Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: Oracle 9i Shared Server across a firewall - help please !

Re: Oracle 9i Shared Server across a firewall - help please !

From: Sybrand Bakker <postbus_at_sybrandb.demon.nl>
Date: Fri, 9 May 2003 19:13:24 +0200
Message-ID: <vbnp3dorlnjk48@corp.supernews.com> 






"Neil Cudd" <neil_at_cudd.demon.co.uk> wrote in message
news:190d457f.0305081612.126e6c32_at_posting.google.com...


> "Sybrand Bakker" <postbus_at_sybrandb.demon.nl> wrote in message

news:<vbl8vbdqul0487_at_corp.supernews.com>...


> > "Neil Cudd" <neil_at_cudd.demon.co.uk> wrote in message

> > news:190d457f.0305080659.66a48dc8_at_posting.google.com...

> > > Database Server  - Win 2000 Oracle 9.2.0.1

> > >

> > > Client - Win 2000 Oracle Client 9.2.0.1

> > >

> > > Between the database server and the client lies a firewall (the client

> > > is web facing) and because we are using Microsoft Transaction Server,

> > > we must use Oracle Shared Server (formerly MTS).

> > >

> > > The problem is how to limit the ports on which Oracle will

> > > communicate, so we can close down the firewall to these specific

> > > ports. Prior to 8i, it would be by specifying the port numbers for the

> > > dispatchers.Since 8i this is not possible.

> > >

> > > Am I correct in thinking that CMAN (Communication Manager) will enable

> > > me to do this ?

> > >

> > > Any examples would be very helpfull.

> > >

> > > Many thanks,

> > > Neil Cudd.

> >

> > Your assertion about mts in 8i is incorrect!

> > You can specify a port in the mts_dispatcher parameter, provided you use

the


> > normal address syntax.

> > You also need to set the local_listener parameter.

> > CMAN is not needed.

>

> Hi Sybrand,

>

> thanks for your reply.

>

> I'm getting mixed messages from Oracle on this point. The Oracle note

> 1016349.102 Configuring MTS with Firewalls says on the point of MTS

> Port assignment : "This configuration is valid for only Oracle 7.3.x

> and 8.0."

>

> I've already set up shared server with three dispatchers, each with a

> specified port, and set up the local listener. When I run lsnrctl

> service, I can see the connections being made to the dispatchers and

> the port number is set as spec'd. So what's my problem ? When I run

> netstat or take a look at the firwall logs there are no connections

> being made on the ports that I've set for the dispatchers. It's as

> though the port specification is being ignored :-/

> Strange .....

>

> At the moment the firewall is not locked down as well as it should be,

> so there are alot of ports open, but I expect that to change. I am

> assuming the random port assignment of shared server is finding and

> using open ports - but this is a fairly wild guess and my

> uncertainties on this have caused a postponement of a go live (not

> wanting to cry on your shoulder, you understand).

>

> Could this be a behaviour of NT (I'm more unix that NT), or have I

> missed something ?

>

> thanks for your help.

> Neil




I know for a fact it works because I am running such configuration on
8.1.7.4.1



-- 
Sybrand Bakker
Senior Oracle DBA

to reply remove '-verwijderdit' from my e-mail address


Received on Fri May 09 2003 - 12:13:24 CDT












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US