Study Brief: Oracle8 Networking Administration
by Michael Ritacco, Oraclenotes.com

Overview

Two-tier (client/ server) is also called a simple network because the client talks directly with the server. The same network protocol must be installed on both the client and the server for communication to be possible.

N-tier adds agents (servers) in between the client and server.
Middle tier contains applications and services

NET8
Protocol independent solution that is invisible to the user and application.

Oracle Names
Clients do not need to know the location of the databases to connect. The Oracle names Server resolves the address and connects the client to the listed address.

Connection Manager
Multiplexing of connections
Cross Protocol Connectivity
Network Access Control

Advanced Networking Option
Security Services
Authentication Services
Oracle DCE Integration

Security Server
Single Sign-on authentication for one or more Oracle databases.
Central Security Administration is accomplished by a repository of global users/roles.

Open Gateway offers Transparent gateways and Procedural gateways.
Transparent gateways are used to give SQL access to (30) non-Oracle databases.
Procedural gateways extend oracle stored procedures.

NET8 Architecture

TNSNAMES.ORA: A configuration file which contains names and addresses of the services available on the network. This file is used by clients and distributed servers to identify destinations servers.

SQLNET.ORA: This file is used by all clients and servers. It contains the client profile, optional and diagnostic parameters, and client information for Oracle names.

LISTENER.ORA: A configuration file for the listener program that enables the Oracle Server to accept connections from clients via NET8. The file is located on the machine you want to connect to.

TNS_ADMIN: is the environmental variable used to point the directory containing the configuration files.

NET8 Architecture

CLIENT
SERVER
Application
Server
OCI
OPI
TWO-TASK
TWO-TASK
TNS
TNS
OPA
OPA
PROTOCOL
PROTOCOL

Application Layer: provides for all user oriented activities, GUI, data presentation, application specifics, and identifies database operations to send to the server handing them over to the Oracle Call interface (OCI).

Oracle Call interface (OCI) Layer: The Oracle Call Interface contains the code to start a SQL dialogue between a client and server. This layer is responsible for defining oracle server calls, parsing SQL statements, opening cursors, binding variables, executing SQL, fetching data, and closing cursors.

Two-Task Layer: During the initial connection, this layer looks for any differences in internal data and character set representations determining if conversion is necessary for communication. If necessary, the Two-Task Layer acts as a translator providing character set and data type conversion between different character sets on the client and server.

Transparent Network Substrate (TNS) Layer: provides the interface to industry standard protocols. The TNS functions open, close, send, and receive pass control to an Oracle Protocol Adapter which makes the protocol-specific call. TNS also supports encryption and sequenced cryptographic message digests.

  • Networking Interface (NI) Layer: handles Break and Reset requests for connections, and resolves connect descriptors into actual connect strings.
  • Network Routing (NR) Layer: provides routing of the session to the destination.
  • Network Naming (NN) Layer: this layer resolves aliases to a NET8 destination address.
  • Network Administration (NA) Layer: negotiates the authentication with the destination.
  • Network Session (NS) Layer: handles connect, handshake, and negotiation. Also the provides buffer management, and connection pooling and multiplexing (if enabled).

Oracle Protocol Adapter (OPA) Layer: This layer is responsible mapping TNS to industry-standard protocols. Each protocol has a specific TNS adapter.

  • NT Main/NT(2)/NT OS: are a group of functions that map their calls to the actual protocol used and hold the information on the capabilities of the specific protocol.

Protocol Layer: This is the existing Network-Specific Protocol for machine level connectivity. The layer is only responsible for transmitting the data from the client to the server, the data is then passed to the server-side Oracle Protocol Adapter.

Oracle Program Interface (OPI) Layer: This server-side layer performs the complementary function to the client-side OCI. This layer is responsible for responding to each and every message sent by the client-side OCI. If the OCI requests to fetch 50 rows the OPI will return 50 rows when they are fetched.

Server Layer: on the server side of the connection this layer is responsible for resolving SQL statements and dialogue requests on behalf of the client-side OCI. When a request has finished processing the results (data) are passed to the OPI for formatting and returned to the client.

  • NPI Layer: is server version of the OCI and is used when two servers communicate. The NPI performs all the function of a client OCI layer.

Connection Breaks

  • Inband Breaks are queued and transmitted as regular data traffic using the normal protocol read and write functions.
  • Outband Breaks use cause signals therefore are faster. The break message is sent using urgent data messages.


