Dynamic Registration of Non-1521 standard ports in Oracle

Dynamic Registration of Non-1521 standard ports in Oracle

Dynamic Registration of dynamic registry and static registration are important ways to establish a connection between Oracle instances and listeners. From the current trend, the default listener + Dynamic Registration has become the default Oracle standard configuration. In some scenarios, you may need to modify the standard listening configuration and registration mode for security reasons. This article describes how to implement dynamic Registration of Non-port 1521.

1. Default listening and 1521 Port

The core configuration files of Oracle Net Service are listener. ora, tnsnames. ora, and sqlnet. ora. The listener. ora file is the configuration file for listener-related information. The content of listener personalized parameters is set in this file.

By default, the listener. ora file is not available in the $ ORACLE_HOME/network/admin directory.

[Oracle @ aaalife admin] $ ls-l

-Rw-r -----. 1 oracle oinstall 332 Aug 7 tnsnames. ora

In this case, Oracle will use the default port 1521 to support a listener program for the default configuration file. In addition, the program supports dynamic registration.

[Oracle @ aaalife admin] $ lsnrctl start

LSNRCTL for Linux: Version 11.2.0.4.0-Production on 07-SEP-2015 01:08:10

Copyright (c) 1991,201 3, Oracle. All rights reserved.

Starting/u01/app/oracle/product/11.2.0/dbhome_1/bin/tnslsnr: please wait...

TNSLSNR for Linux: Version 11.2.0.4.0-Production

Log messages written to/u01/app/oracle/diag/tnslsnr/aaalife/listener/alert/log. xml

Listening on: (DESCRIPTION = (ADDRESS = (PROTOCOL = tcp) (HOST = localhost) (PORT = 1521 )))

Connecting to (ADDRESS = (PROTOCOL = tcp) (HOST =) (PORT = 1521 ))

STATUS of the LISTENER

------------------------

Alias LISTENER

Version TNSLSNR for Linux: Version 11.2.0.4.0-Production

Start Date 07-SEP-2015 01:08:10

Uptime 0 days 0 hr. 0 min. 0 sec

Trace Level off

Security ON: Local OS Authentication

SNMP OFF

-- The path of the listener configuration file is not described here.

Listener Log File/u01/app/oracle/diag/tnslsnr/aaalife/listener/alert/log. xml

Listening Endpoints Summary...

(DESCRIPTION = (ADDRESS = (PROTOCOL = tcp) (HOST = localhost) (PORT = 1521 )))

The listener supports no services

The command completed successfully

For an Oracle instance at the other end of the registration behavior, by default, the Oracle instance performs a dynamic registration action and registers the action to the listening program listening on port 1521.

[Oracle @ aaalife admin] $ lsnrctl status

LSNRCTL for Linux: Version 11.2.0.4.0-Production on 07-SEP-2015 01:14:54

Copyright (c) 1991,201 3, Oracle. All rights reserved.

Connecting to (ADDRESS = (PROTOCOL = tcp) (HOST =) (PORT = 1521 ))

STATUS of the LISTENER

------------------------

Alias LISTENER

Version TNSLSNR for Linux: Version 11.2.0.4.0-Production

Start Date 07-SEP-2015 01:08:10

Uptime 0 days 0 hr. 6 min. 43 sec

Trace Level off

Security ON: Local OS Authentication

SNMP OFF

Listener Log File/u01/app/oracle/diag/tnslsnr/aaalife/listener/alert/log. xml

Listening Endpoints Summary...

(DESCRIPTION = (ADDRESS = (PROTOCOL = tcp) (HOST = localhost) (PORT = 1521 )))

Services Summary...

Service "aaadb" has 1 instance (s ).

Instance "aaadb", status READY, has 1 handler (s) for this service...

Service "aaadbXDB" has 1 instance (s ).

Instance "aaadb", status READY, has 1 handler (s) for this service...

The command completed successfully

2. Non-Default port listener

In some security scenarios, we are required to modify the listening port to a non-1521 port to avoid scanning intrusion. In fact, this is of little significance to the attack scanning program, because hackers usually scan all ports for attacks.

To modify the port number, you must create a special listener. ora file for configuration. The following describes how to configure a non-standard listener program.

[Oracle @ aaalife admin] $ cat listener. ora

# Listener. ora Network Configuration File:/u01/app/oracle/product/11.2.0/dbhome_1/network/admin/listener. ora

# Generated by Oracle configuration tools.

MY_LISTENER =

(DESCRIPTION_LIST =

(DESCRIPTION =

(ADDRESS = (PROTOCOL = TCP) (HOST = localhost) (PORT = 1531 ))

(ADDRESS = (PROTOCOL = IPC) (KEY = EXTPROC1531 ))

)

)

ADR_BASE_LISTENER =/u01/app/oracle

The configuration file contains a listener on port 1531. View the listener information below.

