cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Changes in the sqlnet.ora file

Go to solution
Former Member

on ‎09-19-2010 4:53 PM

0 Kudos

Hi,

We add had made the changes to the file sqlnet.ora file.I had one doubt as how to test whether it is fine or not.

TCP.VALIDNODE_CHECKING

and TCP.INVITED_NODES

After making the changes we had done lsnrctl reload.

Then i was able to login into the system so does that mean everything is fine or anyother checks are required.Thanks.

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

lbreddemann
Active Contributor
‎09-19-2010 5:58 PM
0 Kudos

> We add had made the changes to the file sqlnet.ora file.I had one doubt as how to test whether it is fine or not.

>

> TCP.VALIDNODE_CHECKING

> and TCP.INVITED_NODES

> Then i was able to login into the system so does that mean everything is fine or anyother checks are required.Thanks.

Ok, let's leave aside that there is really good documentation for all the SQLNET-Parameters in the official Oracle documentation.

Instead, let's think about what you have right now and what it is that you want:

- you changed the parameter file

- you restarted the listener - no error message

- you sucessfully connected to the database

So you already reached the "no error message occurs"-state.

Now, you want some more confirmation that your change was indeed correct and sucessfull.

For that you obviously have to test, whether the valid node checking actually does it's job.

Therefore, you should at least try to connection from

a) one host that is actually invited

and

b) one host that is not invited.

(of course you could also try every invited node and a bunch of uninvited ones - just depends on your available time...)

regards,

Lars

Show replies
Show replies
Former Member
‎09-20-2010 8:09 AM
0 Kudos

Lars,

Thanks as always well appreciated.

How do i check for the uninvited nodes and invited nodes R3trans -d would do or else we require something more.Thanks.

And for checking the uninvited nodes how should we check.Suppose i have 3 app servers so should i keep 2 in valid node and should i try from the 3rd app server because the host is not maintained it should not work is that what you meant.

Regards,

Ambarish.A

lbreddemann
Active Contributor
‎09-20-2010 9:35 AM
0 Kudos

> How do i check for the uninvited nodes and invited nodes R3trans -d would do or else we require something more.Thanks.

R3trans -x or even sqlplus / would do.

The settings you've set up are just about sqlnet-connections. So, you all you've to test out is to create sqlnet connections (a.k.a. connections to the database).

> And for checking the uninvited nodes how should we check.Suppose i have 3 app servers so should i keep 2 in valid node and should i try from the 3rd app server because the host is not maintained it should not work is that what you meant.

You can either do it that way or take some other host (like your own workstation) and try to connect to the database.

regards,

Lars

Former Member
‎09-21-2010 7:23 AM
0 Kudos

Lars,

Thanks as always your response very well appreciated.

I was facing issues like we have a system where the central instance has a virtual host name so should it also be added into the file.Thanks.

Former Member
‎09-21-2010 10:43 AM
0 Kudos

Hi Lars,

Do we have specific note for the same.Since the current host has around 2 virtual host names and one physical host name.Thanks.

lbreddemann
Active Contributor
‎09-21-2010 10:58 AM
0 Kudos

> Do we have specific note for the same.Since the current host has around 2 virtual host names and one physical host name.Thanks.

What do you want a note for?

This is standard Oracle functionality...

Check the Oracle documentation e.g. [here|http://download.oracle.com/docs/cd/E11882_01/network.112/e10835/sqlnet.htm#NETRF238].

If you don't want to use hostnames, you may also just use the IP-addresses...

regards,

Lars

Former Member
‎09-21-2010 6:27 PM
0 Kudos

Hi Lars,

The problem with IP addresses would come when we would use DR test.I asked for a sap note since during the weekend we faced an issue because the virtual hosts were not included in the file.Thanks.

Former Member
‎09-23-2010 4:53 AM
0 Kudos

Hi Eric,

I had one doubt you said that database restart is not required.Could you please share with us the info as to how you know it.Thanks.

former_member204746
Active Contributor
‎09-23-2010 4:33 PM
0 Kudos

Ambarish annapureddy

how do I know this?

training and experience.

What a strange question...

Former Member
‎09-24-2010 8:29 AM
0 Kudos

Thanks Eric.

Answers (1)

Answers (1)

volker_borowski2
Active Contributor
‎09-19-2010 7:12 PM
0 Kudos

Hi,

a test for this can be done as follows:

watch the listener.log with i.e. "tail -f"

From each application server issue a "R3trans -d" as sidadm.

This MUST succeed, because an applicationserver is clearly to be allowed to connect to the DB.

If you get errors, something is wrong.

This part is the "positive" test.

No you go to any other system with a sqlplus on it and not entered as an invited node.

A good idea might be to use the development system, because it normally should not

connect to the production database (special cases like DB13C or CCMS central stuff set aside).

Become orasid there and get a seperate shell and make sure you do nothing else in this shell.

Copy tnsnames.ora and sqlnet.ora to a directory of your choice ( /oracle/tns_intrusion_test )

Make TNS_ADMIN point to this directory ONLY for THIS running shell, not as a permanant change.

Adapt the copied tnsnames.ora, so that the settings for the connection to producion are in.

Issue a "sqlplus sapsr3@PRD"

You should find a message in the listener.log of production that the connection has been rejected.

Close this shell!

Hope this helps

Volker

Show replies
Show replies
Former Member
‎09-20-2010 8:03 AM
0 Kudos

Hi Volker,

I thought that R3trans -d is not enough may be something more we require.

Will check as you say.Thanks.

former_member759680
Contributor
‎09-22-2010 3:55 PM
0 Kudos

we are planning this same change in sqlnet.ora and this was a very helpful thread.

Just 1 question -

after making changes to sqlnet.ora, is listener restart sufficient for the changes to take effect or do we need to restart the database as well?

*From Eric brunelle: listener restart is sufficient please do not hijack threads*

Edit: Thanks for the info Eric.

Also, in my opinion it's better to have all the info about a topic in the same thread, rather than creating a new thread to complement the primary topic.

But I'll follow the 'Rule' henceforth.

Edited by: Gautam Poddar on Sep 22, 2010 5:35 PM

Ask a Question