NET8 Server Side Configuration

Listener Responses

  • Bequeath Session: When a connection request is made against a Oracle server that doesn't have prespawned server processes, the listener creates a dedicated server process and then hands off the connection to the dedicated server process.
  • Dedicated Redirect Session: The listener simply redirects the connection request to a prespawned server process on the Oracle server. After the session is complete the listener spawns a replacement server process. This method is faster the the Bequeath method but at the sacrifice of system resources.
  • Dispatcher Redirect Session: In a multithreaded server environment the Listener redirects connection requests to the Dispatcher process. Many clients can connect to a server without the need to spawn or prespawn server processes.

LISTENER.ORA file is used to configure the listener and must also reside on the same machine as the listener executable. The listener.ora file contains the listener name, listener address, a list of the databases that use the listener, and the listener parameters.

Default parameters for the listener.ora file

  • Listener name: LISTENER
  • Port: 1521
  • Protocols: TCP/IP and IPC
  • SID name: Default database
  • Hostname: Default hostname

Listener Parameters

PRESPAWN_MAX
ADDRESS_LIST
SID_LIST
IPC
SID_DESC
GLOBAL_DBNAME
ORACLE_HOME

CONNECT_TIMEOUT_listener_name
LISTENER_address
LOG_DIRECTORY_listener_name
LOG_FILE_listener_name
LOGGING_listener_name
PASSWORDS_listener_name
SAVE_CONFIG_ON_STOP_listener_name

Listener Control Utility (LSNRCTL) is the tool used to control various aspects of the listener. Remember that any manual changes made to the listener.ora file must be made when the listener is shutdown. The following commands used most often to control the listener:

LSNRCTL Commands

  • START [listener_name] the default is LISTENER
  • STOP [listener_name]
    The SET PASSWORD command must be issued from the LSNRCTL prompt and must be issued prior to a STOP command.
  • SHOW
  • SET
  • RELOAD

Multiple Listeners

When more then one Listener is available the client making a connection request will randomly choose a listener. To make this possible a second listener address must be configured for the same service name in the listener.ora file.

Listener Errors

  • ORA-12154: Connection requests are being received more quickly then the listener can handle.
  • ORA-12224: The listener is not running.
  • ORA-12500: The listener could not start a process to connect the user to the database.
  • ORA-12545: The listener on the remote node could not be contacted.
  • TNS-01169: Fix this error by issuing the SET PASSWORD command from LSNRCTL, and stop the listener with the STOP command.


NET8 Client Side Configuration

Naming Methods

  • Host-Naming: uses DNS or NIS to resolve hostnames can use only TCP/IP as the protocol.
    • slqnet.ora
  • Local-Naming: Supports a wide variety of protocols, or when the defaults must be changed. Uses the tnsnames.ora file to resolve service names.
    • tnsnames.ora
    • slqnet.ora

Steps to set up Local-Naming using Net8 Assistant

  • Choose a connection method
    • TNSNAMES
    • HOSTNAMES
    • ONAMES
    • NDS
    • NIS
    • CDS
  • Specify a service name
  • Choose a protocol
  • Enter the host name and port
  • Enter the SID
  • Test the configuration

Oracle Names

A Oracle Names server allows for a centralized storage of network service addresses. Client connection requests are resolved through the translation of the service name to a network address by the Names server. A typical Names server resolution follows the following steps: NET8 sends the Names server a request for resolution from the client. The Names server looks up the request in the Name server cache; sending the result back to the client. The client receives the request and substitutes the TNS address in place of the service name. The client then contacts the server and a NET8 client-server connection is established.

Centralized Naming Services offers the following benefits:

  • Increased efficiency
  • Elimination of redundancy
  • Simplified administration
  • Server Location transparency

To use a Oracle Names server both the client and server must be configured. The names server can be configured either manually by editing the names.ora file, or with the Net8 Assistant. The Names Client Profile is configured by editing the sqlnet.ora file, or with the Net8 Assistant.

Names Control Utility (NAMESCTL) is the tool used to start and control the Names server.

NAMESCTL Commands

  • START
  • STOP
  • STATUS
  • PING
  • REORDER_NS
  • START_CLIENT_CACHE

Oracle Intelligent Agent

The intelligent agent is a process that runs on a remote server which communicates with OEM to run jobs and monitor events on remote sites. OEM and the intelligent agent communicate via the the communication daemon over Net8.

The listener control utility is the tool used to control the intelligent agent.

Intelligent Agent Commands

  • DBSNMP_START
  • DBSNMP_STATUS
  • DBSNMP_STOP

Agent Configuration Files
 If any of these files become corrupted or negatively modified remove the files and restart the intelligent agent. The files will be recreated and the servers will be rediscovered.

