oracle|防火墙
近来由于工作需要,在Windows XP平台上安装了Oracle9i数据库作为测试之用,一切正常。但当客户机连接服务器时却总是超时,我首先想到了防火墙,当我打开1521端口时,连接操作仍然失败。我又怀疑网络有问题,用telnet server_ip:1521尝试,连接被接受,说明1521端口已经被打开。
没有办法,查询Oracle资料后才明白,network listener 只起一个中介作用,当客户连接它时,它根据配置寻找到相应的数据库实例进程,然后spawned一个新的数据库连接,这个连接端口由network listener传递给客户机,此后客户机就不再和打交道了,即使listener停止了工作。这个新的连接端口是不可预知的,因而会被防火墙阻止。
Windows Socket2 规范有一个新的特性,就是Shared Socket, 所谓共享套接字是指一个进程共享另一个进程的套接字(详见MSDN相关参考)。如果让network listener与数据库服务进程共享套接字,那么连接端口就不会变化。
如何设置 Shared Socket?
在注册表:HKEY_LOCAL_MACHINE OFTWARE\ORACLE\HOME0上新建一个字符串值:USE_SHARED_SOCKET=true。如果安装了多个目录,则每个类似的目录都要设置:HKEY_LOCAL_MACHINE OFTWARE\ORACLE\HOMEx (x目录编号)
设置后要求重新启动实例(只重启listener发现没有效果)
引用资料:
http://www.computer-book-authors.org/aud_450.htm
典型问题:
http://www.lazydba.com/oracle/0__37815.html
when a client connects to a listener it uses port 1521 at the client machine. the listener then returns to the client thru a different port. The 1521 port is closed and the db connection uses the new port for communicating with the client. i want the listener to return to the client using port 1521, how?
metalink says use the use_shared_socket parameter, but its still not working. i set the parameter to true in the sys env and in the registry.
....
Oracle 原文:
USE_SHARED_SOCKET
You can set the USE_SHARED_SOCKET parameter to TRUE to enable the use of shared sockets. If this parameter is set to TRUE, the network listener passes the socket descriptor for client connections to the database thread. As a result, the client does not need to establish a new connection to the database thread and database connection time improves. Also, all database connections share the port number used by the network listener, which can be useful if you are setting up third-party proxy servers.
On Windows NT 4.0 Service Pack3 or earlier, enabling this option precludes bringing the network listener up or down in a case where a database connection spawned by the network listener is active. Therefore, you may
need to shut down all of the databases serviced by a network listener before you can bring down and restart a network listener. This results from the way shared sockets have been implemented in WINSOCK2. WINSOCK2 does not
allow a reliable thread to a network listener on any port on which other connections are also active. This is not an issue on Windows NT 4.0 Service Pack 4 orlater. Oracle recommends that you upgrade to Windows NT 4.0 Service Pack 4 if you intend to set this parameter.
This parameter only works in dedicated server mode in a TCP/IP environment. If this parameter is set, you cannot use the 8.1.5 listener to spawn Oracle 7.x databases. To spawn an Oracle 8.0.x database from an 8.1.5 listener
==============