[Oracle @ aaalife admin] $ lsnrctl start

LSNRCTL for Linux: Version 11.2.0.4.0-Production on 07-SEP-2015 01:27:53

Copyright (c) 1991,201 3, Oracle. All rights reserved.

Starting/u01/app/oracle/product/11.2.0/dbhome_1/bin/tnslsnr: please wait...

TNSLSNR for Linux: Version 11.2.0.4.0-Production

System parameter file is/u01/app/oracle/product/11.2.0/dbhome_1/network/admin/listener. ora

Log messages written to/u01/app/oracle/diag/tnslsnr/aaalife/listener/alert/log. xml

Listening on: (DESCRIPTION = (ADDRESS = (PROTOCOL = tcp) (HOST = localhost) (PORT = 1521 )))

Connecting to (ADDRESS = (PROTOCOL = tcp) (HOST =) (PORT = 1521 ))

STATUS of the LISTENER

------------------------

Alias LISTENER

Version TNSLSNR for Linux: Version 11.2.0.4.0-Production

Start Date 07-SEP-2015 01:27:53

Uptime 0 days 0 hr. 0 min. 0 sec

Trace Level off

Security ON: Local OS Authentication

SNMP OFF

Listener Parameter File/u01/app/oracle/product/11.2.0/dbhome_1/network/admin/listener. ora

Listener Log File/u01/app/oracle/diag/tnslsnr/aaalife/listener/alert/log. xml

Listening Endpoints Summary...

(DESCRIPTION = (ADDRESS = (PROTOCOL = tcp) (HOST = localhost) (PORT = 1521 )))

The listener supports no services

The command completed successfully

Port 1521 listeners are displayed by default. At the same time, it is found that two listeners are running on the current server.

[Oracle @ aaalife admin] $ lsnrctl status listener

LSNRCTL for Linux: Version 11.2.0.4.0-Production on 07-SEP-2015 01:30:13

Copyright (c) 1991,201 3, Oracle. All rights reserved.

Connecting to (ADDRESS = (PROTOCOL = tcp) (HOST =) (PORT = 1521 ))

STATUS of the LISTENER

------------------------

Alias LISTENER

Version TNSLSNR for Linux: Version 11.2.0.4.0-Production

Start Date 07-SEP-2015 01:27:53

Uptime 0 days 0 hr. 2 min. 19 sec

Trace Level off

Security ON: Local OS Authentication

SNMP OFF

Listener Parameter File/u01/app/oracle/product/11.2.0/dbhome_1/network/admin/listener. ora

Listener Log File/u01/app/oracle/diag/tnslsnr/aaalife/listener/alert/log. xml

Listening Endpoints Summary...

(DESCRIPTION = (ADDRESS = (PROTOCOL = tcp) (HOST = localhost) (PORT = 1521 )))

Services Summary...

Service "aaadb" has 1 instance (s ).

Instance "aaadb", status READY, has 1 handler (s) for this service...

Service "aaadbXDB" has 1 instance (s ).

Instance "aaadb", status READY, has 1 handler (s) for this service...

The command completed successfully

[Oracle @ aaalife admin] $

[Oracle @ aaalife admin] $ lsnrctl status my_listener

LSNRCTL for Linux: Version 11.2.0.4.0-Production on 07-SEP-2015 01:30:29

Copyright (c) 1991,201 3, Oracle. All rights reserved.

Connecting to (DESCRIPTION = (ADDRESS = (PROTOCOL = TCP) (HOST = localhost) (PORT = 1531 )))

STATUS of the LISTENER

------------------------

Alias LISTENER

Version TNSLSNR for Linux: Version 11.2.0.4.0-Production

Start Date 07-SEP-2015 01:17:52

Uptime 0 days 0 hr. 12 min. 37 sec

Trace Level off

Security ON: Local OS Authentication

SNMP OFF

Listener Parameter File/u01/app/oracle/product/11.2.0/dbhome_1/network/admin/listener. ora

Listener Log File/u01/app/oracle/diag/tnslsnr/aaalife/listener/alert/log. xml

Listening Endpoints Summary...

