ||
| + | |||
| + | <WRAP indent> | ||
| + | === Internet connection === | ||
| + | You need to have Internet connection to access the AhsayCBS user web console. | ||
| + | |||
| + | === Web browsers === | ||
| + | The AhsayCBS user web console runs with all major browsers such as Google Chrome, Microsoft Internet Explorer, Mozilla Firefox, and Apple Safari. Please make sure that you are using the latest version of the browser. | ||
| + | <WRAP info> | ||
| + | You can also monitor live backup and restore activities on the AhsayCBS user web console of your mobile device. | ||
| + | OpenDirect restore of file backup sets or Granular Restore for VMware and Hyper-V backup sets performed using Windows File Explorer will not show up on the Restore Status tab in Live Activities. Restore Status tab in Live Activities only applies to the restore performed directly through AhsayOBM/ AhsayACB/ AhsayOBR/ AhsayMOB or AhsayCBS user web console. | ||
| + | </WRAP> | ||
| + | </WRAP> | ||
| + | |||
| + | ---- | ||
| + | |||
| + | ===== Network and Firewall Settings ===== | ||
| + | |||
| + | ==== Overview ==== | ||
| + | In this section, we shall discuss the network and firewall settings required for the AhsayCBS. These include the access to the web interface, license activation, backup and restore processes, email port settings and replication port settings. | ||
| + | |||
| + | As a prerequisite, a fixed remote IP and internal IP are required for the AhsayCBS. Also, the firewall should support the TLSv1 cryptographic protocol. | ||
| + | |||
| + | ==== Network Settings ==== | ||
| + | <WRAP indent> | ||
| + | === Static IP Address === | ||
| + | The use of dynamic IP addresses for AhsayCBS domain names may result in an unstable backup service, or replication process restarting whenever the IP address re-cycles. | ||
| + | |||
| + | A static IP address will ensure the remote IP address sent by AhsayCBS to the Ahsay license server will remain the same during daily routine license checks. This will avoid potential license errors, i.e. 1011 or 1012 license errors which could result in the automatic shutdown of your AhsayCBS service. | ||
| + | |||
| + | It is strongly recommended that you use a static IP address for your AhsayCBS server to ensure a stable and reliable backup service. | ||
| + | |||
| + | === Network Load Balancing Configuration === | ||
| + | For AhsayCBS servers which are configured with network load balancing, i.e. a dual WAN router or Round Robin routing. A static route should be configured for your AhsayCBS server connection to the Ahsay License Server (lic.ahsay.com). This will ensure the remote IP address sent by AhsayCBS to the Ahsay License Server will remain the same during daily routine license checks. This will avoid potential license errors, i.e. 1011 or 1012 license errors which could result to the automatic shutdown of your AhsayCBS service. | ||
| + | |||
| + | In addition, any switching between the two network connections will cause connection problems between Backup Server and Replication Server due to the change in IP address. This will result in the replication process restarting itself. | ||
| + | |||
| + | === MAC Address === | ||
