安裝配置驗證COST(orapki)
/*配置COST*/
應電信某業務分公司要求,安裝cost。此在測試環境進行cost的配置、驗證。
--參照文件
--Using Class of Secure Transport (COST) to Restrict Instance Registration in Oracle RAC [ID 1340831.1]
[oracle@rac1 ~]$ crs_stat -t
Name Type Target State Host
------------------------------------------------------------
ora....SM1.asm application ONLINE ONLINE rac1
ora....C1.lsnr application ONLINE ONLINE rac1
ora.rac1.gsd application ONLINE ONLINE rac1
ora.rac1.ons application ONLINE ONLINE rac1
ora.rac1.vip application ONLINE ONLINE rac1
ora....SM2.asm application ONLINE ONLINE rac2
ora....C2.lsnr application ONLINE ONLINE rac2
ora.rac2.gsd application ONLINE ONLINE rac2
ora.rac2.ons application ONLINE ONLINE rac2
ora.rac2.vip application ONLINE ONLINE rac2
ora.racdb.db application ONLINE ONLINE rac2
ora....b1.inst application ONLINE ONLINE rac1
ora....b2.inst application ONLINE ONLINE rac2
--參照文件
--Using Class of Secure Transport (COST) to Restrict Instance Registration in Oracle RAC [ID 1340831.1]
[oracle@rac1 ~]$ crs_stat -t
Name Type Target State Host
------------------------------------------------------------
ora....SM1.asm application ONLINE ONLINE rac1
ora....C1.lsnr application ONLINE ONLINE rac1
ora.rac1.gsd application ONLINE ONLINE rac1
ora.rac1.ons application ONLINE ONLINE rac1
ora.rac1.vip application ONLINE ONLINE rac1
ora....SM2.asm application ONLINE ONLINE rac2
ora....C2.lsnr application ONLINE ONLINE rac2
ora.rac2.gsd application ONLINE ONLINE rac2
ora.rac2.ons application ONLINE ONLINE rac2
ora.rac2.vip application ONLINE ONLINE rac2
ora.racdb.db application ONLINE ONLINE rac2
ora....b1.inst application ONLINE ONLINE rac1
ora....b2.inst application ONLINE ONLINE rac2
--建立cost存放目錄(所有節點)
[oracle@rac1 ~]$ mkdir /opt/ora10g/product/database/network/admin/cost
--建立金鑰(所有節點)
[oracle@rac1 ~]$ orapki wallet create -wallet /opt/ora10g/product/database/network/admin/cost
Enter password:
Enter password again:
[oracle@rac1 ~]$ orapki wallet add -wallet /opt/ora10g/product/database/network/admin/cost -self_signed -dn "cn=secure_register" -keysize 1024 -validity 3650
Enter wallet password:
[oracle@rac1 ~]$ orapki wallet display -wallet /opt/ora10g/product/database/network/admin/cost
Enter wallet password:
Requested Certificates:
User Certificates:
Subject: CN=secure_register
Trusted Certificates:
Subject: CN=GTE CyberTrust Root,O=GTE Corporation,C=US
Subject: U=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US
Subject: U=Class 2 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US
Subject: U=Class 1 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US
Subject: U=Secure Server Certification Authority,O=RSA Data Security\, Inc.,C=US
Subject: CN=GTE CyberTrust Global Root,OU=GTE CyberTrust Solutions\, Inc.,O=GTE Corporation,C=US
Subject: CN=secure_register
Subject: CN=Entrust.net Secure Server Certification Authority,OU=(c) 2000 Entrust.net Limited,OU=www.entrust.net/SSL_CPS incorp. by ref. (limits liab.),O=Entrust.net
Subject: CN=Entrust.net Certification Authority (2048),OU=(c) 1999 Entrust.net Limited,OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.),O=Entrust.net
Subject: CN=Entrust.net Secure Server Certification Authority,OU=(c) 1999 Entrust.net Limited,OU=www.entrust.net/CPS incorp. by ref. (limits liab.),O=Entrust.net,C=US
[oracle@rac1 ~]$ mkdir /opt/ora10g/product/database/network/admin/cost
--建立金鑰(所有節點)
[oracle@rac1 ~]$ orapki wallet create -wallet /opt/ora10g/product/database/network/admin/cost
Enter password:
Enter password again:
[oracle@rac1 ~]$ orapki wallet add -wallet /opt/ora10g/product/database/network/admin/cost -self_signed -dn "cn=secure_register" -keysize 1024 -validity 3650
Enter wallet password:
[oracle@rac1 ~]$ orapki wallet display -wallet /opt/ora10g/product/database/network/admin/cost
Enter wallet password:
Requested Certificates:
User Certificates:
Subject: CN=secure_register
Trusted Certificates:
Subject: CN=GTE CyberTrust Root,O=GTE Corporation,C=US
Subject: U=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US
Subject: U=Class 2 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US
Subject: U=Class 1 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US
Subject: U=Secure Server Certification Authority,O=RSA Data Security\, Inc.,C=US
Subject: CN=GTE CyberTrust Global Root,OU=GTE CyberTrust Solutions\, Inc.,O=GTE Corporation,C=US
Subject: CN=secure_register
Subject: CN=Entrust.net Secure Server Certification Authority,OU=(c) 2000 Entrust.net Limited,OU=www.entrust.net/SSL_CPS incorp. by ref. (limits liab.),O=Entrust.net
Subject: CN=Entrust.net Certification Authority (2048),OU=(c) 1999 Entrust.net Limited,OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.),O=Entrust.net
Subject: CN=Entrust.net Secure Server Certification Authority,OU=(c) 1999 Entrust.net Limited,OU=www.entrust.net/CPS incorp. by ref. (limits liab.),O=Entrust.net,C=US
[oracle@rac2 ~]$ mkdir /opt/ora10g/product/database/network/admin/cost
[oracle@rac1 cost]$ scp /opt/ora10g/product/database/network/admin/cost/*.* rac2:/opt/ora10g/product/database/network/admin/cost/
ewallet.p12 100% 10KB 9.8KB/s 00:00
--各自節點分別建立金鑰
[oracle@rac1 ~]$ orapki wallet create -wallet /opt/ora10g/product/database/network/admin/cost -auto_login
Enter wallet password:
[oracle@rac2 ~]$ orapki wallet create -wallet /opt/ora10g/product/database/network/admin/cost -auto_login
Enter wallet password:
[oracle@rac1 ~]$ orapki wallet create -wallet /opt/ora10g/product/database/network/admin/cost -auto_login
Enter wallet password:
[oracle@rac2 ~]$ orapki wallet create -wallet /opt/ora10g/product/database/network/admin/cost -auto_login
Enter wallet password:
--修改監聽配置(所有節點)