  • services.ora
  • snmp_ro.ora
  • snmp_rw.ora

In order for the agent to manage jobs and events on a remote node a user must exist with the "Logon as a batch job" privilege and the SNMPAGENT role assigned. When the database is started the catsnmp.sql script is automatically run creating the user with the SNMPAGENT role.

If you cannot start the intelligent agent check the event viewer on NT, or the ORACLE_HOME/network/log/dbsnmp*.log file on UNIX for error information.

Multithreaded Server

The MTS configuration allows for shared servers, dedicated servers, and combined users and servers to exist within the same instance. MTS reduces the number of processes on the instance while reducing memory usage and system overhead, reduces the number of idle server processes, increases the total possible number of users, and achieves load balancing. A dedicated server is still necessary when submitting batch jobs, connecting with Server Manager to Start or Shutdown the database, and when connecting as internal.

Connecting in to Multithreaded Server

  • The listener receives a connection request from a client, determining where a dispatcher or a dedicated server will be assigned.
  • If dispatcher: the user process is given the address of the dispatcher.
    If dedicated: the listener spawns a dedicated server process and the user process is connected to it.
  • When a connection is established with either method the connection will be maintained for the duration of the session.

Dispatcher Processing

  • A request is sent to the dispatcher
  • The request is placed in the Request Queue (shared by all dispatchers) in the SGA.
  • A shared server grabs the request from the queue (first in/first out) and processes the request.
  • The shared server places the results of the request in the dispatchers Response Queue (one per dispatcher, located in the SGA).
  • The response is handed off to the dispatcher.
  • The dispatcher returns the response to the user.

Connection Manager

The Connection Manager is a scalable, multipurpose, secure, mutiprotocol networking solution for Net8. Oracle connection Manager employed for Connection Concentration, Network Access control, and Mutiple-Protocol Interchange.

CMAN.ORA Parameters

  • LOG_LEVEL
  • TRACING
  • SHOW_TNS_INFO
  • AUTHENTICATION_LEVEL

Connection Manager Processes

  • CMGW: This process is started through the CMCTL utility. It registers with CMADM for connection concentration, listens for incoming connection requests, relays data between server and clients, and is the process that talks to the CMCTL(80) utility. The process by default listens to port 1610 or 1600 depending on the platform used.
  • CMADM: This is the mutithreaded process that performs the Connection Manager administrative functions, and maintains/updates the Oracle Names address information. CMADM is also responsible for locating the Oracle Names Server, identifing listeners, and monitoring network changes.
  • CMCTL(80): is the utility used to start, stop, status, and check the version of the CMGW and CMADM processes.

When a Oracle Names server and Connection Manager are used together, the Oracle Names server will automatically update Connection Manager listening addresses.

Use the SQLNET.ORA parameter USE_CMAN to specify how a connection is established through the connection manager. Set to True forces the client to connect using a randomly picked indirect path when at least one CMAN address is listed. When the parameter is set to False or is not defined then a path is chosen at random.

 

Troubleshoot the Network

Troubleshooting Checklist

  • Make sure you can make a basic connection from the client to the server.
  • Check that you can make a local database connection.
  • Double check that you have the correct adapter installed on both the client and the server.

Network Security

A sound and secure network must protect against intrusions and maintain Data privacy, Data integrity, Authentication, and Authorization.

  • Data privacy: ensures that data is not stolen during transmission.
  • Data integrity: ensures that data is not modified or disrupted during transmission.
  • Authentication: ensures that users', clients', and hosts' identities are known correctly.
  • Authorization: Permits users, programs, or processes to access an object/objects.

Oracle Network Security Solutions

  • Advanced Networking Option
    • Encryption
    • Checksumming
    • Authentication
  • Authentication Mechanisms
  • Network Authentication Services
    • Kerberos and CyberSAFE
    • Token Cards
    • Biometric Authentication
  • Configuring Authentication
    • Set init.ora parameter REMOTE_OS_AUTHENT= FALSE
    • Set init.ora parameter OS_AUTHENT_PREFIX to null
      OS_AUTHENT_PREFIX= " "

  

About Oraclenotes.com  |  Advertise  |  Contribute   |  Disclaimer 
© Copyright 1999 - 2004 Oraclenotes.com. All Rights Reserved.
Use of this website signifies your agreement to the Terms of Use.
Not affliated or endorced by Oracle Corporation.