| + | A valid MAC address is also needed as part of the license activation and validation process, otherwise the evaluation or production license keys will not be applied to AhsayCBS. | ||
| + | In Windows open a command prompt and type ipconfig /all. The MAC address will be displayed as the Physical Address. | ||
| + | |||
| + | <code> | ||
| + | ipconfig /all | ||
| + | |||
| + | Windows IP Configuration | ||
| + | |||
| + | Host Name . . . . . . . . . . . . : w2k16R2-std | ||
| + | Primary Dns Suffix . . . . . . . : | ||
| + | Node Type . . . . . . . . . . . . : Hybrid | ||
| + | IP Routing Enabled. . . . . . . . : No | ||
| + | WINS Proxy Enabled. . . . . . . . : No | ||
| + | |||
| + | Ethernet adapter Private: | ||
| + | |||
| + | Connection-specific DNS Suffix . : | ||
| + | Description . . . . . . . . . . . : Intel(R) 82574L Gigabit Network Connection #2 | ||
| + | Physical Address. . . . . . . . . : 00-0C-29-E4-A7-F4 | ||
| + | DHCP Enabled. . . . . . . . . . . : No | ||
| + | Autoconfiguration Enabled . . . . : Yes | ||
| + | Link-local IPv6 Address . . . . . : fe80::b8c9:1b18:e502:59e6%15(Preferred) | ||
| + | IPv4 Address. . . . . . . . . . . : 172.16.10.12(Preferred) | ||
| + | Subnet Mask . . . . . . . . . . . : 255.252.0.0 | ||
| + | Default Gateway . . . . . . . . . : | ||
| + | DHCPv6 IAID . . . . . . . . . . . : 419433513 | ||
| + | DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-20-EC-7D-6E-00-0C-29-E4-A7-EA | ||
| + | |||
| + | DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1 | ||
| + | fec0:0:0:ffff::2%1 | ||
| + | fec0:0:0:ffff::3%1 | ||
| + | NetBIOS over Tcpip. . . . . . . . : Enabled | ||
| + | |||
| + | Ethernet adapter Public: | ||
| + | |||
| + | Connection-specific DNS Suffix . : | ||
| + | Description . . . . . . . . . . . : Intel(R) 82574L Gigabit Network Connection | ||
| + | Physical Address. . . . . . . . . : 00-0C-29-E4-A7-EA | ||
| + | DHCP Enabled. . . . . . . . . . . : No | ||
| + | Autoconfiguration Enabled . . . . : Yes | ||
| + | Link-local IPv6 Address . . . . . : fe80::c920:be27:8595:e668%12(Preferred) | ||
| + | IPv4 Address. . . . . . . . . . . : 10.16.10.12(Preferred) | ||
| + | Subnet Mask . . . . . . . . . . . : 255.252.0.0 | ||
| + | Default Gateway . . . . . . . . . : 10.16.0.1 | ||
| + | DHCPv6 IAID . . . . . . . . . . . : 301993001 | ||
| + | DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-20-EC-7D-6E-00-0C-29-E4-A7-EA | ||
| + | |||
| + | DNS Servers . . . . . . . . . . . : 8.8.8.8 | ||
| + | 8.8.4.4 | ||
| + | NetBIOS over Tcpip. . . . . . . . : Enabled | ||
| + | |||
| + | Tunnel adapter isatap.{9522CFAB-2A5A-45DB-B5E9-61D594C78BC2}: | ||
| + | |||
| + | Media State . . . . . . . . . . . : Media disconnected | ||
| + | Connection-specific DNS Suffix . : | ||
| + | Description . . . . . . . . . . . : Microsoft ISATAP Adapter | ||
| + | Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 | ||
| + | DHCP Enabled. . . . . . . . . . . : No | ||
| + | Autoconfiguration Enabled . . . . : Yes | ||
| + | |||
| + | Tunnel adapter isatap.{324988F8-C083-40FE-A532-9BC6BD88603B}: | ||
| + | |||
| + | Media State . . . . . . . . . . . : Media disconnected | ||
| + | Connection-specific DNS Suffix . : | ||
| + | Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2 | ||
| + | Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 | ||
