Re: Clients connecting to non-vip address
Date: Thu, 10 Jan 2008 01:44:15 -0800 (PST)
On Jan 10, 10:18 am, supr..._at_scs.howard.edu wrote:
> However, even though I ONLY specify the vip address in my jdbc url, I
> see established connections from the application server to the non-vip
> address (xxx.xx.xx.200). Since I see the same phenomena from two
I've witnessed a similar behavior with 10g RAC, even with sqlplus as
the client app.
According to the results of my tests, the end-point of the SQL*Net connection of the server process is:
- the vip interface if the client initiates the connection to the listener running on the server hosting the instance that will serve the session
- the non-vip interface if the connection is redirected from one listener to another one
This assumes that the client-side tnsnames.ora only knows the vip addresses and that the instances register to a remote listener configured as follows in the server-side tnsnames.ora:
(ADDRESS = (PROTOCOL = TCP)(HOST = host1-vip)(PORT = 1521)) (ADDRESS = (PROTOCOL = TCP)(HOST = host2-vip)(PORT = 1521)) )
However the "HOST=" entries for the "REMOTE SERVER" as displayed by "lsnrctl services" are the non-vip addresses.
There are of course other parameters involved but basically the configuration I used is the default configuration created by dbca/ netca.
So yes, it seems that "indirect" connections are not protected by the VIP mechanism in this default configuration.
Jerome Received on Thu Jan 10 2008 - 03:44:15 CST