[Box Backup] bbstored/bbackupd communication ports

Robert Shaw boxbackup@fluffy.co.uk
Wed, 19 Jan 2005 15:03:48 -0800 

Hi Chris,

Actually, I did some more playing around. I think I have a problem with 
one of my forwards. I can get it to work in one case, but not another. 
For explanation sake, let me define the following:

workserver  - server I SSH to that has connection to the internet
homeserver - my server at home on the internet that is running bbstored
laptop - my laptop

If I do the following (method A):

1. Open port 2201 on my router to allow homeserver:2201 access from the 
outside.
2. ssh workserver -L 2201:homeserver:2201
3. This works.

However, if I do the following (method B):

1. Close port 2201 on my router to not allow homeserver:2201 access 
from outside.
2. ssh workserver -L 8022:homeserver:22
3. ssh -p 8022 laptop -L 2201:localhost:2201
4. This does not work.

This allows me to still forward 2201 from home to my laptop, but not 
have to have port 2201 open on my router.

Now, you're probably wondering why I would do the above. This is so I 
minimize what ports are open to the outside world. I would prefer that 
2201 not be open to the outside world, BUT after thinking about it, 
maybe this is safe to do because boxbackup uses SSL keys. My question 
would be, is it safe?

However, I don't see why the second method would not work. It is how I 
forward everything else, and it works. So I'm a little puzzled.

To answer your questions:

On Jan 19, 2005, at 2:16 PM, Chris Wilson wrote:
> Could you check that you can telnet to localhost port 2201 on the 
> client? If not, then it's something wrong with your port forwarding. I 
> assumed
> that the machine you were connecting to by ssh was the same machine 
> running bbstored; if not, you will need to change the ssh command line 
> accordingly (change the second "server" to the IP address of the 
> bbstored server).

The telnet to localhost port 2201 works for method A, but not for 
method B. The definition of methods above should make it clear what I'm 
doing.

> If you can telnet to port 2201 on the client, then the problem is 
> probably something in your boxbackup configuration. Did you properly 
> configure the client so that it thinks the server name is "localhost"?

I actually have an alias for my server to 127.0.0.1, so I didn't need 
to change this. I tried both though with no change.

> Do you see anything in the server's logs when the client connects? How 
> about when you telnet to localhost port 2201 on the client?

Only with method A, not method B.

> Can you connect from client to server when they are on the same 
> network?

Yes.

-Robert