Re: iptables settings for 10g RAC

From: Palooka <>
Date: Tue, 02 Dec 2008 00:52:52 +0000
Message-ID: <BF%Yk.31612$8r3.21331@newsfe24.ams2>

Greg wrote:
> I have created a 10g RAC database, and want to lock down the
> individual servers with iptables.
> Can someone give me some sample rules which will allow free
> communication between server A and server B, for both the pub/vip/priv
> interfaces?
> Thanks
> Greg

I'd suggest not using iptables. If the intended communication is only between app server and database, look at TCP_INVITED_NODES in your sqlnet.ora. Google Integrigy for OracleNet lockdown suggestions, and download their white paper.

Palooka Received on Mon Dec 01 2008 - 18:52:52 CST

Original text of this message