Re: SQLNet.ora per Listener?

From: Tim Gorman <tim_at_evdbt.com>
Date: Mon, 20 Apr 2009 14:41:14 -0600
Message-ID: <49ECDDEA.6000009_at_evdbt.com>

It all depends on the TNS_ADMIN environment variable in the environment where the TNS Listener is started. By default, TNS_ADMIN (when not set) points at $ORACLE_HOME/network/admin, but you can set it to whatever you like before you run LSNRCTL to maintain the listener. By messing around with TNS_ADMIN, you can have as many sets of ".ora" files as you wish (or as many as you can hang yourself with)...

Tim Gorman
consultant - Evergreen Database Technologies, Inc.
P.O. Box 630791, Highlands Ranch CO  80163-0791
website   = http://www.EvDBT.com/
email     = Tim_at_EvDBT.com
mobile    = +1-303-885-4526
fax       = +1-303-484-3608
Yahoo IM  = tim_evdbt

japplewhite_at_austinisd.org wrote:

9i on HP-UX and 10g on Linux.

Basic question: Can you somehow tie a particular sqlnet.ora file to a specific listener for a database that has two Listeners? I've looked in the docs and everywhere else I can think of and I can't find that you can somehow specify that a sqlnet.ora file applies to only a specific Listener, it applies to all Listeners in that ORACLE_HOME. The only way that my little brain has come up with is to create another ORACLE_HOME and have a Listener there with its own sqlnet.ora.

What we have is a Student Information database that is accessed District-wide via our internal WAN / LAN. It has a Listener on port 1521. We've had this setup for years. We also allow selected access to that database from the Internet. We opened up another port (not 1521 or any of the "usual" ones) in the firewall and we have a second Listener on that port. The sqlnet on the Client App server in the DMZ requires encryption, etc. via the parameters specific to those security settings. We'd like to require the matching encryption, etc. for any traffic coming to the non-standard Listener, but the single sqlnet.ora file on the server would apply to our internal Listener as well, killing our internal Users. For now, we only have the security settings Accepted, not Required, on the server.

Am I an idiot? I've done the standard setup of Listeners lots and lots over the years but am not well-versed in unusual setups or Advanced Security. Is there a relatively simple way to do what we want or is the separate ORACLE_HOME the ticket? Any guidance would be appreciated.

Thanks.

Jack C. Applewhite - Database Administrator
Austin I.S.D. - MIS Department
512.414.9715 (wk) / 512.935.5929 (pager)

-- http://www.freelists.org/webpage/oracle-l Received on Mon Apr 20 2009 - 15:41:14 CDT

This message: [ Message body ]
Next message: Yong Huang: "Re: Checkpoint duration - oracle 10g"
Previous message: Tim Gorman: "Re: ** trace file"
In reply to: japplewhite_at_austinisd.org: "SQLNet.ora per Listener?"
Next in thread: Nigel Thomas: "Re: SQLNet.ora per Listener?"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message