[oracle@rac1 admin]$ pwd
/opt/ora10g/product/database/network/admin
[oracle@rac1 admin]$ cat listener.ora
# listener.ora.rac1 Network Configuration File: /opt/ora10g/product/database/network/admin/listener.ora.rac1
# Generated by Oracle configuration tools.
[oracle@rac1 admin]$ pwd
/opt/ora10g/product/database/network/admin
[oracle@rac1 admin]$ cat listener.ora
# listener.ora.rac1 Network Configuration File: /opt/ora10g/product/database/network/admin/listener.ora.rac1
# Generated by Oracle configuration tools.
LISTENER_RAC1 =
(DESCRIPTION_LIST =
(DESCRIPTION =
# (ADDRESS = (PROTOCOL = IPC)(KEY = REGISTER))
(ADDRESS = (PROTOCOL = TCP)(HOST = rac1-vip)(PORT = 1521)(IP = FIRST))
(ADDRESS = (PROTOCOL = TCPS)(HOST = rac1-vip)(PORT = 1523)(IP = FIRST))
(ADDRESS = (PROTOCOL = TCP)(HOST = 192.168.137.151)(PORT = 1521)(IP = FIRST))
)
)
(DESCRIPTION_LIST =
(DESCRIPTION =
# (ADDRESS = (PROTOCOL = IPC)(KEY = REGISTER))
(ADDRESS = (PROTOCOL = TCP)(HOST = rac1-vip)(PORT = 1521)(IP = FIRST))
(ADDRESS = (PROTOCOL = TCPS)(HOST = rac1-vip)(PORT = 1523)(IP = FIRST))
(ADDRESS = (PROTOCOL = TCP)(HOST = 192.168.137.151)(PORT = 1521)(IP = FIRST))
)
)
#cost add
WALLET_LOCATION =
(SOURCE =
(METHOD = FILE)
(METHOD_DATA =
(DIRECTORY = /opt/ora10g/product/database/network/admin/cost)
)
)
WALLET_LOCATION =
(SOURCE =
(METHOD = FILE)
(METHOD_DATA =
(DIRECTORY = /opt/ora10g/product/database/network/admin/cost)
)
)
#SECURE_REGISTER_LISTENER_RAC1 = (IPC)
#SECURE_REGISTER_LISTENER_RAC1 = (TCP,TCPS)
#SECURE_REGISTER_LISTENER_RAC1 = (TCP,TCPS)
SID_LIST_LISTENER_RAC1 =
(SID_LIST =
(SID_DESC =
(SID_NAME = PLSExtProc)
(ORACLE_HOME = /opt/ora10g/product/database)
(PROGRAM = extproc)
)
)
(SID_LIST =
(SID_DESC =
(SID_NAME = PLSExtProc)
(ORACLE_HOME = /opt/ora10g/product/database)
(PROGRAM = extproc)
)
)
[oracle@rac2 admin]$ cat listener.ora
# listener.ora.rac2 Network Configuration File: /opt/ora10g/product/database/network/admin/listener.ora.rac2
# Generated by Oracle configuration tools.
LISTENER_RAC2 =
(DESCRIPTION_LIST =
(DESCRIPTION =
(ADDRESS = (PROTOCOL = TCP)(HOST = rac2-vip)(PORT = 1521)(IP = FIRST))
(ADDRESS = (PROTOCOL = TCPS)(HOST = rac2-vip)(PORT = 1523)(IP = FIRST))
(ADDRESS = (PROTOCOL = TCP)(HOST = 192.168.137.152)(PORT = 1521)(IP = FIRST))
)
)
(DESCRIPTION_LIST =
(DESCRIPTION =
(ADDRESS = (PROTOCOL = TCP)(HOST = rac2-vip)(PORT = 1521)(IP = FIRST))
(ADDRESS = (PROTOCOL = TCPS)(HOST = rac2-vip)(PORT = 1523)(IP = FIRST))
(ADDRESS = (PROTOCOL = TCP)(HOST = 192.168.137.152)(PORT = 1521)(IP = FIRST))
)
)
#cost add
WALLET_LOCATION =
(SOURCE =
(METHOD = FILE)
(METHOD_DATA =
(DIRECTORY = /opt/ora10g/product/database/network/admin/cost)
)
)
WALLET_LOCATION =
(SOURCE =
(METHOD = FILE)
(METHOD_DATA =
(DIRECTORY = /opt/ora10g/product/database/network/admin/cost)
)
)
#SECURE_REGISTER_LISTENER_RAC2 = (TCP,TCPS)
SID_LIST_LISTENER_RAC2 =
(SID_LIST =
(SID_DESC =
(SID_NAME = PLSExtProc)
(ORACLE_HOME = /opt/ora10g/product/database)
(PROGRAM = extproc)
)
)
(SID_LIST =
(SID_DESC =
(SID_NAME = PLSExtProc)
(ORACLE_HOME = /opt/ora10g/product/database)
(PROGRAM = extproc)
)
)
#LISTENER =
# (DESCRIPTION_LIST =
# (DESCRIPTION =
# (ADDRESS = (PROTOCOL = TCP)(HOST = rac2)(PORT = 1521))
# )
# )
# (DESCRIPTION_LIST =
# (DESCRIPTION =
# (ADDRESS = (PROTOCOL = TCP)(HOST = rac2)(PORT = 1521))
# )
# )
--重啟各自節點監聽
[oracle@rac1 ~]$ srvctl stop listener -n rac1
[oracle@rac1 ~]$ srvctl start listener -n rac1
[oracle@rac1 ~]$ lsnrctl status
[oracle@rac1 ~]$ srvctl stop listener -n rac1
[oracle@rac1 ~]$ srvctl start listener -n rac1
[oracle@rac1 ~]$ lsnrctl status
LSNRCTL for Linux: Version 10.2.0.5.0 - Production on 12-SEP-2012 15:10:18
Copyright (c) 1991, 2010, Oracle. All rights reserved.
Connecting to (ADDRESS=(PROTOCOL=tcp)(HOST=)(PORT=1521))
STATUS of the LISTENER
------------------------
Alias LISTENER_RAC1
Version TNSLSNR for Linux: Version 10.2.0.5.0 - Production
Start Date 12-SEP-2012 15:10:12
Uptime 0 days 0 hr. 0 min. 6 sec
Trace Level off
Security ON: Local OS Authentication
SNMP OFF
Listener Parameter File /opt/ora10g/product/database/network/admin/listener.ora
Listener Log File /opt/ora10g/product/database/network/log/listener_rac1.log
Listening Endpoints Summary...
(DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=192.168.137.153)(PORT=1521)))
(DESCRIPTION=(ADDRESS=(PROTOCOL=tcps)(HOST=192.168.137.153)(PORT=1523)))
(DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=192.168.137.151)(PORT=1521)))
Services Summary...
Service "PLSExtProc" has 1 instance(s).
Instance "PLSExtProc", status UNKNOWN, has 1 handler(s) for this service...
The command completed successfully
STATUS of the LISTENER
------------------------
Alias LISTENER_RAC1
Version TNSLSNR for Linux: Version 10.2.0.5.0 - Production
Start Date 12-SEP-2012 15:10:12
Uptime 0 days 0 hr. 0 min. 6 sec
Trace Level off
Security ON: Local OS Authentication
SNMP OFF
Listener Parameter File /opt/ora10g/product/database/network/admin/listener.ora
Listener Log File /opt/ora10g/product/database/network/log/listener_rac1.log
Listening Endpoints Summary...
(DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=192.168.137.153)(PORT=1521)))
(DESCRIPTION=(ADDRESS=(PROTOCOL=tcps)(HOST=192.168.137.153)(PORT=1523)))
(DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=192.168.137.151)(PORT=1521)))
Services Summary...
Service "PLSExtProc" has 1 instance(s).
Instance "PLSExtProc", status UNKNOWN, has 1 handler(s) for this service...
The command completed successfully
[oracle@rac2 ~]$ srvctl stop listener -n rac2
[oracle@rac2 ~]$ srvctl start listener -n rac2
[oracle@rac2 ~]$ lsnrctl status
[oracle@rac2 ~]$ srvctl start listener -n rac2
[oracle@rac2 ~]$ lsnrctl status
LSNRCTL for Linux: Version 10.2.0.5.0 - Production on 12-SEP-2012 15:11:33
Copyright (c) 1991, 2010, Oracle. All rights reserved.
Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=rac2)(PORT=1521)))
STATUS of the LISTENER
------------------------
Alias LISTENER_RAC2
Version TNSLSNR for Linux: Version 10.2.0.5.0 - Production
Start Date 12-SEP-2012 15:11:27
Uptime 0 days 0 hr. 0 min. 5 sec
Trace Level off
Security ON: Local OS Authentication
SNMP OFF
Listener Parameter File /opt/ora10g/product/database/network/admin/listener.ora
Listener Log File /opt/ora10g/product/database/network/log/listener_rac2.log
Listening Endpoints Summary...
(DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=192.168.137.154)(PORT=1521)))
(DESCRIPTION=(ADDRESS=(PROTOCOL=tcps)(HOST=192.168.137.154)(PORT=1523)))
(DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=192.168.137.152)(PORT=1521)))
Services Summary...
Service "PLSExtProc" has 1 instance(s).
Instance "PLSExtProc", status UNKNOWN, has 1 handler(s) for this service...
The command completed successfully
STATUS of the LISTENER
------------------------
Alias LISTENER_RAC2
Version TNSLSNR for Linux: Version 10.2.0.5.0 - Production
Start Date 12-SEP-2012 15:11:27
Uptime 0 days 0 hr. 0 min. 5 sec
Trace Level off
Security ON: Local OS Authentication
SNMP OFF
Listener Parameter File /opt/ora10g/product/database/network/admin/listener.ora
Listener Log File /opt/ora10g/product/database/network/log/listener_rac2.log
Listening Endpoints Summary...
(DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=192.168.137.154)(PORT=1521)))
(DESCRIPTION=(ADDRESS=(PROTOCOL=tcps)(HOST=192.168.137.154)(PORT=1523)))
(DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=192.168.137.152)(PORT=1521)))
Services Summary...
Service "PLSExtProc" has 1 instance(s).
Instance "PLSExtProc", status UNKNOWN, has 1 handler(s) for this service...
The command completed successfully
--所有節點配置sqlnet.ora
[oracle@rac1 admin]$ pwd
/opt/ora10g/product/database/network/admin
[oracle@rac1 admin]$ cat sqlnet.ora
WALLET_LOCATION =
(SOURCE =
(METHOD = FILE)
(METHOD_DATA =
(DIRECTORY = /opt/ora10g/product/database/network/admin/cost)
)
)
[oracle@rac1 admin]$ scp sqlnet.ora rac2:/opt/ora10g/product/database/network/admin/
sqlnet.ora 100% 151 0.2KB/s 00:00
[oracle@rac1 admin]$ pwd
/opt/ora10g/product/database/network/admin
[oracle@rac1 admin]$ cat sqlnet.ora
WALLET_LOCATION =
(SOURCE =
(METHOD = FILE)
(METHOD_DATA =
(DIRECTORY = /opt/ora10g/product/database/network/admin/cost)
)
)
[oracle@rac1 admin]$ scp sqlnet.ora rac2:/opt/ora10g/product/database/network/admin/
sqlnet.ora 100% 151 0.2KB/s 00:00
--檢視remote_listener配置
[oracle@rac1 ~]$ sqlplus /nolog
[oracle@rac1 ~]$ sqlplus /nolog
SQL*Plus: Release 10.2.0.5.0 - Production on Wed Sep 12 15:19:38 2012
Copyright (c) 1982, 2010, Oracle. All Rights Reserved.
SQL> conn /as sysdba
Connected.
SQL> show parameter remote_listener
Connected.
SQL> show parameter remote_listener
NAME TYPE VALUE
------------------------------------ ----------- ------------------------------
remote_listener string LISTENERS_RACDB
------------------------------------ ----------- ------------------------------
remote_listener string LISTENERS_RACDB
--修改所有節點tnsnames.ora
[oracle@rac1 admin]$ pwd
/opt/ora10g/product/database/network/admin
[oracle@rac1 admin]$ cat tnsnames.ora
# tnsnames.ora Network Configuration File: /opt/ora10g/product/database/network/admin/tnsnames.ora
# Generated by Oracle configuration tools.
[oracle@rac1 admin]$ pwd
/opt/ora10g/product/database/network/admin
[oracle@rac1 admin]$ cat tnsnames.ora
# tnsnames.ora Network Configuration File: /opt/ora10g/product/database/network/admin/tnsnames.ora
# Generated by Oracle configuration tools.
RACDB1 =
(DESCRIPTION =
(ADDRESS = (PROTOCOL = TCP)(HOST = rac1-vip)(PORT = 1521))
(CONNECT_DATA =
(SERVER = DEDICATED)
(SERVICE_NAME = racdb)
(INSTANCE_NAME = racdb1)
)
)
(DESCRIPTION =
(ADDRESS = (PROTOCOL = TCP)(HOST = rac1-vip)(PORT = 1521))
(CONNECT_DATA =
(SERVER = DEDICATED)
(SERVICE_NAME = racdb)
(INSTANCE_NAME = racdb1)
)
)
RACDB =
(DESCRIPTION =
(ADDRESS = (PROTOCOL = TCP)(HOST = rac1-vip)(PORT = 1521))
(ADDRESS = (PROTOCOL = TCP)(HOST = rac2-vip)(PORT = 1521))
(LOAD_BALANCE = yes)
(CONNECT_DATA =
(SERVER = DEDICATED)
(SERVICE_NAME = racdb)
)
)
(DESCRIPTION =
(ADDRESS = (PROTOCOL = TCP)(HOST = rac1-vip)(PORT = 1521))
(ADDRESS = (PROTOCOL = TCP)(HOST = rac2-vip)(PORT = 1521))
(LOAD_BALANCE = yes)
(CONNECT_DATA =
(SERVER = DEDICATED)
(SERVICE_NAME = racdb)
)
)
LISTENERS_RACDB =
(ADDRESS_LIST =
# (ADDRESS = (PROTOCOL = TCP)(HOST = rac1-vip)(PORT = 1521))
# (ADDRESS = (PROTOCOL = TCP)(HOST = rac2-vip)(PORT = 1521))
(ADDRESS = (PROTOCOL = TCPS)(HOST = rac1-vip)(PORT = 1523))
(ADDRESS = (PROTOCOL = TCPS)(HOST = rac2-vip)(PORT = 1523))
)
(ADDRESS_LIST =
# (ADDRESS = (PROTOCOL = TCP)(HOST = rac1-vip)(PORT = 1521))
# (ADDRESS = (PROTOCOL = TCP)(HOST = rac2-vip)(PORT = 1521))
(ADDRESS = (PROTOCOL = TCPS)(HOST = rac1-vip)(PORT = 1523))
(ADDRESS = (PROTOCOL = TCPS)(HOST = rac2-vip)(PORT = 1523))
)
EXTPROC_CONNECTION_DATA =
(DESCRIPTION =
(ADDRESS_LIST =
(ADDRESS = (PROTOCOL = IPC)(KEY = EXTPROC0))
)
(CONNECT_DATA =
(SID = PLSExtProc)
(PRESENTATION = RO)
)
)
(DESCRIPTION =
(ADDRESS_LIST =
(ADDRESS = (PROTOCOL = IPC)(KEY = EXTPROC0))
)
(CONNECT_DATA =
(SID = PLSExtProc)
(PRESENTATION = RO)
)
)
RACDB2 =
(DESCRIPTION =
(ADDRESS_LIST =
(ADDRESS = (PROTOCOL = TCP)(HOST = 192.168.137.152)(PORT = 1521))
)
(CONNECT_DATA =
(SERVICE_NAME = racdb2)
)
)
(DESCRIPTION =
(ADDRESS_LIST =
(ADDRESS = (PROTOCOL = TCP)(HOST = 192.168.137.152)(PORT = 1521))
)
(CONNECT_DATA =
(SERVICE_NAME = racdb2)
)
)
