After the successful installation of Oracle 10g in red Hat Enterprise Linux server Releae 5.5, after the client has configured TNS, the test can be connected to the data block server with an error: Ora-12170:tns: Connection Timeout
1: First check whether the network can ping through, as shown below, the network is unblocked
3: See if the server listener service is started
[Oracle@wgods ~]$ lsnrctl Status
Lsnrctl for linux:version 10.2.0.1.0-production on 14-dec-2012 15:51:13
Copyright (c) 1991, +, Oracle. All rights reserved.
Connecting to (description= address= (PROTOCOL=IPC) (Key=extproc1))
STATUS of the LISTENER
------------------------
Alias LISTENER
Version Tnslsnr for Linux:version 10.2.0.1.0-production
Start Date 14-dec-2012 13:15:28
Uptime 0 Days 2 hr. sec
Trace level off
Security On:local OS Authentication
SNMP off
Listener Parameter File/database/oracle/product/dbhome/network/admin/listener.ora
Listener Log File/database/oracle/product/dbhome/network/log/listener.log
Listening Endpoints Summary ...
(Description= (address= (PROTOCOL=IPC) (Key=extproc1))
(Description= (address= (protocol=tcp) (host=wgods) (port=1521))
Services Summary ...
Service "Plsextproc" has 1 instance (s).
Instance "Plsextproc", Status UNKNOWN, has 1 handler (s) for the This service ...
Service "GSP" has 2 instance (s).
Instance "GSP", Status UNKNOWN, has 1 handler (s) for the This service ...
Instance "GSP", Status READY, has 1 handler (s) for the This service ...
Service "Gspxdb" has 1 instance (s).
Instance "GSP", Status READY, has 1 handler (s) for the This service ...
Service "GSP_XPT" has 1 instance (s).
Instance "GSP", Status READY, has 1 handler (s) for the This service ...
The command completed successfully
4: Using the tnsping command check, reported Tns-12535:tns: Operation Timeout, then we can be sure that the problem of the firewall
C:userskerry>tnsping 172.20.32.79
TNS Ping Utility for 32-bit windows:version 11.2.0.1.0-production on 1 April-December-2012 15:47:15
Copyright (c) 1997, Oracle. All rights reserved.
Parameter file used:
E:appkerryproduct11.2.0dbhome_1networkadminsqlnet.ora
Used the Ezconnect adapter to resolve the alias
Trying to connect (description= (connect_data= (service_name=)) (Address= (PROTOCOL=TCP) (host=172.20.32.79) (PORT=1521))
Tns-12535:tns: Operation timeout
For firewall problems, we can have two solutions:
1: Close the firewall (this scheme is not good, close the firewall, will bring many security risks)
[Root@wgods ~]# service iptables stop
Flushing firewall rules: [OK]
Setting chains to Policy Accept:filter [OK]
Unloading iptables modules: [OK]
2: Modify iptables, open 1521 ports, allow 1521 ports to be connected
2.1 Edit the Iptables file, add-A rh-firewall-1-input-p tcp-m State--state new-m TCP--dport 1521-j accept records.
[Root@wgods sysconfig]# VI iptables
# generated by Iptables-save v1.3.5 on Fri Dec 14 17:03:58 2012
*filter
: INPUT ACCEPT [0:0]
: FORWARD ACCEPT [0:0]
: OUTPUT ACCEPT [1749:243,629]
: Rh-firewall-1-input-[0:0]
-A input-j Rh-firewall-1-input
-A forward-j Rh-firewall-1-input
-A rh-firewall-1-input-i lo-j ACCEPT
-A rh-firewall-1-input-p icmp-m ICMP--icmp-type any-j ACCEPT
-A rh-firewall-1-input-p esp-j ACCEPT
-A rh-firewall-1-input-p ah-j ACCEPT
-A rh-firewall-1-input-d 224.0.0.251-p udp-m UDP--dport 5353-j ACCEPT
-A rh-firewall-1-input-p udp-m UDP--dport 631-j ACCEPT
-A rh-firewall-1-input-p tcp-m tcp--dport 631-j ACCEPT
-A rh-firewall-1-input-m state--state related,established-j ACCEPT
-A rh-firewall-1-input-p tcp-m state--state new-m TCP--dport 21-j ACCEPT
-A rh-firewall-1-input-p tcp-m state--state new-m TCP--dport 25-j ACCEPT
-A rh-firewall-1-input-p tcp-m state--state new-m TCP--dport 22-j ACCEPT
-A rh-firewall-1-input-p tcp-m state--state new-m TCP--dport 23-j ACCEPT
-A rh-firewall-1-input-p tcp-m state--state new-m TCP--dport 1521-j ACCEPT
-A rh-firewall-1-input-j REJECT--reject-with icmp-host-prohibited
COMMIT
# Completed on Fri Dec 14 17:03:58 2012
~
~
~
~
~
"Iptables" 24L, 1212C written
2.2 Restart Iptables Service
[Root@wgods sysconfig]# Service iptables restart
Flushing firewall rules: [OK]
Setting chains to Policy Accept:filter [OK]
Unloading iptables modules: [OK]
Applying iptables firewall rules: [OK]
Loading additional iptables Modules:ip_conntrack_netbios_ns ip_conntrack_ftp [OK]
2.3 Save the new rule so that the configuration rules fail after the next reboot of the machine
[Root@wgods sysconfig]# Service Iptables Save
Saving firewall rules to/etc/sysconfig/iptables: [OK]
2.4 See if 1521 ports are open, allow connections (see red section)
[Root@wgods sysconfig]# iptables-l-N
Chain INPUT (Policy ACCEPT)
Target Prot opt source destination
Rh-firewall-1-input All--0.0.0.0/0 0.0.0.0/0
Chain FORWARD (Policy ACCEPT)
Target Prot opt source destination
Rh-firewall-1-input All--0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (Policy ACCEPT)
Target Prot opt source destination
Chain Rh-firewall-1-input (2 references)
Target Prot opt source destination
ACCEPT All--0.0.0.0/0 0.0.0.0/0
ACCEPT ICMP--0.0.0.0/0 0.0.0.0/0 ICMP type 255
ACCEPT ESP--0.0.0.0/0 0.0.0.0/0
ACCEPT AH--0.0.0.0/0 0.0.0.0/0
ACCEPT UDP--0.0.0.0/0 224.0.0.251 UDP dpt:5353
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.