| + | DHCP Enabled. . . . . . . . . . . : No | ||
| + | Autoconfiguration Enabled . . . . : Yes | ||
| + | </code> | ||
| + | |||
| + | In Linux open a ssh and type ifconfig. The MAC address is the ether. | ||
| + | <code> | ||
| + | ifconfig | ||
| + | ens160: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 | ||
| + | inet 10.16.30.2 netmask 255.252.0.0 broadcast 10.19.255.255 | ||
| + | inet6 fe80::49c2:9525:f44c:ff19 prefixlen 64 scopeid 0x20<link> | ||
| + | ether 00:0c:29:fb:8d:39 txqueuelen 1000 (Ethernet) | ||
| + | RX packets 1825484 bytes 1277510886 (1.1 GiB) | ||
| + | RX errors 0 dropped 255 overruns 0 frame 0 | ||
| + | TX packets 987689 bytes 1043791281 (995.4 MiB) | ||
| + | TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 | ||
| + | |||
| + | lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536 | ||
| + | inet 127.0.0.1 netmask 255.0.0.0 | ||
| + | inet6 ::1 prefixlen 128 scopeid 0x10<host> | ||
| + | loop txqueuelen 1 (Local Loopback) | ||
| + | RX packets 6394 bytes 7067982 (6.7 MiB) | ||
| + | RX errors 0 dropped 0 overruns 0 frame 0 | ||
| + | TX packets 6394 bytes 7067982 (6.7 MiB) | ||
| + | TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 | ||
| + | |||
| + | virbr0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500 | ||
| + | inet 192.168.122.1 netmask 255.255.255.0 broadcast 192.168.122.255 | ||
| + | ether 52:54:00:73:02:43 txqueuelen 1000 (Ethernet) | ||
| + | RX packets 0 bytes 0 (0.0 B) | ||
| + | RX errors 0 dropped 0 overruns 0 frame 0 | ||
| + | TX packets 0 bytes 0 (0.0 B) | ||
| + | TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 | ||
| + | </code> | ||
| + | |||
| + | === Test Connectivity === | ||
| + | The AhsayCBS server must be able to ping its hostname and activate license key successfully to ensure that the SMTP server setting will work properly. | ||
| + | |||
| + | In Windows open a command prompt and type hostname. Then type ping “hostname”. | ||
| + | <code> | ||
| + | hostname | ||
| + | w2k16R2-std | ||
| + | |||
| + | ping w2k16R2-std | ||
| + | |||
| + | Pinging w2k16R2-std [fe80::b8c9:1b18:e502:59e6%15] with 32 bytes of data: | ||
| + | Reply from fe80::b8c9:1b18:e502:59e6%15: time<1ms | ||
| + | Reply from fe80::b8c9:1b18:e502:59e6%15: time<1ms | ||
| + | Reply from fe80::b8c9:1b18:e502:59e6%15: time<1ms | ||
| + | |||
| + | Ping statistics for fe80::b8c9:1b18:e502:59e6%15: | ||
| + | Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), | ||
| + | Approximate round trip times in milli-seconds: | ||
| + | Minimum = 0ms, Maximum = 0ms, Average = 0ms | ||
| + | </code> | ||
| + | |||
| + | In Linux/FreeBSD open a ssh and type hostname. Then type ping “hostname”. | ||
| + | <code> | ||
| + | # hostname | ||
| + | freebsd11 | ||
| + | |||
| + | # ping freebsd11 | ||
| + | PING freebsd11 (10.16.30.21): 56 data bytes | ||
| + | 64 bytes from 10.16.30.21: icmp_seq=0 ttl=64 time=0.073 ms | ||
| + | 64 bytes from 10.16.30.21: icmp_seq=1 ttl=64 time=0.086 ms | ||
| + | 64 bytes from 10.16.30.21: icmp_seq=2 ttl=64 time=0.097 ms | ||
| + | -- freebsd11 ping statistics --- | ||
| + | 4 packets transmitted, 4 packets received, 0.0% packet loss | ||
| + | round-trip min/avg/max/stddev = 0.073/0.083/0.097/0.009 ms | ||
| + | </code> | ||
