Skip to Content
avatar image
Former Member

Changes in the sqlnet.ora file

Hi,

We add had made the changes to the file sqlnet.ora file.I had one doubt as how to test whether it is fine or not.

TCP.VALIDNODE_CHECKING

and TCP.INVITED_NODES

After making the changes we had done lsnrctl reload.

Then i was able to login into the system so does that mean everything is fine or anyother checks are required.Thanks.

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

2 Answers

  • Best Answer
    Sep 19, 2010 at 04:58 PM

    > We add had made the changes to the file sqlnet.ora file.I had one doubt as how to test whether it is fine or not.

    >

    > TCP.VALIDNODE_CHECKING

    > and TCP.INVITED_NODES

    > Then i was able to login into the system so does that mean everything is fine or anyother checks are required.Thanks.

    Ok, let's leave aside that there is really good documentation for all the SQLNET-Parameters in the official Oracle documentation.

    Instead, let's think about what you have right now and what it is that you want:

    - you changed the parameter file

    - you restarted the listener - no error message

    - you sucessfully connected to the database

    So you already reached the "no error message occurs"-state.

    Now, you want some more confirmation that your change was indeed correct and sucessfull.

    For that you obviously have to test, whether the valid node checking actually does it's job.

    Therefore, you should at least try to connection from

    a) one host that is actually invited

    and

    b) one host that is not invited.

    (of course you could also try every invited node and a bunch of uninvited ones - just depends on your available time...)

    regards,

    Lars

    Add comment
    10|10000 characters needed characters exceeded

  • Sep 19, 2010 at 06:12 PM

    Hi,

    a test for this can be done as follows:

    watch the listener.log with i.e. "tail -f"

    From each application server issue a "R3trans -d" as sidadm.

    This MUST succeed, because an applicationserver is clearly to be allowed to connect to the DB.

    If you get errors, something is wrong.

    This part is the "positive" test.

    No you go to any other system with a sqlplus on it and not entered as an invited node.

    A good idea might be to use the development system, because it normally should not

    connect to the production database (special cases like DB13C or CCMS central stuff set aside).

    Become orasid there and get a seperate shell and make sure you do nothing else in this shell.

    Copy tnsnames.ora and sqlnet.ora to a directory of your choice ( /oracle/tns_intrusion_test )

    Make TNS_ADMIN point to this directory ONLY for THIS running shell, not as a permanant change.

    Adapt the copied tnsnames.ora, so that the settings for the connection to producion are in.

    Issue a "sqlplus sapsr3@PRD"

    You should find a message in the listener.log of production that the connection has been rejected.

    Close this shell!

    Hope this helps

    Volker

    Add comment
    10|10000 characters needed characters exceeded

    • we are planning this same change in sqlnet.ora and this was a very helpful thread.

      Just 1 question -

      after making changes to sqlnet.ora, is listener restart sufficient for the changes to take effect or do we need to restart the database as well?

      *From Eric brunelle: listener restart is sufficient please do not hijack threads*

      Edit: Thanks for the info Eric.

      Also, in my opinion it's better to have all the info about a topic in the same thread, rather than creating a new thread to complement the primary topic.

      But I'll follow the 'Rule' henceforth.

      Edited by: Gautam Poddar on Sep 22, 2010 5:35 PM