PRVF-7617 Cluster Verify Fails For Network Check if Firewall Exists_1357657.1

rongshiyuan發表於2015-02-22

PRVF-7617 Cluster Verify (cluvfy) Fails For Network Check if Firewall Exists (Doc ID 1357657.1)


In this Document

Symptoms
Cause
Solution
References


Applies to:

Oracle Database - Enterprise Edition - Version 11.2.0.1 and later
Information in this document applies to any platform.

Symptoms

During Cluster Verification, a part of cluster installation, the connectivity check between nodes may fail with the following errors

Check: TCP connectivity of subnet "10.0.0.0"
Source                         Destination                    Connected?
------------------------------ ------------------------------ ----------------
racnode01:10.0.0.1             racnode02:10.0.0.2             failed

ERROR:
PRVF-7617 : Node connectivity between "racnode01 : 10.0.0.1" and "racnode02 : 10.0.0.2" failed
Result: TCP connectivity check failed for subnet "10.0.0.0"

 This may occur on any of the interface.

 

Cause

iptables (a Linux firewall) is active between the nodes, blocking network traffic on the cluster interconnect network.

Solution

1. A temporary solution is to disable iptables. A more permanent soution, if iptables is required, is to configure the iptables such that it does not block interconnect traffic(no firewall should exist between cluster nodes).

To disable iptables, use the following commands as root:

For IPV4:

# service iptables save
# service iptables stop
# chkconfig iptables off


For IPV6:

# service ip6tables save
# service ipt6ables stop
# chkconfig ip6tables off

Note: IPV6 is not supported with Oracle Clusterware/RAC 11gR2

2. If SElinux is set to enforcing, change it to permissive or disable could help too.

To check what mode the system is running:

# cat /selinux/enforce

Temporary switchoff enforcement, as root user:

# echo 0 > /selinux/enforce

This will switch to permissive mode, no reboot is required.

To permanently switchoff enforcement, edit /etc/selinux/config, change SELINUX to either "permissive" or "disabled". A server reboot is required if change SELINUX to "disabled".

 

 

References

NOTE:1054902.1 - How to Validate Network and Name Resolution Setup for the Clusterware and RAC
NOTE:1335136.1 - PRVF-7617: TCP connectivity check failed for subnet
NOTE:1103313.1 - Grid Infrastructure 11gR2 ROOT.SH Fails on Second Node due to Firewall
 

Document Details

 
Rate this document Email link to this documentOpen document in new windowPrintable Page
Type:
Status:
Last Major Update:
Last Update:
PROBLEM
PUBLISHED
13-Jan-2015
13-Jan-2015
     
 

Related Products

 
Oracle Database - Enterprise Edition
     
 

Document References

 
     
 

Recently Viewed

 
     

來自 “ ITPUB部落格 ” ,連結:http://blog.itpub.net/17252115/viewspace-1439617/,如需轉載,請註明出處,否則將追究法律責任。

相關文章