| + | </WRAP> | ||
| + | |||
| + | ==== Firewall Settings ==== | ||
| + | <WRAP indent> | ||
| + | === Ports and Settings === | ||
| + | After you have finished setting up your AhsayCBS server, please ensure you have updated your firewall settings to allow network traffic through the following ports: | ||
| + | ^ Port ^ Description ^ | ||
| + | ^ 80 | HTTP port for incoming backup and restore traffic, browsing the AhsayCBS web interface. | | ||
| + | ^ 443 | HTTPS port for incoming backup and restore traffic, browsing the AhsayCBS web interface. | | ||
| + | ^ 25 | Outgoing SMTP port to the SMTP server. | | ||
| + | ^ 111 | Port Mapper | | ||
| + | ^ 1058 | Mount Port ** Required for Run Direct on AhsayCBS | | ||
| + | ^ 2049 | Port for NFS Service | | ||
| + | ^ Any incoming TCP port(s) | Any incoming TCP port(s) used by previous version of replication receiver(s), e.g. 9444, 9445… | | ||
| + | |||
| + | === TCP Ports 80 and 443 === | ||
| + | It is recommended to expose only TCP ports 80 and 443 to the public on your firewall. Please consult the user’s manual of your firewall for more information on how to do so. | ||
| + | |||
| + | === Restricting Access on Administration Panel === | ||
| + | If you do not wish to offer your client access to the AhsayCBS console to manage their accounts, it is recommended to implement IP address restrictions to harden the security. You may do this by restricting a range of IP addresses which can access your AhsayCBS console. For more information please refer to Chapter 5.1.1.5 of the AhsayCBS v8 Administrator’s Guide. | ||
| + | |||
| + | === Replication Using Cross Over Cable === | ||
| + | It is not recommended to set up a Backup Server and a Replication Server using a cross over cable for replication, which will result in connection and performance issues. | ||
| + | If the Backup Server and the Replication Server are located on the same site they should be connected via a switch. | ||
| + | </WRAP> | ||
| + | |||
| + | ==== Certificate Settings ==== | ||
| + | |||
| + | {{public:ahsay_wiki_software_cbs_requirement_02.png?640}} | ||
| + | |||
| + | {{public:ahsay_wiki_software_cbs_requirement_03.png?640}} | ||
| + | |||
| + | As the certificate provided by Ahsay System Corporation Limited is the dummy certificate, which means it can only be used for testing and evaluation but not for production use. So please purchase the offical trusted certificate before using AhsayCBS. | ||
| + | |||
| + | You can refer to this article for [[public:8028_faq:trusted_ca_list_for_v8|the trusted certificate authority (CA) certificates list for AhsayCBS version 8.1.0.24 or above]]. | ||
| + | |||
| + | Please refer to AhsayCBS v8 Administrator’s Guide for more details about the certification. You can also refer to the folowing link to search about the details about SSL certificate installation: [[https://www.ahsay.com/jsp/en/home/index.jsp?pageContentKey=ahsay_services_express-installation-services_ssl]] | ||
| + | |||
| + | ==== Ahsay License Server ==== | ||
| + | The AhsayCBS server is required to access the Internet to connect to our license server lic.ahsay.com using the https protocol in order to activate the trial license key or validate a purchase key. | ||
| + | |||
