Two days ago in a friend QQ group raised a question. Background For example, the following:
After continuing to ask, there are replies such as the following:
1. There is no problem with the other server connection.
2, from the client can telnetserver 1521port.
3, Tnsping normal.
4, the other server does not set the IP trust.
5. Windows 2003 Server,oracle 10.1.0.2.0
But from Clientsqlplus is timeout, unable to connect.
First, look at the definition of ORA-12170:
Oerr Ora 12170
12170, 00000, "Tns:connect timeout occurred"//*cause:the server shut down because connection establishment orcommunication with a client failed to complete within the allotted timeinterval. This could be a result of the network or system delays; or this Mayindicate a malicious client is trying to cause a denial of Serviceattack on the server.
//*action:if The error occurred because of a slow network or system,Reconfigure one or all of the parameters sqlnet. Inbound_connect_timeout,sqlnet. Send_timeout, Sqlnet. Recv_timeout in Sqlnet.ora to larger values.
If A malicious client is suspected with the address in Sqlnet.log toidentify the source and restrict access. Note that logged addresses mayNot be reliable as they can is forged (e.g. in TCP/IP).
The general meaning is that the network or system problem timed out.
Then suggest that he can sqlnet.ora join the trace configuration and look at the trace of Sqlplus:
Trace_level_client=16
Trace_file_client=client
Trace_timestamp_client=on
Trace_directory_client= a path
At this point, however, the feedback says that the support personnel on the server have turned on the Oracle shared connection. can now sqlplus.
Now the problem is out. What is an Oracle shared connection? What configuration will you be able to access from the client? Why is this problem occurring?
In summary, this issue is related to Oracle's execution of Windows platforms.
For Windows platforms that are executed. When a connection request is initiated from the client, the server listener will redirect the client to another random port. Since it is a random port. Then the firewall will naturally not agree to this connection. As a result, the client can telnet to the port, but the sqlplus is timed out. Unable to connect.
The reason for this is that the random port that the client uses to communicate with the Oracle thread is rejected by the firewall. This only happens on the Windows platform, because the Unix-like platforms are supported by default for Port sharing, and no port is rejected by the firewall.
There are two possible ways to solve this problem.
1. Use a firewall that includes the built-in sql*net agent.
Process:
1. Connect the agent. Pass the connection to the listener.
2. Send the client redirect address.
3. redirect addresses via proxy connection.
4. Oracle accepts the connection.
2. Upgrade the database to more than 8.0.x, set the Use_shared_socket variable value to true in the register.
The listener will bind and create a socket at the address specified in the "Listener.ora" file. In this socket, the listener's listening state is active.
When the listener receives the connection request. The listener derives an Oracle thread from listening on port. Such a situation would be repeated. So that eventually a listener and some established connections are using a 1521port closed loop.
Watermark/2/text/ahr0cdovl2jsb2cuy3nkbi5uzxqvymlzyww=/font/5a6l5l2t/fontsize/400/fill/i0jbqkfcma==/dissolve/70 /gravity/center ">
From more than 10.2 of the. Use_shared_socket is already the default value of True, no further changes.
The MoS 124140.1 article specifically describes this part, translating the original text such as the following:
Objective:executes on Windows nt,windows 2000. Or a version number of the operating system, connect an Oracle NET or Net 8 connection to the Oracle database. A client redirect may be connected to a port number in a short port range (unless a problem is encountered in the "Special remarks" section below). Microsoft Winsock V1.1 API does not agree that a process will pass a TCP socket to a process. That is, it does not agree with Port sharing like in Unix systems. In order for the Oracle connection to execute in a firewall environment. The client had to use a firewall that included the built-in sql*net agent. Or use the Winsock V2 API for Windows NT 4.0 (available from service pack#3), the version number above Windows 2000, or the version number above Windows 2000. Such a feature can also be implemented in an Oracle database by using the "Use_shared_socket" parameter in the Windows registry.
