The recently launched oracle10gr2 database is in the warning log file (Alert. Log:
Tue Jul 18 23:09:22 2006 Warning: inbound connection timed out (ORA-3136) Tue Jul 18 23:09:23 2006 Warning: inbound connection timed out (ORA-3136) Tue Jul 18 23:09:25 2006 Warning: inbound connection timed out (ORA-3136) Tue Jul 18 23:09:30 2006 Warning: inbound connection timed out (ORA-3136) Tue Jul 18 23:12:15 2006 Warning: inbound connection timed out (ORA-3136) |
At the same time, the following error is recorded in sqlnet. log:
Fatal Ni connect error 12170. Version Information: TNS for Linux: Version 10.2.0.2.0-Production Oracle bequeath nt protocol adapter for Linux: Version 10.2.0.2.0-Production TCP/IP nt protocol adapter for Linux: Version 10.2.0.2.0-Production Time: 19-jul-2006 11:25:26 Tracing not turned on. TNS error struct: NS main err code: 12535 TNS-12535: TNS: Operation timed out NS secondary err code: 12606 NT main err code: 0 NT secondary err code: 0 Nt OS err code: 0 Client address: (address = (Protocol = TCP) (host = 192.168.1.123) (Port = 58147 )) |
This is an error related to the network connection. The Metalink provides the following solutions:
1. Set inbound_connect_timeout _
= 0 in listener. ora
2. Set sqlnet. inbound_connect_timeout = 0 in sqlnet. ora of server.
3. stop and start both listener and database.
4. Now try to connect to DB and observe the behaviour
I don't think it is necessary to reload the database and listener here. Just reload the listner.
[Oracle @ order admin] $ LSNRCTL LSNRCTL for Linux: Version 10.2.0.2.0-production on 19-jul-2006 15:26:33 Copyright (c) 1991,200 5, Oracle. All rights reserved. Welcome to LSNRCTL, type "help" for information. LSNRCTL> reload Connecting to (description = (address = (Protocol = TCP) (host = 172.16.9.11) (Port = 1521 ))) The command completed successfully LSNRCTL> services Connecting to (description = (address = (Protocol = TCP) (host = 172.16.9.11) (Port = 1521 ))) Services summary... Service "order" has 2 instance (s ). Instance "order", status unknown, has 1 handler (s) for this service... Handler (s ): "Dedicated" Established: 0 refused: 0 Local Server Instance "order", status ready, has 1 handler (s) for this service... Handler (s ): "Dedicated" Established: 0 refused: 0 state: Ready Local Server The command completed successfully LSNRCTL> show inbound_connect_timeout Connecting to (description = (address = (Protocol = TCP) (host = 172.16.9.11) (Port = 1521 ))) Listener parameter "inbound_connect_timeout" set to 0 The command completed successfully LSNRCTL> exit |
After modification, observe for a period of time. Currently, it is normal.
We recommend that you modify the sqlnet. inbound_connect_timeout parameter in Oracle to prevent denial-of-service attacks.
An Oracle document is described as follows:
Sqlnet. inbound_connect_timeout
Purpose
Use the sqlnet. inbound_connect_timeout parameter to specify the time, in seconds, for a client to connect with the database server and provide the necessary authentication information.
If the client fails to establish a connection and complete authentication in the time specified, then the database server terminates the connection. in addition, the database server logs the IP address of the client and an ORA-12170: TNS: connect timeout occurred error message to the sqlnet. log File. the client has es either an ORA-12547: TNS: Lost contact or an ORA-12637: Packet receive failed error message.
Without this parameter, a client connection to the database server can stay open indefinitely without authentication. connections without authentication can introduce possible denial-of-service attacks, whereby malicious clients attempt to flood database servers with CONNECT requests that consume resources.
To protect both the database server and the listener, Oracle Corporation recommends setting this parameter in combination with the inbound_connect_timeout_listener_name parameter in the listener. ora file. when Specifying values for these parameters, consider the following recommendations:
Set both parameters to an initial low value.
Set the value of the inbound_connect_timeout_listener_name parameter to a lower value than the sqlnet. inbound_connect_timeout parameter.
For example, you can set inbound_connect_timeout_listener_name to 2 seconds and inbound_connect_timeout parameter to 3 seconds. if clients are unable to complete connections within the specified time due to system or network delays that are normal for the particle environment, then increment the time as needed.
See also:
Oracle9i Net Services Administrator's Guide for information about processing ing these parameters
Default
None
Example
Sqlnet. inbound_connect_timeout = 3