Re: Clients connecting to non-vip address

From: <>
Date: Thu, 10 Jan 2008 01:44:15 -0800 (PST)
Message-ID: <>

On Jan 10, 10:18 am, wrote:

> However, even though I ONLY specify the vip address in my jdbc url, I
> see established connections from the application server to the non-vip
> address (xxx.xx.xx.200). Since I see the same phenomena from two


I've witnessed a similar behavior with 10g RAC, even with sqlplus as the client app.
According to the results of my tests, the end-point of the SQL*Net connection of the server process is:

  • the vip interface if the client initiates the connection to the listener running on the server hosting the instance that will serve the session
  • the non-vip interface if the connection is redirected from one listener to another one

This assumes that the client-side tnsnames.ora only knows the vip addresses and that the instances register to a remote listener configured as follows in the server-side tnsnames.ora:

    (ADDRESS = (PROTOCOL = TCP)(HOST = host1-vip)(PORT = 1521))     (ADDRESS = (PROTOCOL = TCP)(HOST = host2-vip)(PORT = 1521))   )

However the "HOST=" entries for the "REMOTE SERVER" as displayed by "lsnrctl services" are the non-vip addresses.

There are of course other parameters involved but basically the configuration I used is the default configuration created by dbca/ netca.

So yes, it seems that "indirect" connections are not protected by the VIP mechanism in this default configuration.

Jerome Received on Thu Jan 10 2008 - 03:44:15 CST

Original text of this message