Ransomware attackers specifically target and attempt to destroy backup systems to increase the probability of payment. Hardening your system is critical. Please ensure you have reviewed your platform security using the Security Hardening Checklist
Cohesity

COHESITY Documentation

Explore our documentation to get started, discover products & new features, access troubleshooting guides, register sources, platforms support.

Products
Data Security Alliance
Visit Cohesity.com
Demos
Support
Blogs
Developers
Partner Portals
Cohesity Community
© 2026 Cohesity, Inc. All Rights Reserved.
Terms of Use|
Privacy Policy|
Legal|
  1. Home
  3. Veritas NetBackup™ Commands Reference Guide
  5. Appendix A. NetBackup Commands
  7. bptestbpcd
Veritas NetBackup™ Commands Reference Guide

Name

bptestbpcd — test bpcd connections and verify connect options

SYNOPSIS

bptestbpcd [-host hostname] [-client client_name] [-M server] [-connect_options 0|1|2 0|1|2 0|1|2|3] [-connect_timeout seconds [-wait_to_close seconds] [-verbose]

 

On UNIX systems, the directory path to this command is /usr/openv/netbackup/bin/admincmd/

On Windows systems, the directory path to this command is install_path\NetBackup\bin\admincmd\

DESCRIPTION

The bptestbpcd command tries to establish a connection from a NetBackup server to the bpcd daemon on a NetBackup host or client. If successful, it reports information about the sockets that are established.

The first line of output consists of three digits that represent the effective connect options. These digits are only relevant when you connect to bpcd on the local host.

  • The first digit is 0 if reserved source port is used and 1 if non-reserved port is used.

  • The second digit is 0 if you use legacy (random port) callback and 1 if you use vnetd callback.

  • The third digit is 1 if the connection is initiated to the PBX or vnetd port number. The third digit is 2 if the connection is initiated to the legacy bpcd port number.

The other output lines display the items shown:

  • The NetBackup server IP address and port number.

  • The connection direction.

  • The bpcd IP address and port number.

  • Whether the communication was encrypted by a local connection to the secure proxy process.

OPTIONS

-connect_options 0|1|2 0|1|2|3 0|1|2|3

The first setting indicates the type of source port to use when you connect to bpcd on the host or client. If you use the traditional callback method, this setting also designates the type of server port on which to listen for the inbound connection.

Note:

This option is only useful when you test connectivity to bpcd on the local host.

0 = Use a reserved port number.

1 = Use a nonreserved port number.

2 = Use the value in the DEFAULT_CONNECT_OPTIONS configuration entry on the server.

The second setting indicates the bpcd call-back method to use to connect to the client:

0 = Use the traditional call-back method.

1 = Use the vnetd no call-back method.

2 = Use the value that the DEFAULT_CONNECT_OPTIONS configuration entry on the server defines.

The third setting indicates the connection method to use to connect the host or client:

0 = Connect to the host or client through the PBX port (1556). If unsuccessful, connect through the vnetd port (13724). If still unsuccessful, connect through the daemon port (13782).

1 = Connect to the host or client through the PBX port (1556). If unsuccessful, connect through the vnetd port (13724). If still unsuccessful, fail the connection attempt.

2 = Connect to the host or client through the daemon port (13782).

3 = Use the value that the DEFAULT_CONNECT_OPTIONS configuration entry on the server defines.

If -connect_options is not specified for -client, any CONNECT_OPTIONS configured in the Client Attributes for clientname are used. Otherwise, any CONNECT_OPTIONS for clientname are used. Otherwise, the DEFAULT_CONNECT_OPTIONS are used.

-client client_name

The client name of the system to connect to. This option creates the same legacy connections to bpcd that would normally be used when you connect to a NetBackup client for a multiplex backup. If neither -host nor -client is specified, the host name of the local system is used.

-connect_timeout seconds

Specifies the number of seconds to wait for a connection attempt from the server to the host or client to fail. If not specified, the default is the CLIENT_CONNECT_TIMEOUT that is configured on the server that tries to make the connection.

