Sqlnet And Static Ports

Hello,

A week or so ago I read a post asking how to configure Sqlnet to use a static
ports. I can no longer find this post. (Apologies) So I am replying here.

Ok first of all why did the user want to do this? I presume that there was some sort of firewall issue! Ok we could open up the IP address of the server but that is not very secure, or
we could open up a large range of ports, again this is not very secure!!! We could use a static port so the Sqlnet connection does not get handed off to another port and then just open up one port... I will explain.

First off all lets take a quick look at a regular connect. Lets assume the listener is using port 1521. Ok the client makes a connect to port 1521, we can't stay here otherwise no one
else can connect. So the listener sends a packet back to the client telling it to
re-connect on a random port. The connection to port 1521 is then dropped and the client then makes a connect to the newly assigned port. Hey presto we now
have the connection. The next person connects via the lsnr to 1521 and so on.
We can't predict/specify the port number that a client will be redirected to due
to the method used to do this. (wildcard bind)

The above redirect method makes firewall management a bit tricky. So one way round this is to use a static port, ie never redirect but stay on port 1521...

To do this use a minimum of (I think) Oracle 8.0.4.0.0 server on NT and add the following registry entry.

HKEY_LOCAL_MACHINE \ SOFTWARE \ ORACLE .... USE_SHARED_SOCKETS = TRUE This then allows the Sqlnet Listener to use the shared sockets feature of the
Microsoft NT winsock2 tcp/ip stack. The connection will not be re-directed to
the random port.You can now open up just port 1521 on the firewall and have your clients connecting...

Are there any drawbacks, well yes. You cannot restart the lsnr whilst you have
clients connected as you can with the redirect method.

Hope this helps,

Regards,

Daniel... Received on Wed Nov 11 1998 - 06:40:32 CST