| + | Please ensure the firewall outbound connection settings are enabled and the TLSv1 setting is allowed. | ||
| + | <WRAP indent> | ||
| + | === Windows === | ||
| + | To verify connection to the Ahsay license server, please open a browser on the Window machine and load [[https://lic.ahsay.com]] in a browser. If the connection is successful, you will see the following screen. | ||
| + | |||
| + | {{public:ahsay_wiki_software_cbs_requirement_04.png?640}} | ||
| + | |||
| + | === Linux === | ||
| + | To verify connection to the Ahsay license server, use the telnet command. If the connection is successful, you will see the following message. | ||
| + | <code> | ||
| + | # telnet lic.ahsay.com 443 | ||
| + | Trying 203.186.85.237... | ||
| + | Connected to lic.ahsay.com. | ||
| + | Escape character is ‘^]’. | ||
| + | </code> | ||
| + | |||
| + | To verify TLSv1 is enabled, use openssl s_client command. If TLSv1 is enabled, you will see the following message. | ||
| + | <code> | ||
| + | # openssl s_client –connect lic.ahsay.com:443 –tls1 | ||
| + | CONNECTED(00000003) | ||
| + | depth=3 C = US, O = "The Go Daddy Group, Inc.", OU = Go Daddy Class 2 Certification Authority | ||
| + | verify return:1 | ||
| + | depth=2 C = US, ST = Arizona, L = Scottsdale, O = "GoDaddy.com, Inc.", CN = Go Daddy Root Certificate Authority - G2 | ||
| + | verify return:1 | ||
| + | depth=1 C = US, ST = Arizona, L = Scottsdale, O = "GoDaddy.com, Inc.", OU = http://certs.godaddy.com/repository/, CN = Go Daddy Secure Certificate Authority - G2 | ||
| + | verify return:1 | ||
| + | depth=0 1.3.6.1.4.1.311.60.2.1.3 = HK, businessCategory = Private Organization, serialNumber = 0498825, C = HK, ST = Hong Kong, L = Kowloon, O = Ahsay Systems Corporation Limited, CN = ahsay.com | ||
| + | verify return:1 | ||
| + | --- | ||
| + | Certificate chain | ||
| + | 0 s:/1.3.6.1.4.1.311.60.2.1.3=HK/businessCategory=Private Organization/serialNumber=0498825/C=HK/ST=Hong Kong/L=Kowloon/O=Ahsay Systems Corporation Limited/CN=ahsay.com | ||
| + | i:/C=US/ST=Arizona/L=Scottsdale/O=GoDaddy.com, Inc./OU=http://certs.godaddy.com/repository//CN=Go Daddy Secure Certificate Authority - G2 | ||
| + | 1 s:/C=US/ST=Arizona/L=Scottsdale/O=GoDaddy.com, Inc./OU=http://certs.godaddy.com/repository//CN=Go Daddy Secure Certificate Authority - G2 | ||
| + | i:/C=US/ST=Arizona/L=Scottsdale/O=GoDaddy.com, Inc./CN=Go Daddy Root Certificate Authority - G2 | ||
| + | 2 s:/C=US/ST=Arizona/L=Scottsdale/O=GoDaddy.com, Inc./CN=Go Daddy Root Certificate Authority - G2 | ||
| + | i:/C=US/O=The Go Daddy Group, Inc./OU=Go Daddy Class 2 Certification Authority | ||
| + | 3 s:/C=US/O=The Go Daddy Group, Inc./OU=Go Daddy Class 2 Certification Authority | ||
| + | i:/C=US/O=The Go Daddy Group, Inc./OU=Go Daddy Class 2 Certification Authority | ||
| + | --- | ||
| + | Server certificate | ||
| + | -----BEGIN CERTIFICATE----- | ||
| + | MIIIATCCBumgAwIBAgIJAPwOHyVgUxkXMA0GCSqGSIb3DQEBCwUAMIG0MQswCQYD | ||
| + | VQQGEwJVUzEQMA4GA1UECBMHQXJpem9uYTETMBEGA1UEBxMKU2NvdHRzZGFsZTEa | ||
| + | MBgGA1UEChMRR29EYWRkeS5jb20sIEluYy4xLTArBgNVBAsTJGh0dHA6Ly9jZXJ0 | ||
| + | cy5nb2RhZGR5LmNvbS9yZXBvc2l0b3J5LzEzMDEGA1UEAxMqR28gRGFkZHkgU2Vj | ||
| + | dXJlIENlcnRpZmljYXRlIEF1dGhvcml0eSAtIEcyMB4XDTE2MDQyMjAzMDAzOFoX | ||