(DESCRIPTION = (ADDRESS = (PROTOCOL = tcp) (HOST = localhost) (PORT = 1531 )))

(DESCRIPTION = (ADDRESS = (PROTOCOL = ipc) (KEY = EXTPROC1531 )))

The listener supports no services

The command completed successfully

The above information shows several details:

Ü we configured a custom listener my_listener In the listener. ora file to listen to port 1531. However, the current default listener still exists and can run on port 1521. The my_listener listener runs on port 1531;

Ü the Dynamic Registration of Oracle instances is performed on the listener on port 1521, and port 1531 is not registered;

The problem of the default listener is well solved, as long as we keep only one listener. So, how can I have an Oracle instance register at Port 1531 instead of port 1521?

The solution is to use local_listener to configure parameters. By default, this parameter is null.

SQL> show parameter listener;

NAME TYPE VALUE

-----------------------------------------------------------------------------

Listener_networks string

Local_listener string

Remote_listener string

This parameter is used to specify the listener to which the Oracle instance registers. For non-standard port registration, you must modify the registration listening information parameters.

SQL> show parameter local

NAME TYPE VALUE

-----------------------------------------------------------------------------

Local_listener string (ADDRESS_LIST = (Address = (Protoc ol = tcp) (HOST = AAALIFE) (Port = 1531 )))

Log_archive_local_first boolean TRUE

Parallel_force_local boolean FALSE

Note: The modification range of local_listener supports the both mode. You do not need to restart the instance if it takes effect immediately.

The listener status is as follows:

[Oracle @ aaalife dbs] $ lsnrctl status

LSNRCTL for Linux: Version 11.2.0.4.0-Production on 07-SEP-2015 02:32:25

Copyright (c) 1991,201 3, Oracle. All rights reserved.

Connecting to (ADDRESS = (PROTOCOL = tcp) (HOST =) (PORT = 1521 ))

STATUS of the LISTENER

------------------------

Alias LISTENER

Version TNSLSNR for Linux: Version 11.2.0.4.0-Production

Start Date 07-SEP-2015 01:27:53

Uptime 0 days 1 hr. 4 min. 32 sec

Trace Level off

Security ON: Local OS Authentication

SNMP OFF

Listener Parameter File/u01/app/oracle/product/11.2.0/dbhome_1/network/admin/listener. ora

Listener Log File/u01/app/oracle/diag/tnslsnr/aaalife/listener/alert/log. xml

Listening Endpoints Summary...

(DESCRIPTION = (ADDRESS = (PROTOCOL = tcp) (HOST = localhost) (PORT = 1521 )))

The listener supports no services

The command completed successfully

[Oracle @ aaalife dbs] $ lsnrctl status my_listener

LSNRCTL for Linux: Version 11.2.0.4.0-Production on 07-SEP-2015 02:32:33

Copyright (c) 1991,201 3, Oracle. All rights reserved.

Connecting to (DESCRIPTION = (ADDRESS = (PROTOCOL = TCP) (HOST = localhost) (PORT = 1531 )))

STATUS of the LISTENER

------------------------

Alias LISTENER

Version TNSLSNR for Linux: Version 11.2.0.4.0-Production

Start Date 07-SEP-2015 01:17:52

Uptime 0 days 1 hr. 14 min. 41 sec

Trace Level off

Security ON: Local OS Authentication

SNMP OFF

Listener Parameter File/u01/app/oracle/product/11.2.0/dbhome_1/network/admin/listener. ora

Listener Log File/u01/app/oracle/diag/tnslsnr/aaalife/listener/alert/log. xml

Listening Endpoints Summary...

(DESCRIPTION = (ADDRESS = (PROTOCOL = tcp) (HOST = localhost) (PORT = 1531 )))

(DESCRIPTION = (ADDRESS = (PROTOCOL = ipc) (KEY = EXTPROC1531 )))

Services Summary...

Service "aaadb" has 1 instance (s ).

Instance "aaadb", status READY, has 1 handler (s) for this service...

Service "aaadbXDB" has 1 instance (s ).

Instance "aaadb", status READY, has 1 handler (s) for this service...

The command completed successfully

The instance dynamically registers with port 1531, and the original 1521 default listener does not have registration information.

Then, there is another problem, that is, the local_listener setting value. This value is written using a bracket expression, which is used internally by Oracle Net Service. From the management perspective, this policy is not a good method. We directly write the port number in the database parameters, which not only exposes deployment information, but also has some problems in the migration and change actions.

Therefore, Oracle officially supports configuring local_listener by using the listener alias method.

3. Set the listener alias

An interesting phenomenon is that the configuration of local_listener varies greatly between MOS and network colleagues. The official opinion of MOS is to set the listener alias, and the network colleagues select the "Bracket expression" without exception ".

In my experiment, the listener alias is directly set, which is not recognized by Oracle.

