Requirements to set up a Client interface in P5
Posted by Sven Koester, Last modified by Andre Kuehnemund on 13 December 2019 17:35
This article describes the IP network requirements to set up a connection between a P5 server and a client.

On most supported platforms, P5 sets up a TCP/IP connection from the server to the clients over port 8000. In order to achieve that, the following requirements must be fulfilled:
  1. The client must be reacheable via IP protocol. This requires that either the client's IP address is entered in the client configuration, or the client name must be entered and that client name must be resolved by DNS to the correct client address. Please test IP requirements like routing and name resolution outside of P5 with the ping utility (see man ping or for windows users ping /?).
  2. The IP port that is used on the client site (port 8000 by default) must be reachable. Please note that the connection is set up from the server to the client, this is a bit unusual. When configuring a firewall, allow on the P5 server site outgoing connections on port 8000 and on the client side incoming connections on port 8000.
  3. The connection between server and client may remain open for a long time (hours) without traffic. Because of this, some Network connections like NAT/PAT mappers consider the line to be inactive and close it. This behaviour is not supported.
The following questions and answers shall help to understand this concept in more detail:

Q: Can I backup clients with a dynamic IP address, e.g. a DHCP client?
A: Yes. Just enter the client name in the client configuration on the P5 server and ensure the name is correctly resolved to an IP address by DNS (domain name service).

Q: Must I provide a VPN (Virtual privacy network)?
A: This is not required from a technical point of view. However some network administrators do not allow connections other than through a VPN.
 
Q: Can I use Port mapping (PAT) or Address Mapping (NAT)?
A: Yes, this may make it necessary to set a different client address or port in the client configuration dialog. Please be aware that such mappers may not close allegedly inactive lines.

Q: When do I need data transfer compression ?
A: Data compression can be helpful when transferring data over a slow line like an internet connection or a leased line the compressed data is smaller and thus can be transferred faster, but the compression costs CPU power. Please note that data compression makes no sense when either:
- Most of the data is already in compressed format (like mpeg or jpeg files), or
- When the line already operates with data compression.

Q: Where should I use transfer encryption ?
A: P5 supports data transfer encryption. This means that data is encrypted by the sender and decrypted by the receiver. This method makes sense when data is transferred over the internet without external security mechanisms like VPN. The use of encryption when server and client are inside a VPN or inside a (local) LAN is usually not required.

Q: How does the client connect to the server?
A: It does not. The server establishes a connection to the client. In case the client needs to communicate to the server, it uses that existing line.


Q: What can I do when the connection breaks down unexpectedly or the line slows down after a while without visible reason?
A: Many active components in modern IP networks have small buffers which are very helpful when surfing the internet. When running P5 (e.g. Synchronize or Backup), the amount of data is huge and these buffers are too small, namely when there is a part of the line slower than another (e.g. when using a small internet connection to connect to fast LANs). This effect may cause decreased data transfer rates or connection breaks. We had reports from multiple sites that it may help to reduce the bandwidth in the P5 client configuration screen to reduce such effects and increase the data transfer time.


(427 vote(s))
Helpful
Not helpful

Comments (0)
Post a new comment
 
 
Full Name:
Email:
Comments:
CAPTCHA Verification 
 
Please enter the text you see in the image into the textbox below (we use this to prevent automated submissions).