| + | DTE4MDQxNTAzMjMzOFowgbkxEzARBgsrBgEEAYI3PAIBAxMCSEsxHTAbBgNVBA8T | ||
| + | FFByaXZhdGUgT3JnYW5pemF0aW9uMRAwDgYDVQQFEwcwNDk4ODI1MQswCQYDVQQG | ||
| + | EwJISzESMBAGA1UECBMJSG9uZyBLb25nMRAwDgYDVQQHEwdLb3dsb29uMSowKAYD | ||
| + | VQQKEyFBaHNheSBTeXN0ZW1zIENvcnBvcmF0aW9uIExpbWl0ZWQxEjAQBgNVBAMT | ||
| + | CWFoc2F5LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM1cvjg+ | ||
| + | GpaWn18IjmBCkIpDRWzL7tocrB7+reoN619nQTq7W6AlsD/UWTldoOMeQyEWY+3b | ||
| + | kdsI4QGNB2hNwzd36+k5yxST8IPuyGE7eLHe6L7RyQxNT3BLos48i9pOl0cXKEWo | ||
| + | 08wDFw0y2bMiTbkTTErrGk1VqR8oYKV5Pg9RYDoNg2j6I7mCz1v05KJWxTL49PAQ | ||
| + | TmKmK3EX1esvkss9Pz3mfhm/fpJFQfhT+KSTA8b/75RbW2pCQyKW7a9NVX4Iyx6o | ||
| + | dIDDAU568bAV6y74b9hh4ty6+0zSW+x3+CQLPXEd8NJJCtXAitb78qJENkDSxGMH | ||
| + | sW4vuEDKX6UF3f8CAwEAAaOCBA0wggQJMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYw | ||
| + | FAYIKwYBBQUHAwEGCCsGAQUFBwMCMA4GA1UdDwEB/wQEAwIFoDA1BgNVHR8ELjAs | ||
| + | MCqgKKAmhiRodHRwOi8vY3JsLmdvZGFkZHkuY29tL2dkaWcyczMtNC5jcmwwXAYD | ||
| + | VR0gBFUwUzBIBgtghkgBhv1tAQcXAzA5MDcGCCsGAQUFBwIBFitodHRwOi8vY2Vy | ||
| + | dGlmaWNhdGVzLmdvZGFkZHkuY29tL3JlcG9zaXRvcnkvMAcGBWeBDAEBMHYGCCsG | ||
| + | AQUFBwEBBGowaDAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZ29kYWRkeS5jb20v | ||
| + | MEAGCCsGAQUFBzAChjRodHRwOi8vY2VydGlmaWNhdGVzLmdvZGFkZHkuY29tL3Jl | ||
| + | cG9zaXRvcnkvZ2RpZzIuY3J0MB8GA1UdIwQYMBaAFEDCvSeOzDSDMKIz1/tss/C0 | ||
| + | LIDOMIH5BgNVHREEgfEwge6CCWFoc2F5LmNvbYINd3d3LmFoc2F5LmNvbYIOc2hv | ||
| + | cC5haHNheS5jb22CEHd3dy51ay5haHNheS5jb22CFXBhcnRuZXJzLmFoc2F5LmNv | ||
| + | bS5jboINbG1wLmFoc2F5LmNvbYIVcGFydG5lcnMtdXMuYWhzYXkuY29tgg1wY3Au | ||
| + | YWhzYXkuY29tghVwYXJ0bmVycy11ay5haHNheS5jb22CDWlkcC5haHNheS5jb22C | ||
| + | DGtiLmFoc2F5LmNvbYIQd3d3LmFoc2F5LmNvbS5jboIPZm9ydW0uYWhzYXkuY29t | ||
| + | gg1saWMuYWhzYXkuY29tMB0GA1UdDgQWBBQU/GniKbSMjgEmaqndKdtzS0DqlDCC | ||
| + | AX8GCisGAQQB1nkCBAIEggFvBIIBawFpAHcAVhQGmi/XwuzT9eG9RLI+x0Z2ubyZ | ||
| + | EVzA75SYVdaJ0N0AAAFUO+sXggAABAMASDBGAiEA3hPo2F1QZZX75QIRGFlMbspW | ||
| + | n8MlmeM8k1TCYmHDie8CIQC0Eg8Z9duyg6RvYBT7ahtQ8eojA/7GsOpBoZKXDoK1 | ||
| + | NAB1AGj2mPgfZIK+OozuuSgdTPxxUV1nk9RE0QpnrLtPT/vEAAABVDvrGT0AAAQD | ||
| + | AEYwRAIgbj3ZWvwZL75Zx1Vd1sC4ZSZhAN1TfaIlecBS9Ie4K3ICICKTx2OTGWHO | ||
| + | spDVowj59LSWHDG5Z9c1B/bs9sRl5nUcAHcApLkJkLQYWBSHuxOizGdwCjw1mAT5 | ||
| + | G9+443fNDsgN3BAAAAFUO+scaAAABAMASDBGAiEA5MdV9o+iN4ecJnjCgA0qxhno | ||
| + | Mm5+9s5JUX+oKknk5pkCIQDwDkuAEcjEM4vouxZzAtqcozWikMJoTFn++vIFbrEZ | ||
| + | SzANBgkqhkiG9w0BAQsFAAOCAQEAcKpSovHqtpyAx5bKyXQRRh8Fyo/WTA0eBMc1 | ||
| + | 5KpgII49V6/ww1e6rmbMa3xVKqNEnjH4GaqGY2AZAx9iVr+NN+VFNroPUGqzpJ0B | ||
| + | ih9tLl/VCV/lvy67Chs7NHv3D1AEsrKJYUqpl0sQy/QhSIRAAa3bY8i7+MOfEYJt | ||
| + | ADa+254k6G19s99PvmBniepxuUy8x/9h7h7K4m+OIgXQaLXE6lr4LG50p/GOKx/I | ||
| + | 1feC6RUCx8gW9qBoTTl7M6o8Jb/SXUN6/mAVsronEG+yyqNXCcUQwNpaKJK5hMkz | ||
| + | 0EbBq1tS/VyTtW9z0g4vA1PQrgaqCLG/ZJIvBESf8wvsgfZNpA== | ||
| + | -----END CERTIFICATE----- | ||
| + | subject=/1.3.6.1.4.1.311.60.2.1.3=HK/businessCategory=Private Organization/serialNumber=0498825/C=HK/ST=Hong Kong/L=Kowloon/O=Ahsay Systems Corporation Limited/CN=ahsay.com | ||
| + | issuer=/C=US/ST=Arizona/L=Scottsdale/O=GoDaddy.com, Inc./OU=http://certs.godaddy.com/repository//CN=Go Daddy Secure Certificate Authority - G2 | ||