[oracle@rac2 admin]$ pwd
/opt/ora10g/product/database/network/admin
[oracle@rac2 admin]$ cat tnsnames.ora
# tnsnames.ora Network Configuration File: /opt/ora10g/product/database/network/admin/tnsnames.ora
# Generated by Oracle configuration tools.
RACDB2 =
(DESCRIPTION =
(ADDRESS = (PROTOCOL = TCP)(HOST = rac2-vip)(PORT = 1521))
(CONNECT_DATA =
(SERVER = DEDICATED)
(SERVICE_NAME = racdb)
(INSTANCE_NAME = racdb2)
)
)
(DESCRIPTION =
(ADDRESS = (PROTOCOL = TCP)(HOST = rac2-vip)(PORT = 1521))
(CONNECT_DATA =
(SERVER = DEDICATED)
(SERVICE_NAME = racdb)
(INSTANCE_NAME = racdb2)
)
)
RACDB =
(DESCRIPTION =
(ADDRESS = (PROTOCOL = TCP)(HOST = rac1-vip)(PORT = 1521))
(ADDRESS = (PROTOCOL = TCP)(HOST = rac2-vip)(PORT = 1521))
(LOAD_BALANCE = yes)
(CONNECT_DATA =
(SERVER = DEDICATED)
(SERVICE_NAME = racdb)
)
)
(DESCRIPTION =
(ADDRESS = (PROTOCOL = TCP)(HOST = rac1-vip)(PORT = 1521))
(ADDRESS = (PROTOCOL = TCP)(HOST = rac2-vip)(PORT = 1521))
(LOAD_BALANCE = yes)
(CONNECT_DATA =
(SERVER = DEDICATED)
(SERVICE_NAME = racdb)
)
)
LISTENERS_RACDB =
(ADDRESS_LIST =
# (ADDRESS = (PROTOCOL = TCP)(HOST = rac1-vip)(PORT = 1521))
# (ADDRESS = (PROTOCOL = TCP)(HOST = rac2-vip)(PORT = 1521))
(ADDRESS = (PROTOCOL = TCPS)(HOST = rac1-vip)(PORT = 1523))
(ADDRESS = (PROTOCOL = TCPS)(HOST = rac2-vip)(PORT = 1523))
)
(ADDRESS_LIST =
# (ADDRESS = (PROTOCOL = TCP)(HOST = rac1-vip)(PORT = 1521))
# (ADDRESS = (PROTOCOL = TCP)(HOST = rac2-vip)(PORT = 1521))
(ADDRESS = (PROTOCOL = TCPS)(HOST = rac1-vip)(PORT = 1523))
(ADDRESS = (PROTOCOL = TCPS)(HOST = rac2-vip)(PORT = 1523))
)
EXTPROC_CONNECTION_DATA =
(DESCRIPTION =
(ADDRESS_LIST =
(ADDRESS = (PROTOCOL = IPC)(KEY = EXTPROC0))
)
(CONNECT_DATA =
(SID = PLSExtProc)
(PRESENTATION = RO)
)
)
(DESCRIPTION =
(ADDRESS_LIST =
(ADDRESS = (PROTOCOL = IPC)(KEY = EXTPROC0))
)
(CONNECT_DATA =
(SID = PLSExtProc)
(PRESENTATION = RO)
)
)
RACDB1 =
(DESCRIPTION =
(ADDRESS_LIST =
(ADDRESS = (PROTOCOL = TCP)(HOST = 192.168.137.151)(PORT = 1521))
)
(CONNECT_DATA =
(SERVICE_NAME = racdb1)
)
)
100% 1297 1.3KB/s 00:00
(DESCRIPTION =
(ADDRESS_LIST =
(ADDRESS = (PROTOCOL = TCP)(HOST = 192.168.137.151)(PORT = 1521))
)
(CONNECT_DATA =
(SERVICE_NAME = racdb1)
)
)
100% 1297 1.3KB/s 00:00
--遠端重啟各個節點
[oracle@rac1 ~]$ srvctl stop instance -d racdb -i racdb2 -o immediate
[oracle@rac1 ~]$ srvctl start instance -d racdb -i racdb2
[oracle@rac2 ~]$ srvctl stop instance -d racdb -i racdb1 -o immediate
[oracle@rac2 ~]$ srvctl start instance -d racdb -i racdb1
[oracle@rac1 ~]$ srvctl stop instance -d racdb -i racdb2 -o immediate
[oracle@rac1 ~]$ srvctl start instance -d racdb -i racdb2
[oracle@rac2 ~]$ srvctl stop instance -d racdb -i racdb1 -o immediate
[oracle@rac2 ~]$ srvctl start instance -d racdb -i racdb1
--確認各個節點監聽配置是否正確
[oracle@rac1 ~]$ lsnrctl status
[oracle@rac1 ~]$ lsnrctl status
LSNRCTL for Linux: Version 10.2.0.5.0 - Production on 12-SEP-2012 15:45:52
Copyright (c) 1991, 2010, Oracle. All rights reserved.
Connecting to (ADDRESS=(PROTOCOL=tcp)(HOST=)(PORT=1521))
STATUS of the LISTENER
------------------------
Alias LISTENER_RAC1
Version TNSLSNR for Linux: Version 10.2.0.5.0 - Production
Start Date 12-SEP-2012 15:10:12
Uptime 0 days 0 hr. 35 min. 39 sec
Trace Level off
Security ON: Local OS Authentication
SNMP OFF
Listener Parameter File /opt/ora10g/product/database/network/admin/listener.ora
Listener Log File /opt/ora10g/product/database/network/log/listener_rac1.log
Listening Endpoints Summary...
(DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=192.168.137.153)(PORT=1521)))
(DESCRIPTION=(ADDRESS=(PROTOCOL=tcps)(HOST=192.168.137.153)(PORT=1523)))
(DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=192.168.137.151)(PORT=1521)))
Services Summary...
Service "+ASM" has 1 instance(s).
Instance "+ASM1", status BLOCKED, has 1 handler(s) for this service...
Service "+ASM_XPT" has 1 instance(s).
Instance "+ASM1", status BLOCKED, has 1 handler(s) for this service...
Service "PLSExtProc" has 1 instance(s).
Instance "PLSExtProc", status UNKNOWN, has 1 handler(s) for this service...
Service "racdb" has 2 instance(s).
Instance "racdb1", status READY, has 2 handler(s) for this service...
Instance "racdb2", status READY, has 1 handler(s) for this service...
Service "racdbXDB" has 2 instance(s).
Instance "racdb1", status READY, has 1 handler(s) for this service...
Instance "racdb2", status READY, has 1 handler(s) for this service...
Service "racdb_XPT" has 2 instance(s).
Instance "racdb1", status READY, has 2 handler(s) for this service...
Instance "racdb2", status READY, has 1 handler(s) for this service...
The command completed successfully
STATUS of the LISTENER
------------------------
Alias LISTENER_RAC1
Version TNSLSNR for Linux: Version 10.2.0.5.0 - Production
Start Date 12-SEP-2012 15:10:12
Uptime 0 days 0 hr. 35 min. 39 sec
Trace Level off
Security ON: Local OS Authentication
SNMP OFF
Listener Parameter File /opt/ora10g/product/database/network/admin/listener.ora
Listener Log File /opt/ora10g/product/database/network/log/listener_rac1.log
Listening Endpoints Summary...
(DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=192.168.137.153)(PORT=1521)))
(DESCRIPTION=(ADDRESS=(PROTOCOL=tcps)(HOST=192.168.137.153)(PORT=1523)))
(DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=192.168.137.151)(PORT=1521)))
Services Summary...
Service "+ASM" has 1 instance(s).
Instance "+ASM1", status BLOCKED, has 1 handler(s) for this service...
Service "+ASM_XPT" has 1 instance(s).
Instance "+ASM1", status BLOCKED, has 1 handler(s) for this service...
Service "PLSExtProc" has 1 instance(s).
Instance "PLSExtProc", status UNKNOWN, has 1 handler(s) for this service...
Service "racdb" has 2 instance(s).
Instance "racdb1", status READY, has 2 handler(s) for this service...
Instance "racdb2", status READY, has 1 handler(s) for this service...
Service "racdbXDB" has 2 instance(s).
Instance "racdb1", status READY, has 1 handler(s) for this service...
Instance "racdb2", status READY, has 1 handler(s) for this service...
Service "racdb_XPT" has 2 instance(s).
Instance "racdb1", status READY, has 2 handler(s) for this service...
Instance "racdb2", status READY, has 1 handler(s) for this service...
The command completed successfully
[oracle@rac2 ~]$ lsnrctl status
LSNRCTL for Linux: Version 10.2.0.5.0 - Production on 12-SEP-2012 15:45:35
Copyright (c) 1991, 2010, Oracle. All rights reserved.
Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=rac2)(PORT=1521)))
STATUS of the LISTENER
------------------------
Alias LISTENER_RAC2
Version TNSLSNR for Linux: Version 10.2.0.5.0 - Production
Start Date 12-SEP-2012 15:11:27
Uptime 0 days 0 hr. 34 min. 7 sec
Trace Level off
Security ON: Local OS Authentication
SNMP OFF
Listener Parameter File /opt/ora10g/product/database/network/admin/listener.ora
Listener Log File /opt/ora10g/product/database/network/log/listener_rac2.log
Listening Endpoints Summary...
(DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=192.168.137.154)(PORT=1521)))
(DESCRIPTION=(ADDRESS=(PROTOCOL=tcps)(HOST=192.168.137.154)(PORT=1523)))
(DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=192.168.137.152)(PORT=1521)))
Services Summary...
Service "+ASM" has 1 instance(s).
Instance "+ASM2", status BLOCKED, has 1 handler(s) for this service...
Service "+ASM_XPT" has 1 instance(s).
Instance "+ASM2", status BLOCKED, has 1 handler(s) for this service...
Service "PLSExtProc" has 1 instance(s).
Instance "PLSExtProc", status UNKNOWN, has 1 handler(s) for this service...
Service "racdb" has 2 instance(s).
Instance "racdb1", status READY, has 1 handler(s) for this service...
Instance "racdb2", status READY, has 2 handler(s) for this service...
Service "racdbXDB" has 2 instance(s).
Instance "racdb1", status READY, has 1 handler(s) for this service...
Instance "racdb2", status READY, has 1 handler(s) for this service...
Service "racdb_XPT" has 2 instance(s).
