Why does my backup appear as 100% complete, but not report as successful?
I have an IPTABLES firewall between my Administrator system and the Client I am backing up. When I run a backup job, the backup status will reach 100% complete, but the backup job never completes successfully.
The IPTABLES firewall has a timeout setting of 2 minutes for half-closed connections. This should be set to something larger, we are suggesting 2 days. It is our understanding that in the 2.6 kernel and later the default is 2 days.
To change the timeout to 2 days you will need to recompile the ip_conntrack_proto_tcp loadable kernel module and change the value of TCP_CONNTRACK_FIN_WAIT to 2 DAYS.
1. Edit the following line in /usr/src/[release]/net/ipv4/netfilter/ip_conntrack_proto_tcp.c
2 MINS, /* TCP_CONNTRACK_FIN_WAIT, */
2 DAYS, /* TCP_CONNTRACK_FIN_WAIT, */
2. Recompile the kernel or only this module (below command recompiles only this module).
# cd /usr/src/[release]
# make modules SUBDIRS=net/ipv4/netfilter
# make modules_install
3. Reboot the system. Your IPTABLES firewall will now be configured with 2 DAYS as the timeout for half-closed connections.
It may also be possible to directly modify these values without having to recompile the kernel or the module. This is know to work with RHEL4.
# echo 172800 >/proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_timeout_fin_wait
# echo 7200 >/proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_timeout_close_wait