Re: Firewalls and Oracle

Hi Scott
Search either deja.com or technet.oracle.com. The answer has been there = recently. In 8i you can use a setting in sqlnet.ora called something = like use_shared_sockets = true. This will force the 1521 port to be = used twice. Alternatively you could look into setting up protocol.ora = where you can 'invite' and exclude ports.

Hth,

Sybrand Bakker, Oracle DBA

    Scott Dunbar wrote in message <377140D9.34204712_at_commerce.com>...     Hi,

        We are attempting to connect from an Oracle client to an Oracle = server (all in the 8.1.x series) through a firewall. With a little = experimentation it appears that the Oracle client does an initial = connect() to the TNS listener but then an additional connection is made = using an O/S assigned port. The problem is this second connection. = Because it is O/S assigned it cannot be configured into the firewall. = For a variety of reasons we have issues with using a "Net-8" compatible = firewall (Oracle's solution).

        Is the number of this "return" port configurable? I'm guessing = not as that could have the side affect of limiting (to one!) the number = of clients that can be run on a particular box. Alternatively, is there = a way to convince Oracle to use only one connection? As a side note, = doesn't this scheme eat up file descriptors twice as fast as using the = single connection? On most O/S's this isn't a big deal anymore but I = guess SunOS 4.x (without DBE) scared me into being conservative with = fd's.

        Thanks in advance for any information.

    --

    Scott Dunbar                            Global Commerce Systems 
    dunbar_at_commerce.com                     Boulder, CO, USA 
                                            HTML mail ok