Oracle客户端穿过防火墙连接服务器

Oracle 客户端穿过防火墙连接服务器  

Oracle 客户端连接服务器，首先去找 1521 监听端口，服务器的 1521 监听端口再向 server process 进程发出请求，并返回一个随机端口，返回给客户端，客户端再来连接这个端口。

这样就给服务器上的防火墙设置带来了麻烦，这个端口是随机的，如何开放 ?  

windows 平台上的这个问题成了一大难题，很多论坛都有人问，但很少有人能解决。 unix 平台不用担心，系统自动会解决这个问题 .

Matalink 上提供了三种解决办法，实际上 USE_SHARED_SOCKET 是最有效最方便的。

但经过无数次实现，仍然没有成功，最后终于发现是 Oracle 8.1.7 的 bug

需要打补丁，升级到 Oracle 8.1.7.1.2

 

需要在 MTS 模式下（共享模式）

Oracle 默认是专用模式。

经试验发现，如果不在 init 文件中设参数的话， Oracle 仍然会要求一个随机端口和 1521 端口来共同通讯，只是这个随机端口，并不随客户端会话和登录的变化而变化，在没有重启服务器时，是固定的。

 

（试验发现，在专用模式下，每次连接， oracle 服务器会按 +1 方式，提供一个非 1521 的端口。）

所以，还需要在 init.ora 文件的最后加上一条参数：

mts_dispatchers="(address=(protocol=tcp)(host=myoradb)(port=1521))(dispatchers=1)"

这样才真正实现只用一个端口，穿过防火墙。

 

参考资料 :

 

Oracle uses dynamic ports under windows NT because of a bug in windows, so oracle can't use shared sockets. This bug got fixed with service pack 3 I think. By default, oracle uses the dynamic ports without caring which service pack is installed. There is a registry setting to force oracle to use shared sockets. The parameter is (what a surprise!) USE_SHARED_SOCKET in LOCAL_MACHINE\Software\Oracle\HomeX where X is your desired homedir. This parameter should be set to TRUE. There's a whitepaper from oracle for this too, somewhere on their site. Anyway, this parameter doesnt work for 8.1.7 Some users reported that it worked with 8.1.6.3, but 8.1.7 termiates every conection immediately...

 

Contributed by Arne Brutschy (abrutschy@xylon.de) on July 5, 2001.

 

Actually, I want to establish a replication system in my local machine.. for replicating objects(tables) from remote database to a local database... what data security option i must take in to account. I request you to give me the detail description like which protocal must be used and what parameter must be set in init.ora file,sqlnet.ora and listener.ora file and what other steps to be taken... I would be very thankful to you ... if you kindly describe the things...actually i want to maintain the data privacy which happens between remote and local database while replication take place.. any one can trap the net and extract the data ... so i need to stop that.   

I would be very thankful to you ... this is a request.. please mail me on the address p_v_raju73@rediffmail.com.   

regards p.v.raju

Contributed by pvraju (p_v_raju73@rediffmail.com) on October 8, 2001.

Modify Windows registry. 
 

USE_SHARED_SOCKET = TRUE   

- Oracle 8.1.6 for NT/2k \\HKEY_LOCAL_MACHINE\SOFTWARE\ORACLE\HOME<#> (# is your desired homedir)

- Oracle 8.1.7.0.0 for NT/2k Doesn't work in Oracle 8.1.7.0.0 for NT/2k

- Oracle 8.1.7.1.2 for NT/2k \\HKEY_LOCAL_MACHINE\SOFTWARE\ORACLE   

- FAQ Site

http://www.orafaq.net/archive/comp.databases.oracl e.server/2002/04/13/143024.htm http://www.orafaq.net/archive/comp.databases.oracl e.server/2002/04/13/143024.htm http://www.pauck.de/marco/misc/oracle_and_firewall s.html