Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Mailing Lists -> Oracle-L -> Re: physical standby database managed/non-managed

Re: physical standby database managed/non-managed

From: Mark Brinsmead <mark.brinsmead_at_shaw.ca>
Date: Wed, 25 Jan 2006 19:35:35 -0700
Message-id: <43D83577.3080009@shaw.ca>


Okay, so there's a host that you can use as a relay between your firewalls.

Could that server be an NFS server? That would provide an easy way to pass logfiles through the firewalls.

If your security people are happy with relaying SSH through this intermediary server, you might also have a chance of using (something like) "stunnel" to relay other traffic such as SQL*Net...

Of course, if you point this out they might just realise that they may as well allow a VPN path between your firewall "islands" -- or worse, decide the "ban" the relay host in the middle because it allows to much latitude to bypass their "security".

Is there anything that you can "suggest to network your security folks that will let you connect from primary to standby without opening any security risk"? Sure. It's called a "VPN", a "virtual private network". Of course,
this subverts the restriction that you cannot pass TCP packets between servers, but then I can't think of many good "security" reasons for prohibiting that. (Okay, I *can* think of a few, but they are mostly weird.)

Sandeep Dubey wrote:

>Hi,
>
>We need to implement physical standby database. Primary and standby
>will be in two separate networks behind their own firewalls. Security
>guys dont allow to ping from one server to other server. I can not
>create sqlnet connection either.
>
>So from primary I ssh to a hop server and from there I ssh to standby.
>Under given situation I assume that I can not set up data guard. Or is
>there any way I can implement data guard? Is any suggestion to network
>security folks that will let me connect from primary to standby
>without opening any security risk?
>
>I have started looking into alternative solution using non-managed
>standby. I created a standby database. I am copying the archived logs
>from primary manually and applying on standby. Standby running behind
>the primary acceptable here. Moving the archived logs will be
>implemented through a perl script that will be called from cronjob.
>In this script I have command "Recover standby database;" After that
>if I do AUTO it applies all archived logs and give ORA-00308 for next
>(not yet there) archived log.
>This is the way it is supposed to be.
>
>Is there any way that standby recover to the last available archived
>log and comes out cleanly? How can I query the last archived log file
>applied on the standby database?
>
>Thanks
>
>Sandeep
>--
>http://www.freelists.org/webpage/oracle-l
>
>
>
>
>
>

--
http://www.freelists.org/webpage/oracle-l
Received on Wed Jan 25 2006 - 20:35:35 CST

Original text of this message

HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US