| + | --- | ||
| + | No client certificate CA names sent | ||
| + | Server Temp Key: ECDH, prime256v1, 256 bits | ||
| + | --- | ||
| + | SSL handshake has read 6160 bytes and written 289 bytes | ||
| + | --- | ||
| + | New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES256-SHA | ||
| + | Server public key is 2048 bit | ||
| + | Secure Renegotiation IS supported | ||
| + | Compression: NONE | ||
| + | Expansion: NONE | ||
| + | SSL-Session: | ||
| + | Protocol : TLSv1 | ||
| + | Cipher : ECDHE-RSA-AES256-SHA | ||
| + | Session-ID: 6914212983C0321AB9520FFC6E7515845D8836D7B185EF1D2363D3C7EAA85D48 | ||
| + | Session-ID-ctx: | ||
| + | Master-Key: 79BECEF9E2C3088F4928229047A21BE9E9239C32D2F79B4DB4FC7CF66098423D0EF0D64741E3075AEA62E9222D6DD4B2 | ||
| + | Key-Arg : None | ||
| + | Krb5 Principal: None | ||
| + | PSK identity: None | ||
| + | PSK identity hint: None | ||
| + | TLS session ticket lifetime hint: 300 (seconds) | ||
| + | TLS session ticket: | ||
| + | 0000 - 8c 55 8e c3 19 9a 34 14-63 67 66 aa 49 7b c9 41 .U....4.cgf.I{.A | ||
| + | 0010 - 3f 03 db c1 ec f9 db e1-b6 eb 4f 51 0c 3a 83 9b ?.........OQ.:.. | ||
| + | 0020 - 73 20 93 c1 41 6e 5a ac-f5 65 92 4f b8 92 fb ef s ..AnZ..e.O.... | ||
| + | 0030 - 2b 3d f7 f3 03 c8 3a b5-1b 52 9a 5a 43 ba 0a 7d +=....:..R.ZC..} | ||
| + | 0040 - 47 e8 6a 22 72 85 9d d2-f1 dd 9d 6d b5 65 8a 0a G.j"r......m.e.. | ||
| + | 0050 - 30 26 1b d9 55 8c 25 65-71 0b a5 1f 57 38 2b 71 0&..U.%eq...W8+q | ||
| + | 0060 - 81 f1 c0 4e bd 51 d3 43-b5 41 40 8f 71 3c 72 8d ...N.Q.C.A@.q<r. | ||
| + | 0070 - 5a c8 70 72 38 47 a0 b0-4a cd 8b e3 10 48 0c 2e Z.pr8G..J....H.. | ||
| + | 0080 - 44 a9 48 9e df 56 7a 9f-e5 00 f4 37 f2 59 ee 2f D.H..Vz....7.Y./ | ||
| + | 0090 - eb 3a 33 7b 1e 26 09 d9-cd a4 d8 2e 30 51 80 1a .:3{.&......0Q.. | ||
| + | 00a0 - 72 78 ae 0a a8 48 bd 0a-ca 16 23 8a e9 44 db ce rx...H....#..D.. | ||
| + | |||
| + | Start Time: 1503557290 | ||
| + | Timeout : 7200 (sec) | ||
| + | Verify return code: 0 (ok) | ||
| + | --- | ||
| + | closed | ||
| + | </code> | ||
| + | |||
| + | === FreeBSD === | ||
| + | To verify connection to the Ahsay license server, use the fetch command. If the connection is successful, you will see the following message. | ||
| + | <code> | ||
| + | # fetch https://lic.ahsay.com/alsIndex.htm | ||
| + | alsIndex.htm 100% of 782 B 3336 kBps 00m00s | ||
| + | </code> | ||
| + | |||
| + | You also need to open the alsIndex.htm to verify the contents. You can open it by using a text editor like vi. | ||
| + | <code> | ||
| + | # vi alsIndex.htm | ||
| + | <html>^M | ||
| + | <head>^M | ||
| + | <meta http-equiv="Content-Type" content="text/html; charset=windows-1252">^M | ||
| + | <meta http-equiv="Content-Language" content="en-us">^M | ||
| + | <meta name="GENERATOR" content="Microsoft FrontPage 4.0">^M | ||
| + | <meta name="ProgId" content="FrontPage.Editor.Document">^M | ||
| + | <title>Welcome to lic.ahsay.com</title>^M | ||
| + | </head>^M | ||
| + | <body>^M | ||
| + | <h1>Welcome to lic.ahsay.com</h1>^M | ||
| + | <p>You have reached the Ahsay Licensing Server successfully. If you are seeing this from a browser running on AhsayOBS, please try the following steps: </p>^M | ||
| + | <ol>^M | ||
| + | <li>Logon to AhsayOBS Administration Console</li>^M | ||
