on 09-19-2010 4:53 PM
Hi,
We add had made the changes to the file sqlnet.ora file.I had one doubt as how to test whether it is fine or not.
TCP.VALIDNODE_CHECKING
and TCP.INVITED_NODES
After making the changes we had done lsnrctl reload.
Then i was able to login into the system so does that mean everything is fine or anyother checks are required.Thanks.
> We add had made the changes to the file sqlnet.ora file.I had one doubt as how to test whether it is fine or not.
>
> TCP.VALIDNODE_CHECKING
> and TCP.INVITED_NODES
> Then i was able to login into the system so does that mean everything is fine or anyother checks are required.Thanks.
Ok, let's leave aside that there is really good documentation for all the SQLNET-Parameters in the official Oracle documentation.
Instead, let's think about what you have right now and what it is that you want:
- you changed the parameter file
- you restarted the listener - no error message
- you sucessfully connected to the database
So you already reached the "no error message occurs"-state.
Now, you want some more confirmation that your change was indeed correct and sucessfull.
For that you obviously have to test, whether the valid node checking actually does it's job.
Therefore, you should at least try to connection from
a) one host that is actually invited
and
b) one host that is not invited.
(of course you could also try every invited node and a bunch of uninvited ones - just depends on your available time...)
regards,
Lars
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Lars,
Thanks as always well appreciated.
How do i check for the uninvited nodes and invited nodes R3trans -d would do or else we require something more.Thanks.
And for checking the uninvited nodes how should we check.Suppose i have 3 app servers so should i keep 2 in valid node and should i try from the 3rd app server because the host is not maintained it should not work is that what you meant.
Regards,
Ambarish.A
> How do i check for the uninvited nodes and invited nodes R3trans -d would do or else we require something more.Thanks.
R3trans -x or even sqlplus / would do.
The settings you've set up are just about sqlnet-connections. So, you all you've to test out is to create sqlnet connections (a.k.a. connections to the database).
> And for checking the uninvited nodes how should we check.Suppose i have 3 app servers so should i keep 2 in valid node and should i try from the 3rd app server because the host is not maintained it should not work is that what you meant.
You can either do it that way or take some other host (like your own workstation) and try to connect to the database.
regards,
Lars
> Do we have specific note for the same.Since the current host has around 2 virtual host names and one physical host name.Thanks.
What do you want a note for?
This is standard Oracle functionality...
Check the Oracle documentation e.g. [here|http://download.oracle.com/docs/cd/E11882_01/network.112/e10835/sqlnet.htm#NETRF238].
If you don't want to use hostnames, you may also just use the IP-addresses...
regards,
Lars
Hi,
a test for this can be done as follows:
watch the listener.log with i.e. "tail -f"
From each application server issue a "R3trans -d" as sidadm.
This MUST succeed, because an applicationserver is clearly to be allowed to connect to the DB.
If you get errors, something is wrong.
This part is the "positive" test.
No you go to any other system with a sqlplus on it and not entered as an invited node.
A good idea might be to use the development system, because it normally should not
connect to the production database (special cases like DB13C or CCMS central stuff set aside).
Become orasid there and get a seperate shell and make sure you do nothing else in this shell.
Copy tnsnames.ora and sqlnet.ora to a directory of your choice ( /oracle/tns_intrusion_test )
Make TNS_ADMIN point to this directory ONLY for THIS running shell, not as a permanant change.
Adapt the copied tnsnames.ora, so that the settings for the connection to producion are in.
Issue a "sqlplus sapsr3@PRD"
You should find a message in the listener.log of production that the connection has been rejected.
Close this shell!
Hope this helps
Volker
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
we are planning this same change in sqlnet.ora and this was a very helpful thread.
Just 1 question -
after making changes to sqlnet.ora, is listener restart sufficient for the changes to take effect or do we need to restart the database as well?
*From Eric brunelle: listener restart is sufficient please do not hijack threads*
Edit: Thanks for the info Eric.
Also, in my opinion it's better to have all the info about a topic in the same thread, rather than creating a new thread to complement the primary topic.
But I'll follow the 'Rule' henceforth.
Edited by: Gautam Poddar on Sep 22, 2010 5:35 PM
User | Count |
---|---|
93 | |
10 | |
10 | |
9 | |
9 | |
7 | |
6 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.