SQL> alter system set local_listener = 'my _ listener 'scope = both;

Alter system set local_listener = 'my _ listener 'scope = both

*

ERROR at line 1:

ORA-02097: parameter cannot be modified because specified the value is invalid

ORA-00119: invalid specification for system parameter LOCAL_LISTENER

ORA-00132: syntax error or unresolved network name 'my _ listener'

Oracle cannot parse the my_listener name because it is neither a bracket expression nor a set alias. This is strange. We have clearly defined the name in the listener. ora file.

Oracle official explanation of error 00132 is as follows:

[Oracle @ aaalife admin] $ oerr ora 00132

00132,000 00, "syntax error or unresolved network name '% S '"

// * Cause: Listener address has syntax error or cannot be resolved.

// * Action: If a network name is specified, check that it corresponds

// To an entry in TNSNAMES. ORA or other address repository

// As configured for your system. Make sure that the entry

// Is syntactically correct.

Oracle believes that the corresponding name of my_listener cannot be found in the tnsnames. ora file on the server side. Tnsnames. ora is the place where the name of the local connection is saved. Does it mean that the alias here must be defined in the tnsnames. ora file. We are familiar with defining local naming aliases. How is the listener program alias defined?

After querying early Oracle documents and treatments, you can find the definition formats and methods in one corner.

[Oracle @ aaalife admin] $ cat tnsnames. ora # tnsnames. ora Network Configuration File:/u01/app/oracle/product/11.2.0/dbhome_1/network/admin/tnsnames. ora

# Generated by Oracle configuration tools.

MY_LISTENER =

(Description =

(Address = (protocol = tcp) (host = AAALIFE) (port = 1531 )))

The tnsping command has the side effects of parsing the format. Can it be successful?

[Oracle @ aaalife admin] $ tnsping my_listener

TNS Ping Utility for Linux: Version 11.2.0.4.0-Production on 07-SEP-2015 20:43:58

Copyright (c) 1997,201 3, Oracle. All rights reserved.

Used parameter files:

Used TNSNAMES adapter to resolve the alias

Attempting to contact (description = (address = (protocol = tcp) (host = AAALIFE) (port = 1531 )))

OK (0 msec)

Resolution is successful, at least there is no big problem in the format.

SQL> alter system set local_listener = 'my _ LISTENER 'scope = both;

System altered.

SQL> show parameter local;

NAME TYPE VALUE

-----------------------------------------------------------------------------

Local_listener string MY_LISTENER

Log_archive_local_first boolean TRUE

Parallel_force_local boolean FALSE

Start manual registration to view the listener status.

SQL> alter system register;

System altered.

[Oracle @ aaalife admin] $ lsnrctl status my_listener

LSNRCTL for Linux: Version 11.2.0.4.0-Production on 07-SEP-2015 20:50:47

Copyright (c) 1991,201 3, Oracle. All rights reserved.

Connecting to (DESCRIPTION = (ADDRESS = (PROTOCOL = TCP) (HOST = localhost) (PORT = 1531 )))

STATUS of the LISTENER

------------------------

Alias my_listener

Version TNSLSNR for Linux: Version 11.2.0.4.0-Production

Start Date 07-SEP-2015 19:48:50

Uptime 0 days 1 hr. 1 min. 59 sec

Trace Level off

Security ON: Local OS Authentication

SNMP OFF

Listener Parameter File/u01/app/oracle/product/11.2.0/dbhome_1/network/admin/listener. ora

Listener Log File/u01/app/oracle/diag/tnslsnr/aaalife/my_listener/alert/log. xml

Listening Endpoints Summary...

(DESCRIPTION = (ADDRESS = (PROTOCOL = tcp) (HOST = localhost) (PORT = 1531 )))

(DESCRIPTION = (ADDRESS = (PROTOCOL = ipc) (KEY = EXTPROC1531 )))

Services Summary...

Service "aaadb" has 1 instance (s ).

Instance "aaadb", status READY, has 1 handler (s) for this service...

Service "aaadbXDB" has 1 instance (s ).

Instance "aaadb", status READY, has 1 handler (s) for this service...

The command completed successfully

Set successfully. In the listener status, my_listener appears as the alias in the status information.

4. Conclusion

Dynamic Registration is the most common registration mode. Multiple configuration files (Oracle Net Service), Oracle parameters, listener settings are intertwined and affect each other. During this period, there are multiple factors such as network adapter, domain name resolution, and so on, which are prone to faults. Multi-experiment and multi-test can help us to gain a deeper understanding of the system and be more comfortable in our daily work.