| + | <li>Browse to [Manage System] -> [Software License] page</li>^M | ||
| + | <li>Press the [Update] button to obtain new license information from this license server</li>^M | ||
| + | </ol>^M | ||
| + | ^M | ||
| + | </body>^M | ||
| + | </html>^M | ||
| + | </code> | ||
| + | </WRAP> | ||
| + | |||
| + | ---- | ||
| + | |||
| + | ===== Documentation ===== | ||
| + | |||
| + | * All documentation related to AhsayCBS are available [[https://www.ahsay.com/jsp/en/downloads/ahsay-downloads_documentation_guides.jsp|here]]. | ||
| + | |||
| + | |||
| + | <HTML> | ||
| + | <!-- | ||
| ===== FAQs ===== | ===== FAQs ===== | ||
| - | * [[|General overview on structure of backup account profiles (version 7 or above)]] | ||
| - | * [[|General overview on structure of backup data (version 7 or above)]] | ||
| - | * [[|General overview on changes to AhsayACB from v6 to v7 or above]] | ||
| * [[public:5002_faq:how_to_modify_the_java_heap_size_of_ahsaycbs|How to modify the Java heap size of AhsayCBS?]] | * [[public:5002_faq:how_to_modify_the_java_heap_size_of_ahsaycbs|How to modify the Java heap size of AhsayCBS?]] | ||
| * [[public:5005_faq:frequently_asked_questions_about_ahsay_cloud_backup_suite_7|Frequently Asked Questions about Ahsay Cloud Backup Suite 7.3]] | * [[public:5005_faq:frequently_asked_questions_about_ahsay_cloud_backup_suite_7|Frequently Asked Questions about Ahsay Cloud Backup Suite 7.3]] | ||
| Line 80: | Line 617: | ||
| * [[public:5228_issue:ahsaycbs_failed_to_access_destination_amazons3-1._reason_access_denied_error_returned_when_creating_predefined_destination_for_amazons3|AhsayCBS “Failed to access destination AmazonS3-1. Reason=Access Denied” error returned when creating predefined destination for AmazonS3]] | * [[public:5228_issue:ahsaycbs_failed_to_access_destination_amazons3-1._reason_access_denied_error_returned_when_creating_predefined_destination_for_amazons3|AhsayCBS “Failed to access destination AmazonS3-1. Reason=Access Denied” error returned when creating predefined destination for AmazonS3]] | ||
| * [[public:5236_issue:after_a_reboot_of_a_linux_ahsaycbs_server_the_ahsaycbs_nfs_service_is_not_automatically_starting_up|After a reboot of a Linux AhsayCBS server the AhsayCBS NFS service is not automatically starting up]] | * [[public:5236_issue:after_a_reboot_of_a_linux_ahsaycbs_server_the_ahsaycbs_nfs_service_is_not_automatically_starting_up|After a reboot of a Linux AhsayCBS server the AhsayCBS NFS service is not automatically starting up]] | ||
| - | * [[public:5274_issue:shared_object_libstdc_.so.6_not_found_required_by_nfsfbdx64_error_when_starting_up_the_ahsaycbs_nfs_service_on_freebsd_10|ISSUE:"Shared object "libstdc++.so.6" not found, required by "NfsFbdX64" error when starting up the AhsayCBS NFS service on FreeBSD 10]] | + | * [[public:5274_issue:shared_object_libstdc_.so.6_not_found_required_by_nfsfbdx64_error_when_starting_up_the_ahsaycbs_nfs_service_on_freebsd_10|ISSUE:"Shared object "libstdc++.so.6" not found, |
| + | * required by "NfsFbdX64" error when starting up the AhsayCBS NFS service on FreeBSD 10]] | ||
| + | |||
| + | --> | ||
| + | </HTML> | ||
| + | |||
| + | |||
public/ahsaycbs.1565253920.txt.gz · Last modified: 2019/08/08 16:45 by ronnie.chan