Instance "racdb1", status READY, has 1 handler(s) for this service...
Instance "racdb2", status READY, has 2 handler(s) for this service...
The command completed successfully
STATUS of the LISTENER
------------------------
Alias LISTENER_RAC2
Version TNSLSNR for Linux: Version 10.2.0.5.0 - Production
Start Date 12-SEP-2012 15:11:27
Uptime 0 days 0 hr. 34 min. 7 sec
Trace Level off
Security ON: Local OS Authentication
SNMP OFF
Listener Parameter File /opt/ora10g/product/database/network/admin/listener.ora
Listener Log File /opt/ora10g/product/database/network/log/listener_rac2.log
Listening Endpoints Summary...
(DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=192.168.137.154)(PORT=1521)))
(DESCRIPTION=(ADDRESS=(PROTOCOL=tcps)(HOST=192.168.137.154)(PORT=1523)))
(DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=192.168.137.152)(PORT=1521)))
Services Summary...
Service "+ASM" has 1 instance(s).
Instance "+ASM2", status BLOCKED, has 1 handler(s) for this service...
Service "+ASM_XPT" has 1 instance(s).
Instance "+ASM2", status BLOCKED, has 1 handler(s) for this service...
Service "PLSExtProc" has 1 instance(s).
Instance "PLSExtProc", status UNKNOWN, has 1 handler(s) for this service...
Service "racdb" has 2 instance(s).
Instance "racdb1", status READY, has 1 handler(s) for this service...
Instance "racdb2", status READY, has 2 handler(s) for this service...
Service "racdbXDB" has 2 instance(s).
Instance "racdb1", status READY, has 1 handler(s) for this service...
Instance "racdb2", status READY, has 1 handler(s) for this service...
Service "racdb_XPT" has 2 instance(s).
Instance "racdb1", status READY, has 1 handler(s) for this service...
Instance "racdb2", status READY, has 2 handler(s) for this service...
The command completed successfully
--使cost配置生效
取消各個節點listener.ora中的註釋行
SECURE_REGISTER_LISTENER_RAC1 = (TCP,TCPS)
取消各個節點listener.ora中的註釋行
SECURE_REGISTER_LISTENER_RAC1 = (TCP,TCPS)
--驗證cost
--參考Using Class of Secure Transport (COST) to Restrict Instance Registration [ID 1453883.1]
--對於TCP協議的驗證(只能走TCP協議)
--修改監聽配置檔案(只允許TCP協議)
[oracle@rac1 admin]$ pwd
/opt/ora10g/product/database/network/admin
[oracle@rac1 admin]$ cat listener.ora
# listener.ora.rac1 Network Configuration File: /opt/ora10g/product/database/network/admin/listener.ora.rac1
# Generated by Oracle configuration tools.
--參考Using Class of Secure Transport (COST) to Restrict Instance Registration [ID 1453883.1]
--對於TCP協議的驗證(只能走TCP協議)
--修改監聽配置檔案(只允許TCP協議)
[oracle@rac1 admin]$ pwd
/opt/ora10g/product/database/network/admin
[oracle@rac1 admin]$ cat listener.ora
# listener.ora.rac1 Network Configuration File: /opt/ora10g/product/database/network/admin/listener.ora.rac1
# Generated by Oracle configuration tools.
LISTENER_RAC1 =
(DESCRIPTION_LIST =
(DESCRIPTION =
# (ADDRESS = (PROTOCOL = IPC)(KEY = REGISTER))
(ADDRESS = (PROTOCOL = TCP)(HOST = rac1-vip)(PORT = 1521)(IP = FIRST))
(ADDRESS = (PROTOCOL = TCPS)(HOST = rac1-vip)(PORT = 1523)(IP = FIRST))
(ADDRESS = (PROTOCOL = TCP)(HOST = 192.168.137.151)(PORT = 1521)(IP = FIRST))
)
)
(DESCRIPTION_LIST =
(DESCRIPTION =
# (ADDRESS = (PROTOCOL = IPC)(KEY = REGISTER))
(ADDRESS = (PROTOCOL = TCP)(HOST = rac1-vip)(PORT = 1521)(IP = FIRST))
(ADDRESS = (PROTOCOL = TCPS)(HOST = rac1-vip)(PORT = 1523)(IP = FIRST))
(ADDRESS = (PROTOCOL = TCP)(HOST = 192.168.137.151)(PORT = 1521)(IP = FIRST))
)
)
#cost add
WALLET_LOCATION =
(SOURCE =
(METHOD = FILE)
(METHOD_DATA =
(DIRECTORY = /opt/ora10g/product/database/network/admin/cost)
)
)
WALLET_LOCATION =
(SOURCE =
(METHOD = FILE)
(METHOD_DATA =
(DIRECTORY = /opt/ora10g/product/database/network/admin/cost)
)
)
#SECURE_REGISTER_LISTENER_RAC1 = (IPC)
#SECURE_REGISTER_LISTENER_RAC1 = (TCP,TCPS)
#SECURE_REGISTER_LISTENER_RAC1 = (TCP,TCPS)
SID_LIST_LISTENER_RAC1 =
(SID_LIST =
(SID_DESC =
(SID_NAME = PLSExtProc)
(ORACLE_HOME = /opt/ora10g/product/database)
(PROGRAM = extproc)
)
)
--重啟監聽,並檢視註冊的服務資訊
[oracle@rac1 admin]$ lsnrctl reload
(SID_LIST =
(SID_DESC =
(SID_NAME = PLSExtProc)
(ORACLE_HOME = /opt/ora10g/product/database)
(PROGRAM = extproc)
)
)
--重啟監聽,並檢視註冊的服務資訊
[oracle@rac1 admin]$ lsnrctl reload
LSNRCTL for Linux: Version 10.2.0.5.0 - Production on 12-SEP-2012 23:02:29
Copyright (c) 1991, 2010, Oracle. All rights reserved.
Connecting to (ADDRESS=(PROTOCOL=tcp)(HOST=)(PORT=1521))
The command completed successfully
[oracle@rac1 admin]$ lsnrctl status
The command completed successfully
[oracle@rac1 admin]$ lsnrctl status
LSNRCTL for Linux: Version 10.2.0.5.0 - Production on 12-SEP-2012 23:02:36
Copyright (c) 1991, 2010, Oracle. All rights reserved.
Connecting to (ADDRESS=(PROTOCOL=tcp)(HOST=)(PORT=1521))
STATUS of the LISTENER
------------------------
Alias LISTENER_RAC1
Version TNSLSNR for Linux: Version 10.2.0.5.0 - Production
Start Date 12-SEP-2012 22:45:47
Uptime 0 days 0 hr. 16 min. 49 sec
Trace Level off
Security ON: Local OS Authentication
SNMP OFF
Listener Parameter File /opt/ora10g/product/database/network/admin/listener.ora
Listener Log File /opt/ora10g/product/database/network/log/listener_rac1.log
Listening Endpoints Summary...
(DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=192.168.137.153)(PORT=1521)))
(DESCRIPTION=(ADDRESS=(PROTOCOL=tcps)(HOST=192.168.137.153)(PORT=1523)))
(DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=192.168.137.151)(PORT=1521)))
Services Summary...
Service "PLSExtProc" has 1 instance(s).
Instance "PLSExtProc", status UNKNOWN, has 1 handler(s) for this service...
The command completed successfully
STATUS of the LISTENER
------------------------
Alias LISTENER_RAC1
Version TNSLSNR for Linux: Version 10.2.0.5.0 - Production
Start Date 12-SEP-2012 22:45:47
Uptime 0 days 0 hr. 16 min. 49 sec
Trace Level off
Security ON: Local OS Authentication
SNMP OFF
Listener Parameter File /opt/ora10g/product/database/network/admin/listener.ora
Listener Log File /opt/ora10g/product/database/network/log/listener_rac1.log
Listening Endpoints Summary...
(DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=192.168.137.153)(PORT=1521)))
(DESCRIPTION=(ADDRESS=(PROTOCOL=tcps)(HOST=192.168.137.153)(PORT=1523)))
(DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=192.168.137.151)(PORT=1521)))
Services Summary...
Service "PLSExtProc" has 1 instance(s).
Instance "PLSExtProc", status UNKNOWN, has 1 handler(s) for this service...
