This article will show you how to backup and restore your Juniper NSM. This article was written using NSM version 2008.2r1.
Within NSM the HighAvailSvr contains processes that run in both HA and non-HA mode and handles database backups and a watchdog daemon to restart NSM processes in case of failure.
Backup
Even though you will have your NSM configured to run automated backups. You may need to run a manual backup before making any major changes (such as upgrades etc).
To create a manual backup run the following,
[root@localhost /]# sudo -u nsm /usr/netscreen/HaSvr/utils/replicateDb backup
This should run through and create a manual backup. If not you may get the following error,
[root@localhost utils]# sudo -u nsm /usr/netscreen/HaSvr/utils/replicateDb backup
Got arguments: backup. This might take a while to process …
Ha/Backup: FAIL
This will most likey be down to permission issues. The following should help you resolve the issue,
- Error Log – /usr/netscreen/HaSvr/bin/.backupDoLocal.result
- Locate the problem files – find /usr/netscreen /var/netscreen ! -group nsm ! -user nsm
- Run the setperm/rync scripts. Steps can be found in the Juniper Knowledge base KB12188
Its worth noting that you may find no files using the find command which are not owned by nsm and also you may receive little or no errors in the logs to help you troubleshoot the issue.
In this instance you will need to stop all servers and run the set permissions scripts, this will require you running the following commands,
[root@localhost ~]# cd /usr/netscreen/HaSvr/utils
[root@localhost ~]# ./restoreDbFromBackup.sh /var/netscreen/dbbackup/[backup]
Useful Files
| /usr/netscreen/HaSvr/bin/.haDoLocal.result | Logfile – Contains the syntax used to perform the local daily backup. |
| /usr/netscreen/HaSvr/bin/.backupDoLocal.result | Logfile – Contains Rsync errors. |
| /usr/netscreen/HaSvr/var/errorLog/backup.log | Logfile – Contains the replicateDb script log. |
| /usr/netscreen/HaSvr/utils/setRsyncUser | Script – Set rsync user script |
| /usr/netscreen/GuiSvr/utils/setperms.sh | Script – Set permissions script |
| /var/netscreen/dbbackup/exclude.rsync | Configuration file – Exclude folders from local backup. |
| /usr/netscreen/HaSvr/var/haSvr.cfg | Configuration file – Backup configuration file. |
| /var/netscreen/dbbackup/ | Directory – Default backup directory. |
- How to Configure a BIND Server on Ubuntu - March 15, 2018
- What is a BGP Confederation? - March 6, 2018
- Cisco – What is BGP ORF (Outbound Route Filtering)? - March 5, 2018
Want to become an IT Security expert?
Here is our hand-picked selection of the best courses you can find online:
Internet Security Deep Dive course
Complete Cyber Security Course – Hackers Exposed
CompTIA Security+ (SY0-601) Certification Complete course
and our recommended certification practice exams:
AlphaPrep Practice Tests - Free Trial