Range:This article is primarily provided to DBAs and network administrators who need to use SQL*NET,NET8 or Oracle Net connectivity through firewalls to perform Oracle databases on the Windows operating system.
specific descriptive narrative:As described in the 66382.1 description. There are two ways to enable an Oracle database to execute in an environment that uses a firewall.
1. Use a firewall that includes the built-in sql*net agent. The sql*net agent is able to turn on a listening process that allows the client to connect (usually at 1610port). The listener process then proxies the connection to the database and handles port redirection inside the firewall. No access rules are triggered. At this point the firewall is like executing an Oracle Connection Manager (Connectiong Manager or Multiprotocol switch, Multi Protocol interchange).
There's something different about that. A Connection Manager Connection Manager is installed between the firewall and the database. And when you install the firewall, you agree that he can connect to the connection manager. Then the firewall will not need Oracle NET or sql*net. 2. Another option is to upgrade to the 8.0.x or above version number and set the parameter Use_shared_socket in the registration form. The goal is to activate the port share (this value is true by default in Oracle 10.2 and above).
This parameter can be set in Windows NT 4.0 (SP3 or higher), Windows 2000, or a higher version of Winsock V2 support.
With this parameter, you can also use firewalls that support only port filtering and no sql*net proxies (at least private connections). Multithreaded server (MTS) still needs to redirect the connection to a dynamic port, so it also needs to sql*net the proxy. When Oracle executes on the Windows operating system, it is able to activate the port share by setting the parameter variable in the system environment or the Windows registry. It is recommended to set it in the Windows registry: Use_shared_socket = TRUE. How to set the system environment variables in Windows NT: Control Panel-system-environment.
More than Windows 2000, you can also use the System button in Control Panel. However, the environment variable needs to be found and set by clicking on the "Advanced" button.
You can also use the Windows registry settings: In Oracle Release 8.0 \\HKEY_LOCAL_MACHINE\SOFTWARE\ORACLE In Oracle release 8.1 \\hkey_local_machine\software\oracle\home<#>
In Oracle release 9 or later \\hkey_local_machine\software\oracle\key_ add a string_value value (on the right side of the brochure form )。 is not a key value (the left side of the registration form). All of these methods require a restart of the Oracle process to allow the process to be read to the register when it restarts.
Troubleshoot notes: ability to view configurations using the ' netstat-a ' command. He should show all the client connections. And the port of the listener.
c:\>netstat-anactive ConnectionsProto Local Address Foreign address statetcp 0.0.0.0:1521 0.0.0.0:0 listeningtcp 198.51.100.9:1521 198.51.1 00.6:55769 establishedtcp 198.51.100.9:1521 198.51.100.91:13452 establishedtcp 198.51.100.9:1521 198.51.100 .92:13203 establishedtcp 198.51.100.9:1521 198.51.100.92:13202 establishedtcp 198.51.100.9:1521 203.0.113.16 6:12331 establishedtcp 198.51.100.9:1521 203.0.113.10:12123 establishedtcp 198.51.100.9:1521 203.0.113.10:1 1252 establishedtcp 198.51.100.9:1521 192.0.2.22:14524 establishedtcp 198.51.100.9:1521 192.0.2.20:13524 Establishedtcp 198.51.100.9:1521 192.0.2.102:13452 establishedtcp 198.51.100.9:1521 192.0.2.121:1342 Established
the ability to set the following parameters in the Clientsqlnet.ora file to activate the Oracle Netclient trace:trace_level_client= 16
Trace_directory_client = <directory>
trace_file_directory= <filename>[insert code here]search for the ' port ' string in the trace file. Ability to navigate to the detailed unique port.
Special notes:1. If you use the TCPS protocol or SSL, port redirection will occur. The workaround is to use a firewall that supports sqlnet or NET8 connections or configure Shared server distribution port.
2.10g and above, default use_shared_socket=true.
Copyright notice: This article blog original articles, blogs, without consent, may not be reproduced.
Windows platform Oracle uses Use_shared_socket roles