The command completed successfully
--手動註冊服務,並檢視監聽註冊資訊
[oracle@rac1 admin]$ sqlplus /nolog
[oracle@rac1 admin]$ sqlplus /nolog
SQL*Plus: Release 10.2.0.5.0 - Production on Wed Sep 12 23:02:59 2012
Copyright (c) 1982, 2010, Oracle. All Rights Reserved.
SQL> conn /as sysdba
Connected.
SQL> alter system register;
Connected.
SQL> alter system register;
System altered.
SQL> !
[oracle@rac1 admin]$ lsnrctl status
[oracle@rac1 admin]$ lsnrctl status
LSNRCTL for Linux: Version 10.2.0.5.0 - Production on 12-SEP-2012 23:03:15
Copyright (c) 1991, 2010, Oracle. All rights reserved.
Connecting to (ADDRESS=(PROTOCOL=tcp)(HOST=)(PORT=1521))
STATUS of the LISTENER
------------------------
Alias LISTENER_RAC1
Version TNSLSNR for Linux: Version 10.2.0.5.0 - Production
Start Date 12-SEP-2012 22:45:47
Uptime 0 days 0 hr. 17 min. 28 sec
Trace Level off
Security ON: Local OS Authentication
SNMP OFF
Listener Parameter File /opt/ora10g/product/database/network/admin/listener.ora
Listener Log File /opt/ora10g/product/database/network/log/listener_rac1.log
Listening Endpoints Summary...
(DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=192.168.137.153)(PORT=1521)))
(DESCRIPTION=(ADDRESS=(PROTOCOL=tcps)(HOST=192.168.137.153)(PORT=1523)))
(DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=192.168.137.151)(PORT=1521)))
Services Summary...
Service "PLSExtProc" has 1 instance(s).
Instance "PLSExtProc", status UNKNOWN, has 1 handler(s) for this service...
The command completed successfully
STATUS of the LISTENER
------------------------
Alias LISTENER_RAC1
Version TNSLSNR for Linux: Version 10.2.0.5.0 - Production
Start Date 12-SEP-2012 22:45:47
Uptime 0 days 0 hr. 17 min. 28 sec
Trace Level off
Security ON: Local OS Authentication
SNMP OFF
Listener Parameter File /opt/ora10g/product/database/network/admin/listener.ora
Listener Log File /opt/ora10g/product/database/network/log/listener_rac1.log
Listening Endpoints Summary...
(DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=192.168.137.153)(PORT=1521)))
(DESCRIPTION=(ADDRESS=(PROTOCOL=tcps)(HOST=192.168.137.153)(PORT=1523)))
(DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=192.168.137.151)(PORT=1521)))
Services Summary...
Service "PLSExtProc" has 1 instance(s).
Instance "PLSExtProc", status UNKNOWN, has 1 handler(s) for this service...
The command completed successfully
--驗證期間觀察監聽日誌(無報錯及拒絕註冊的資訊)
[oracle@rac1 admin]$ tail -20 /opt/ora10g/product/database/network/log/listener_rac1.log
TNS-01194: The listener command did not arrive in a secure transport
12-SEP-2012 23:02:22 * service_register_NSGR * 1194
TNS-01194: The listener command did not arrive in a secure transport
System parameter file is /opt/ora10g/product/database/network/admin/listener.ora
Log messages written to /opt/ora10g/product/database/network/log/listener_rac1.log
Trace information written to /opt/ora10g/product/database/network/trace/listener_rac1.trc
Trace level is currently 0
12-SEP-2012 23:02:29 * (CONNECT_DATA=(CID=(PROGRAM=)(HOST=rac1)(USER=oracle))(COMMAND=reload)(ARGUMENTS=64)(SERVICE=LISTENER)(VERSION=169870592)) * reload * 0
12-SEP-2012 23:02:36 * (CONNECT_DATA=(CID=(PROGRAM=)(HOST=rac1)(USER=oracle))(COMMAND=status)(ARGUMENTS=64)(SERVICE=LISTENER)(VERSION=169870592)) * status * 0
12-SEP-2012 23:03:03 * (CONNECT_DATA=(SERVICE_NAME=racdb1)(CID=(PROGRAM=oracle)(HOST=rac2)(USER=oracle))) * (ADDRESS=(PROTOCOL=tcp)(HOST=192.168.137.152)(PORT=25687)) * establish * racdb1 * 12514
TNS-12514: TNS:listener does not currently know of service requested in connect descriptor
12-SEP-2012 23:03:09 * service_register_NSGR * 1194
TNS-01194: The listener command did not arrive in a secure transport
12-SEP-2012 23:03:09 * service_register_NSGR * 1194
TNS-01194: The listener command did not arrive in a secure transport
12-SEP-2012 23:03:15 * (CONNECT_DATA=(CID=(PROGRAM=)(HOST=rac1)(USER=oracle))(COMMAND=status)(ARGUMENTS=64)(SERVICE=LISTENER)(VERSION=169870592)) * status * 0
12-SEP-2012 23:03:20 * service_register_NSGR * 1194
TNS-01194: The listener command did not arrive in a secure transport
12-SEP-2012 23:03:22 * service_register_NSGR * 1194
TNS-01194: The listener command did not arrive in a secure transport
[oracle@rac1 admin]$ tail -20 /opt/ora10g/product/database/network/log/listener_rac1.log
TNS-01194: The listener command did not arrive in a secure transport
12-SEP-2012 23:02:22 * service_register_NSGR * 1194
TNS-01194: The listener command did not arrive in a secure transport
System parameter file is /opt/ora10g/product/database/network/admin/listener.ora
Log messages written to /opt/ora10g/product/database/network/log/listener_rac1.log
Trace information written to /opt/ora10g/product/database/network/trace/listener_rac1.trc
Trace level is currently 0
12-SEP-2012 23:02:29 * (CONNECT_DATA=(CID=(PROGRAM=)(HOST=rac1)(USER=oracle))(COMMAND=reload)(ARGUMENTS=64)(SERVICE=LISTENER)(VERSION=169870592)) * reload * 0
12-SEP-2012 23:02:36 * (CONNECT_DATA=(CID=(PROGRAM=)(HOST=rac1)(USER=oracle))(COMMAND=status)(ARGUMENTS=64)(SERVICE=LISTENER)(VERSION=169870592)) * status * 0
12-SEP-2012 23:03:03 * (CONNECT_DATA=(SERVICE_NAME=racdb1)(CID=(PROGRAM=oracle)(HOST=rac2)(USER=oracle))) * (ADDRESS=(PROTOCOL=tcp)(HOST=192.168.137.152)(PORT=25687)) * establish * racdb1 * 12514
TNS-12514: TNS:listener does not currently know of service requested in connect descriptor
12-SEP-2012 23:03:09 * service_register_NSGR * 1194
TNS-01194: The listener command did not arrive in a secure transport
12-SEP-2012 23:03:09 * service_register_NSGR * 1194
TNS-01194: The listener command did not arrive in a secure transport
12-SEP-2012 23:03:15 * (CONNECT_DATA=(CID=(PROGRAM=)(HOST=rac1)(USER=oracle))(COMMAND=status)(ARGUMENTS=64)(SERVICE=LISTENER)(VERSION=169870592)) * status * 0
12-SEP-2012 23:03:20 * service_register_NSGR * 1194
TNS-01194: The listener command did not arrive in a secure transport
12-SEP-2012 23:03:22 * service_register_NSGR * 1194
TNS-01194: The listener command did not arrive in a secure transport
--注:例項註冊失敗,監聽日誌出現TNS-01194: The listener command did not arrive in a secure transport