-host hostname

Specifies the host name of the system to connect to. Typically, hostname is the host name of a NetBackup server. This option creates the same legacy connections to bpcd that would normally be used when you connect to a NetBackup server. If neither -host nor -client is specified, the host name of the local system is used.

-M server

Specifies the host name of the NetBackup server that initiates the connections to the target host or client. If this option is not specified, the local host makes the connections. If it is specified, the local host connects to bpcd on the specified server, which then connects to bpcd on the target host or client.

-wait_to_close seconds

Specifies the number of seconds that the server waits before it closes the connections to bpcd on the target host or client. The default is 0 (no waiting).

-verbose

After successfully connecting to bpcd on the target host or client, request and display key configuration information from the remote host. This information can include: The host name, client name, master server, peer name for the connecting server, operating system, NetBackup version, and the host id certificate information used each host for the connection.

EXAMPLES

Example 1 - Try to connect from the local system to server fred using secure connections:

# bptestbpcd -host fred
1 1 1
127.0.0.1:49613 -> 127.0.0.1:51195 PROXY 10.0.0.32:38828 -> 10.0.0.59:1556
127.0.0.1:53454 -> 127.0.0.1:52214 PROXY 10.0.0.32:54869 -> 10.0.0.59:1556

Example 2 - Request the server fred to connect to the insecure back-level (pre-8.1) host wilma as a client by using the daemon port and no-call-back method. If successful, display the key configuration from wilma. Notice that the daemon connect options are ignored, connections are by PBX or vnetd:

$ bptestbpcd -M fred -client wilma -connect_options 1 1 2 -verbose
1 1 2
10.0.0.59:36207 -> 10.0.0.104:1556
10.0.0.59:61847 -> 10.0.0.104:1556
PEER_NAME = fred
HOST_NAME = wilma
CLIENT_NAME = wilma
VERSION = 0x07730000
PLATFORM = solaris10
PATCH_VERSION = 7.7.3.0 
SERVER_PATCH_VERSION = 7.7.3.0 
MASTER_SERVER = wilma
EMM_SERVER = wilma
NB_MACHINE_TYPE = MASTER_SERVER
10.0.0.59:43948 -> 10.0.0.104:1556

Example 3 - Request the server valbl8 to connect to the server host valbl7. Notice that the connect options that are user requested are ignored for communication between secure capable hosts. The connections are by a local host connection to the secure proxy process. The secure proxy process then secures the communication with the remote host. The connection to the remote host is made through the PBX or vnetd ports. Some key fields from the certificates, used to secure the connection, are included in the output. 

# bptestbpcd -host valbl7  - verbose -connect_options 1 1 2
1 1 2
127.0.0.1:48579 -> 127.0.0.1:38397 PROXY 10.0.91.128:62115 -> 
10.0.91.127:1556
127.0.0.1:44938 -> 127.0.0.1:59742 PROXY 10.0.91.128:39806 -> 
10.0.91.127:1556
LOCAL_CERT_ISSUER_NAME = /CN=broker/OU=root@valbl8.min.veritas.com/O=vx
LOCAL_CERT_SUBJECT_COMMON_NAME = 59a8584a-2f88-4a21-8d91-62ceebc40c29
PEER_CERT_ISSUER_NAME = /CN=broker/OU=root@valbl8.min.veritas.com/O=vx
PEER_CERT_SUBJECT_COMMON_NAME = 4f0f2f15-1cde-4acd-9c82-9bd212741970
PEER_NAME = 10.0.91.128
HOST_NAME = valbl7
CLIENT_NAME = valbl7
VERSION = 0x08100000
PLATFORM = solaris_x86_10_64
PATCH_VERSION = 8.1
SERVER_PATCH_VERSION = 8.1
MASTER_SERVER = valbl8
EMM_SERVER = valbl8
NB_MACHINE_TYPE = MEDIA_SERVER

Feedback

Was this page helpful?
Previous

bpsturep

Next

bptestnetconn

Feedback

Was this page helpful?