【RAC】RAC 實現IP訪問控制
相對與單節點的oracle ,11gr2 rac中,listener是配置在GRID_HOME,而不是ORACLE_HOME,所以我們要修改的sqlnet.ora檔案是在GI_HOME/network/admin目錄下的而非ORACLE_HOME/network/admin 目錄。
實驗環境:
資料庫版本 11.2.0.1.0
rac1 10.250.7.225
rac2 10.250.7.249 vip 10.250.7.112
rac3 10.250.7.241
1 最初的配置,tcp.invited_nodes只包含rac1,rac2兩個節點的ip,不包含rac3的ip
grid@rac1:/opt/11202/11.2.0/grid/network/admin>vim sqlnet.ora
NAMES.DIRECTORY_PATH= (TNSNAMES, EZCONNECT)
tcp.validnode_checking=yes
#允許訪問的ip
tcp.invited_nodes =(10.250.7.225,10.250.7.249)
ADR_BASE = /opt/rac/grid
grid@rac2:/opt/11202/11.2.0/grid/network/admin>vim sqlnet.ora
NAMES.DIRECTORY_PATH= (TNSNAMES, EZCONNECT)
tcp.validnode_checking=yes
#允許訪問的ip
tcp.invited_nodes =(10.250.7.249,10.250.7.225)
ADR_BASE = /opt/rac/grid
2 在rac3 上進行測試tnsping rac1 rac2
oracle@rac3:/opt/oracle/11.2.0/alifpre/network/admin>tnsping rac1
TNS Ping Utility for Linux: Version 11.2.0.1.0 - Production on 15-DEC-2011 16:19:46
Copyright (c) 1997, 2009, Oracle. All rights reserved.
Used parameter files:
/opt/oracle/11.2.0/alifpre/network/admin/sqlnet.ora
Used TNSNAMES adapter to resolve the alias
Attempting to contact (DESCRIPTION = (ADDRESS_LIST = (ADDRESS = (PROTOCOL = TCP)(HOST = 10.250.7.225)(PORT = 1521))) (CONNECT_DATA = (SID = rac1)))
TNS-12547: TNS:lost contact
oracle@rac3:/opt/oracle/11.2.0/alifpre/network/admin>tnsping rac2
TNS Ping Utility for Linux: Version 11.2.0.1.0 - Production on 15-DEC-2011 16:19:48
Copyright (c) 1997, 2009, Oracle. All rights reserved.
Used parameter files:
/opt/oracle/11.2.0/alifpre/network/admin/sqlnet.ora
Used TNSNAMES adapter to resolve the alias
Attempting to contact (DESCRIPTION = (ADDRESS_LIST = (ADDRESS = (PROTOCOL = TCP)(HOST = 10.250.7.112)(PORT = 1521))) (CONNECT_DATA = (SID = rac2)))
TNS-12547: TNS:lost contact
分別修改rac1 rac2 的 sqlnet.ora檔案
grid@rac2:/opt/11202/11.2.0/grid/network/admin>vim sqlnet.ora
NAMES.DIRECTORY_PATH= (TNSNAMES, EZCONNECT)
tcp.validnode_checking=yes
#允許訪問的ip
tcp.invited_nodes =(10.250.7.249,10.250.7.241)
ADR_BASE = /opt/rac/grid
3 修改之後必須重啟監聽,(這個對於生產庫比較麻煩,最造成操作期間的新連線失敗)
grid@rac2:/opt/11202/11.2.0/grid/network/admin>srvctl stop listener
grid@rac2:/opt/11202/11.2.0/grid/network/admin>srvctl start listener
grid@rac1:/opt/11202/11.2.0/grid/network/admin>vim sqlnet.ora
NAMES.DIRECTORY_PATH= (TNSNAMES, EZCONNECT)
tcp.validnode_checking=yes
#允許訪問的ip
tcp.invited_nodes =(10.250.7.225,10.250.7.241)
ADR_BASE = /opt/rac/grid
重啟監聽!
grid@rac1:/opt/11202/11.2.0/grid/network/admin>srvctl stop listener
grid@rac1:/opt/11202/11.2.0/grid/network/admin>srvctl start listener
4 再次進行測試:
oracle@rac3:/opt/oracle/11.2.0/alifpre/network/admin>tnsping rac2
Attempting to contact (DESCRIPTION = (ADDRESS_LIST = (ADDRESS = (PROTOCOL = TCP)(HOST = 10.250.7.112)(PORT = 1521))) (CONNECT_DATA = (SID = rac2)))
OK (0 msec)
oracle@rac3:/opt/oracle/11.2.0/alifpre/network/admin>tnsping rac1
Attempting to contact (DESCRIPTION = (ADDRESS_LIST = (ADDRESS = (PROTOCOL = TCP)(HOST = 10.250.7.225)(PORT = 1521))) (CONNECT_DATA = (SID = rac1)))
OK (10 msec)
成功配置!
來自 “ ITPUB部落格 ” ,連結:http://blog.itpub.net/22664653/viewspace-713396/,如需轉載,請註明出處,否則將追究法律責任。
相關文章
- RAC修改IP地址
- RAC重建SCAN IP
- RAC 增加SCAN IP
- rac下修改ip
- RAC修改IP操作
- Struts2實現訪問控制
- hacmp boot ip\svc ip \standby ip\ rac ipACMboot
- 【rac】實驗二:增加控制檔案
- Oracle RAC 修改 IP 地址Oracle
- win rac public ip 修改
- RAC中修改IP, VIP
- 【RAC】如何修改 private ip
- 用訪問控制列表實現網路單向訪問(轉)
- 【RAC】Oracle 10g RAC 重建控制檔案Oracle 10g
- 【RAC】Oracle rac修改IP地址及埠號命令參考Oracle
- RAC改VIP和SCAN IP
- 更改rac scanIP IP的地址
- RAC 11.2.0.3 修改 Public IP
- RAC中的虛擬IP
- vm server RAC--IP 地址Server
- .net core下訪問控制層的實現
- CentOS 5中改造RAC的private ip實現雙網路卡繫結CentOS
- Oracle RAC Cache Fusion 系列十三:PCM資源訪問Oracle
- Oracle RAC修改Scan IP,Public IP的方法Oracle
- 【RAC】使用crsctl工具控制Oracle RAC叢集的啟停Oracle
- Nginx訪問控制_IP訪問控制(http_access_module)原理、侷限性、解決方法講解NginxHTTP
- 使用Virtual Private Database實現細粒度訪問控制Database
- 使用DBMS_RLS實現細粒度訪問控制
- Oracle RAC修改public, VIP, SCAN IPOracle
- rac 手動漂移scan ip vip
- ORACLE RAC 環境下修改IPOracle
- Oracle9i RAC 修改IPOracle
- RAC叢集中IP地址的更改
- Oracle RAC修改IP和VIP地址Oracle
- 11gR2 RAC修改IP
- RAC下新增控制檔案
- oracle 10g rac modify public ip,private ip,vip實驗步驟Oracle 10g
- 使用Oracle Net實現限制特定IP訪問資料庫Oracle資料庫