--得證
--得證
--恢復TCP驗證
--修改監聽配置檔案
[oracle@rac1 admin]$ pwd
/opt/ora10g/product/database/network/admin
[oracle@rac1 admin]$ cat listener.ora
# listener.ora.rac1 Network Configuration File: /opt/ora10g/product/database/network/admin/listener.ora.rac1
# Generated by Oracle configuration tools.
--修改監聽配置檔案
[oracle@rac1 admin]$ pwd
/opt/ora10g/product/database/network/admin
[oracle@rac1 admin]$ cat listener.ora
# listener.ora.rac1 Network Configuration File: /opt/ora10g/product/database/network/admin/listener.ora.rac1
# Generated by Oracle configuration tools.
LISTENER_RAC1 =
(DESCRIPTION_LIST =
(DESCRIPTION =
# (ADDRESS = (PROTOCOL = IPC)(KEY = REGISTER))
(ADDRESS = (PROTOCOL = TCP)(HOST = rac1-vip)(PORT = 1521)(IP = FIRST))
(ADDRESS = (PROTOCOL = TCPS)(HOST = rac1-vip)(PORT = 1523)(IP = FIRST))
(ADDRESS = (PROTOCOL = TCP)(HOST = 192.168.137.151)(PORT = 1521)(IP = FIRST))
)
)
(DESCRIPTION_LIST =
(DESCRIPTION =
# (ADDRESS = (PROTOCOL = IPC)(KEY = REGISTER))
(ADDRESS = (PROTOCOL = TCP)(HOST = rac1-vip)(PORT = 1521)(IP = FIRST))
(ADDRESS = (PROTOCOL = TCPS)(HOST = rac1-vip)(PORT = 1523)(IP = FIRST))
(ADDRESS = (PROTOCOL = TCP)(HOST = 192.168.137.151)(PORT = 1521)(IP = FIRST))
)
)
#cost add
WALLET_LOCATION =
(SOURCE =
(METHOD = FILE)
(METHOD_DATA =
(DIRECTORY = /opt/ora10g/product/database/network/admin/cost)
)
)
WALLET_LOCATION =
(SOURCE =
(METHOD = FILE)
(METHOD_DATA =
(DIRECTORY = /opt/ora10g/product/database/network/admin/cost)
)
)
#SECURE_REGISTER_LISTENER_RAC1 = (IPC)
SECURE_REGISTER_LISTENER_RAC1 = (TCP,TCPS)
SECURE_REGISTER_LISTENER_RAC1 = (TCP,TCPS)
SID_LIST_LISTENER_RAC1 =
(SID_LIST =
(SID_DESC =
(SID_NAME = PLSExtProc)
(ORACLE_HOME = /opt/ora10g/product/database)
(PROGRAM = extproc)
)
)
--重啟監聽,並檢視服務註冊資訊
[oracle@rac1 admin]$ lsnrctl reload
(SID_LIST =
(SID_DESC =
(SID_NAME = PLSExtProc)
(ORACLE_HOME = /opt/ora10g/product/database)
(PROGRAM = extproc)
)
)
--重啟監聽,並檢視服務註冊資訊
[oracle@rac1 admin]$ lsnrctl reload
LSNRCTL for Linux: Version 10.2.0.5.0 - Production on 12-SEP-2012 23:06:44
Copyright (c) 1991, 2010, Oracle. All rights reserved.
Connecting to (ADDRESS=(PROTOCOL=tcp)(HOST=)(PORT=1521))
The command completed successfully
[oracle@rac1 admin]$ lsnrctl status
The command completed successfully
[oracle@rac1 admin]$ lsnrctl status
LSNRCTL for Linux: Version 10.2.0.5.0 - Production on 12-SEP-2012 23:06:48
Copyright (c) 1991, 2010, Oracle. All rights reserved.
Connecting to (ADDRESS=(PROTOCOL=tcp)(HOST=)(PORT=1521))
STATUS of the LISTENER
------------------------
Alias LISTENER_RAC1
Version TNSLSNR for Linux: Version 10.2.0.5.0 - Production
Start Date 12-SEP-2012 22:45:47
Uptime 0 days 0 hr. 21 min. 1 sec
Trace Level off
Security ON: Local OS Authentication
SNMP OFF
Listener Parameter File /opt/ora10g/product/database/network/admin/listener.ora
Listener Log File /opt/ora10g/product/database/network/log/listener_rac1.log
Listening Endpoints Summary...
(DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=192.168.137.153)(PORT=1521)))
(DESCRIPTION=(ADDRESS=(PROTOCOL=tcps)(HOST=192.168.137.153)(PORT=1523)))
(DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=192.168.137.151)(PORT=1521)))
Services Summary...
Service "PLSExtProc" has 1 instance(s).
Instance "PLSExtProc", status UNKNOWN, has 1 handler(s) for this service...
The command completed successfully
STATUS of the LISTENER
------------------------
Alias LISTENER_RAC1
Version TNSLSNR for Linux: Version 10.2.0.5.0 - Production
Start Date 12-SEP-2012 22:45:47
Uptime 0 days 0 hr. 21 min. 1 sec
Trace Level off
Security ON: Local OS Authentication
SNMP OFF
Listener Parameter File /opt/ora10g/product/database/network/admin/listener.ora
Listener Log File /opt/ora10g/product/database/network/log/listener_rac1.log
Listening Endpoints Summary...
(DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=192.168.137.153)(PORT=1521)))
(DESCRIPTION=(ADDRESS=(PROTOCOL=tcps)(HOST=192.168.137.153)(PORT=1523)))
(DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=192.168.137.151)(PORT=1521)))
Services Summary...
Service "PLSExtProc" has 1 instance(s).
Instance "PLSExtProc", status UNKNOWN, has 1 handler(s) for this service...
The command completed successfully
--手動註冊服務,並檢視監聽註冊資訊
[oracle@rac1 admin]$ sqlplus /nolog
[oracle@rac1 admin]$ sqlplus /nolog
SQL*Plus: Release 10.2.0.5.0 - Production on Wed Sep 12 23:07:09 2012
Copyright (c) 1982, 2010, Oracle. All Rights Reserved.
SQL> conn /as sysdba
Connected.
SQL> alter system register;
Connected.
SQL> alter system register;
System altered.
SQL> !
[oracle@rac1 admin]$ lsnrctl status
[oracle@rac1 admin]$ lsnrctl status
LSNRCTL for Linux: Version 10.2.0.5.0 - Production on 12-SEP-2012 23:07:25
Copyright (c) 1991, 2010, Oracle. All rights reserved.
Connecting to (ADDRESS=(PROTOCOL=tcp)(HOST=)(PORT=1521))
STATUS of the LISTENER
------------------------
Alias LISTENER_RAC1
Version TNSLSNR for Linux: Version 10.2.0.5.0 - Production
Start Date 12-SEP-2012 22:45:47
Uptime 0 days 0 hr. 21 min. 38 sec
Trace Level off
Security ON: Local OS Authentication
SNMP OFF
Listener Parameter File /opt/ora10g/product/database/network/admin/listener.ora
Listener Log File /opt/ora10g/product/database/network/log/listener_rac1.log
Listening Endpoints Summary...
(DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=192.168.137.153)(PORT=1521)))
(DESCRIPTION=(ADDRESS=(PROTOCOL=tcps)(HOST=192.168.137.153)(PORT=1523)))
(DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=192.168.137.151)(PORT=1521)))
Services Summary...
Service "+ASM" has 1 instance(s).
Instance "+ASM1", status BLOCKED, has 1 handler(s) for this service...
Service "+ASM_XPT" has 1 instance(s).
Instance "+ASM1", status BLOCKED, has 1 handler(s) for this service...
Service "PLSExtProc" has 1 instance(s).
Instance "PLSExtProc", status UNKNOWN, has 1 handler(s) for this service...
Service "racdb" has 2 instance(s).
Instance "racdb1", status READY, has 2 handler(s) for this service...
Instance "racdb2", status READY, has 1 handler(s) for this service...
Service "racdbXDB" has 2 instance(s).
Instance "racdb1", status READY, has 1 handler(s) for this service...
Instance "racdb2", status READY, has 1 handler(s) for this service...
Service "racdb_XPT" has 2 instance(s).
Instance "racdb1", status READY, has 2 handler(s) for this service...
Instance "racdb2", status READY, has 1 handler(s) for this service...
The command completed successfully
STATUS of the LISTENER
------------------------
Alias LISTENER_RAC1
Version TNSLSNR for Linux: Version 10.2.0.5.0 - Production
Start Date 12-SEP-2012 22:45:47
Uptime 0 days 0 hr. 21 min. 38 sec
Trace Level off
Security ON: Local OS Authentication
SNMP OFF
Listener Parameter File /opt/ora10g/product/database/network/admin/listener.ora
Listener Log File /opt/ora10g/product/database/network/log/listener_rac1.log
Listening Endpoints Summary...
(DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=192.168.137.153)(PORT=1521)))
(DESCRIPTION=(ADDRESS=(PROTOCOL=tcps)(HOST=192.168.137.153)(PORT=1523)))
(DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=192.168.137.151)(PORT=1521)))
Services Summary...
