Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: Listener configuration

Re: Listener configuration

From: Charles Hooper <hooperc2000_at_yahoo.com>
Date: 16 Aug 2006 07:16:52 -0700
Message-ID: <1155737812.093269.189570@b28g2000cwb.googlegroups.com> 





tomunio wrote:


> Hi

> I've two oracle 9i databases (prod and test) on two separate hosts -

> host1 (192.168.1.6), host2 (192.168.1.4 and external_IP).

> One of them (host2) has got an access to the Internet. How should I

> configure the listener on host2 so that I could connect from the

> Internet to the database on host1 (it has no access to the Internet).

> Thx in advance

>

> [oracle_at_host2 admin]$ cat listener.ora

> # LISTENER.ORA Network Configuration File:

> [oracle_at_host2 admin]$ cat tnsnames.ora

> ####################################

> # TNSNAMES.ORA Configuration

> File:/opt/ora9/product/9.2/network/admin/tnsnames.ora

> # Generated by Oracle Enterprise Manager V2

> # Date..........: Thu Aug 19 14:06:35 CEST 2004

> ####################################

>

> PROD.domain =

>   (DESCRIPTION =


>     (ADDRESS_LIST =


>       (ADDRESS = (PROTOCOL = TCP)(HOST = 192.168.1.6)(PORT = 1521))


>     )

>     (CONNECT_DATA = (SID = US2)(SERVER = DEDICATED))


>   )

>

> TEST.domain =

>   (DESCRIPTION =


>     (ADDRESS_LIST =


>       (ADDRESS = (PROTOCOL = TCP)(HOST = 192.168.1.4)(PORT = 1521))


>       (ADDRESS = (PROTOCOL = TCP)(HOST = external_IP)(PORT = 1521))

>     )

>     (CONNECT_DATA = (SID = US2)(SERVER = DEDICATED))


>   )




Configure the listener so that the _internal_ clients can access the
database.



Your Oracle server appears to be running on Unix or Linux.  If host2 is
running Linux, you can perform an iptables DNAT to forward specific
ports, such as 1521, from the Internet to the Oracle database server.
host2 needs to be configured to route the packets between its external
network card and the internal network card using iptables MASQUERADE.
There may be something similar for Unix.



With this set up, tnsnames on the remote client needs to point at the
external IP address of host2.  Strongly consider not directly exposing
the Oracle database to the Internet.



We do something a bit more complicated than the above, using 2 Linux
routing hosts and a VPN server sitting in between.



Charles Hooper


PC Support Specialist


K&M Machine-Fabricating, Inc.
Received on Wed Aug 16 2006 - 09:16:52 CDT












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US