Re: iptables settings for 10g RAC
From: Palooka <nobody_at_nowhere.com>
Date: Tue, 02 Dec 2008 00:52:52 +0000
Message-ID: <BF%Yk.31612$8r3.21331@newsfe24.ams2>
Date: Tue, 02 Dec 2008 00:52:52 +0000
Message-ID: <BF%Yk.31612$8r3.21331@newsfe24.ams2>
Greg wrote:
> I have created a 10g RAC database, and want to lock down the
> individual servers with iptables.
> Can someone give me some sample rules which will allow free
> communication between server A and server B, for both the pub/vip/priv
> interfaces?
> Thanks
> Greg
I'd suggest not using iptables. If the intended communication is only
between app server and database, look at TCP_INVITED_NODES in your
sqlnet.ora. Google Integrigy for OracleNet lockdown suggestions, and
download their white paper.
Palooka Received on Mon Dec 01 2008 - 18:52:52 CST