Service "+ASM" has 1 instance(s).
Instance "+ASM1", status BLOCKED, has 1 handler(s) for this service...
Service "+ASM_XPT" has 1 instance(s).
Instance "+ASM1", status BLOCKED, has 1 handler(s) for this service...
Service "PLSExtProc" has 1 instance(s).
Instance "PLSExtProc", status UNKNOWN, has 1 handler(s) for this service...
Service "racdb" has 2 instance(s).
Instance "racdb1", status READY, has 2 handler(s) for this service...
Instance "racdb2", status READY, has 1 handler(s) for this service...
Service "racdbXDB" has 2 instance(s).
Instance "racdb1", status READY, has 1 handler(s) for this service...
Instance "racdb2", status READY, has 1 handler(s) for this service...
Service "racdb_XPT" has 2 instance(s).
Instance "racdb1", status READY, has 2 handler(s) for this service...
Instance "racdb2", status READY, has 1 handler(s) for this service...
The command completed successfully
--檢視監聽日誌
[oracle@rac1 admin]$ tail -20 /opt/ora10g/product/database/network/log/listener_rac1.log
12-SEP-2012 23:06:20 * service_register_NSGR * 1194
TNS-01194: The listener command did not arrive in a secure transport
12-SEP-2012 23:06:23 * service_register_NSGR * 1194
TNS-01194: The listener command did not arrive in a secure transport
System parameter file is /opt/ora10g/product/database/network/admin/listener.ora
Log messages written to /opt/ora10g/product/database/network/log/listener_rac1.log
Trace information written to /opt/ora10g/product/database/network/trace/listener_rac1.trc
Trace level is currently 0
12-SEP-2012 23:06:44 * (CONNECT_DATA=(CID=(PROGRAM=)(HOST=rac1)(USER=oracle))(COMMAND=reload)(ARGUMENTS=64)(SERVICE=LISTENER)(VERSION=169870592)) * reload * 0
12-SEP-2012 23:06:48 * (CONNECT_DATA=(CID=(PROGRAM=)(HOST=rac1)(USER=oracle))(COMMAND=status)(ARGUMENTS=64)(SERVICE=LISTENER)(VERSION=169870592)) * status * 0
12-SEP-2012 23:07:10 * service_register * racdb1 * 0
12-SEP-2012 23:07:10 * service_update * racdb1 * 0
12-SEP-2012 23:07:10 * service_register * racdb1 * 0
12-SEP-2012 23:07:20 * service_update * racdb1 * 0
12-SEP-2012 23:07:20 * service_update * racdb1 * 0
12-SEP-2012 23:07:20 * service_register * +ASM1 * 0
12-SEP-2012 23:07:23 * service_register * racdb2 * 0
12-SEP-2012 23:07:25 * (CONNECT_DATA=(CID=(PROGRAM=)(HOST=rac1)(USER=oracle))(COMMAND=status)(ARGUMENTS=64)(SERVICE=LISTENER)(VERSION=169870592)) * status * 0
12-SEP-2012 23:08:04 * (CONNECT_DATA=(SERVICE_NAME=racdb1)(CID=(PROGRAM=oracle)(HOST=rac2)(USER=oracle))) * (ADDRESS=(PROTOCOL=tcp)(HOST=192.168.137.152)(PORT=25710)) * establish * racdb1 * 12514
TNS-12514: TNS:listener does not currently know of service requested in connect descriptor
[oracle@rac1 admin]$ tail -20 /opt/ora10g/product/database/network/log/listener_rac1.log
12-SEP-2012 23:06:20 * service_register_NSGR * 1194
TNS-01194: The listener command did not arrive in a secure transport
12-SEP-2012 23:06:23 * service_register_NSGR * 1194
TNS-01194: The listener command did not arrive in a secure transport
System parameter file is /opt/ora10g/product/database/network/admin/listener.ora
Log messages written to /opt/ora10g/product/database/network/log/listener_rac1.log
Trace information written to /opt/ora10g/product/database/network/trace/listener_rac1.trc
Trace level is currently 0
12-SEP-2012 23:06:44 * (CONNECT_DATA=(CID=(PROGRAM=)(HOST=rac1)(USER=oracle))(COMMAND=reload)(ARGUMENTS=64)(SERVICE=LISTENER)(VERSION=169870592)) * reload * 0
12-SEP-2012 23:06:48 * (CONNECT_DATA=(CID=(PROGRAM=)(HOST=rac1)(USER=oracle))(COMMAND=status)(ARGUMENTS=64)(SERVICE=LISTENER)(VERSION=169870592)) * status * 0
12-SEP-2012 23:07:10 * service_register * racdb1 * 0
12-SEP-2012 23:07:10 * service_update * racdb1 * 0
12-SEP-2012 23:07:10 * service_register * racdb1 * 0
12-SEP-2012 23:07:20 * service_update * racdb1 * 0
12-SEP-2012 23:07:20 * service_update * racdb1 * 0
12-SEP-2012 23:07:20 * service_register * +ASM1 * 0
12-SEP-2012 23:07:23 * service_register * racdb2 * 0
12-SEP-2012 23:07:25 * (CONNECT_DATA=(CID=(PROGRAM=)(HOST=rac1)(USER=oracle))(COMMAND=status)(ARGUMENTS=64)(SERVICE=LISTENER)(VERSION=169870592)) * status * 0
12-SEP-2012 23:08:04 * (CONNECT_DATA=(SERVICE_NAME=racdb1)(CID=(PROGRAM=oracle)(HOST=rac2)(USER=oracle))) * (ADDRESS=(PROTOCOL=tcp)(HOST=192.168.137.152)(PORT=25710)) * establish * racdb1 * 12514
TNS-12514: TNS:listener does not currently know of service requested in connect descriptor
--注:監聽恢復正常。
--得證
--得證
來自 “ ITPUB部落格 ” ,連結:http://blog.itpub.net/26143577/viewspace-743297/,如需轉載,請註明出處,否則將追究法律責任。
相關文章
- CentOS7 原始碼安裝svn1.9.5及httpd配置(ldap驗證/ad域驗證)CentOS原始碼httpdLDA
- heartbeat安裝配置實驗
- Sqoop安裝及驗證OOP
- oracle安裝shell(未驗證)Oracle
- elasticsearch叢集安裝+安全驗證+kibana安裝Elasticsearch
- memcached安裝及開啟SASL驗證
- 安裝出錯,說jiveHome驗證錯誤
- Flutter安裝、配置、初體驗 windows 版FlutterWindows
- CentOS6.6-DRBD安裝配置實驗CentOS
- Ubuntu smtp驗證配置Ubuntu
- oracle 10G RAC 安裝環境驗證Oracle 10g
- 怎麼在伺服器上安裝SSL證書?伺服器證書安裝配置指南!伺服器
- 手動安裝、驗證、解除安裝11g R2 oracle textOracle
- SSL證書安裝配置最佳化建議
- 【clickhouse專欄】單機版的安裝與驗證
- rpm安裝、升級、查詢與安全驗證
- 安裝crs使用runcluvfy驗證的一個問題
- 第12篇 window上驗證mysql是否安裝成功MySql
- OVS + dpdk 安裝與實驗環境配置
- 本地windows搭建spark環境,安裝與詳細配置(jdk安裝與配置,scala安裝與配置,hadoop安裝與配置,spark安裝與配置)WindowsSparkJDKHadoop
- Struts 驗證框架 配置和使用框架
- Docker 驗證 Centos7.2 離線安裝 Docker 環境DockerCentOS
- OS__安裝、引數、注意事項、驗證事項
- 安裝GD庫解決ThinkPHP驗證碼CalltoundefinedfunctionThinkimagecreate()出錯PHPUndefinedFunction
- 自用驗證類封裝封裝
- 安裝ORACLE資料庫,安裝驗證程式所需的初始設定失敗,無法進入安裝程式Oracle資料庫
- zabbix安裝—–nginx安裝和配置Nginx
- Spring總結--配置驗證碼Spring
- Zookeeper 安裝配置
- 【mongodb安裝配置】MongoDB
- ceph安裝配置
- ELK 安裝配置
- Prometheus安裝配置Prometheus
- MySQL安裝配置MySql
- SwitchOmega 安裝配置
- Hive安裝配置Hive
- JWT安裝配置JWT
- oracle安裝配置Oracle