Oracle与防火墙设置
Oracle与防火墙设置 要访问防火墙后的windows oracle数据库,仅仅通过简单的打开固定TCP端口的方式是不行的。 这个问题的根本原因是windows oracle数据库的BT设计(unix/linux无此问题)。 一、Oracle的网络通信端口原理 oracle数据库的网络访问采用了一个很BT
Oracle与防火墙设置
要访问防火墙后的windows oracle数据库,仅仅通过简单的打开固定TCP端口的方式是不行的。
这个问题的根本原因是windows oracle数据库的BT设计(unix/linux无此问题)。
一、Oracle的网络通信端口原理
oracle数据库的网络访问采用了一个很BT的工作模式,其大概流程如下:
1)oracle server上的oracle net listener进程持续监听一个固定的TCP端口(缺省是1521);
2)client向server上的net listener端口发起连接请求;
3)listenr收到client的请求之后,建立与client的连接,并通知server新建一个数据库连接的服务进程(以下简称P),该进程会随机选择一个没有被使用的TCP端口并绑定,然后将端口号通知listener;
4)listenr将P绑定的端口号转发给client;
5)client收到P的端口号后,终止与listener的连接,然后通过P的绑定端口直接连接P;
到第5步,连接才最终完成,之后client就可以访问数据库了。
从上面的工作流程可以知道,在这种工作模式下,client实际最终连接的oracle server端口是随机的。
所以根本无法在防火墙上预先设定固定的TCP端口来使oracle server可以被访问。
据说oracle这么做也是不得已的,因为早期windows nt的TCP/IP部分有bug,直接使用公用端口连接会有问题,所以oracle才搞出这么个天才的设计。
不过,NT4SP3之后不就没这个bug了吗,为啥到oracle 11g了还在用这个BT模式呢? 当然啦,,现在网络安全性问题这么严重,如果真的无法使用防火墙,windows版的oracle数据库岂不是要卖不出去了吗?
oracle公司当然不会那么白痴,从oracle 8i开始,windows版的oracle也可以使用正常的工作模式了,只不过默认仍是使用BT工作模式罢了。
只有Windows平台上的9i及以下版本的Oracle才会有这个问题。Oracle在Linux以及Unix平台下,多个进程间可以对端口进行复用,Oracle Server Process仍然使用的是跟监听进程一个端口(1521),客户端只连接了一次,并没有进行第二次连接,与上面描述的流程相比已经发生了变化。
在Windows平台上,10g及以上版本的数据库,也同样利用端口复用,避免了这样的问题。实际上10g就是默认USE_SHARED_SOCKET为TRUE。
二、在防火墙中设置程序例外
在Oracle的BT模式下,其实可通过在防火墙中设置Oracle程序例外来穿越防火墙。
三、在防火墙中设置端口例外
在windows注册表的 (HOMEDIR是你机器上安装的oracle数据库的instance名称)中添加一个字符串键值,名称为USE_SHARED_SOCKET,值为TRUE(注意大小写),然后重启oracle instance或直接重启windows就OK了。
这样,你只要再在防火墙上打开oracle的监听端口(缺省为1521),就可以在防火墙外访问oracle了!
需要在MTS模式下(共享模式) Oracle默认是专用模式。
经试验发现,如果不在init文件中设参数的话,Oracle仍然会要求一个随机端口和1521端口来共同通讯,只是这个随机端口,并不随客户端会话和登 录的变化而变化,在没有重启服务器时,是固定的。 (试验发现,在专用模式下,每次连接,oracle服务器会按+1方式,提供一个非1521的端口。) 所以,还需要在init.ora文件的最后加上一条参数:
mts_dispatchers="(address=(protocol=tcp)(host=myoradb)(port=1521))(dispatchers=1)"
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
1664
14
1423
52
1317
25
1268
29
1242
24
What to do if the oracle can't be opened
Apr 11, 2025 pm 10:06 PM
Solutions to Oracle cannot be opened include: 1. Start the database service; 2. Start the listener; 3. Check port conflicts; 4. Set environment variables correctly; 5. Make sure the firewall or antivirus software does not block the connection; 6. Check whether the server is closed; 7. Use RMAN to recover corrupt files; 8. Check whether the TNS service name is correct; 9. Check network connection; 10. Reinstall Oracle software.
How to solve the problem of closing oracle cursor
Apr 11, 2025 pm 10:18 PM
The method to solve the Oracle cursor closure problem includes: explicitly closing the cursor using the CLOSE statement. Declare the cursor in the FOR UPDATE clause so that it automatically closes after the scope is ended. Declare the cursor in the USING clause so that it automatically closes when the associated PL/SQL variable is closed. Use exception handling to ensure that the cursor is closed in any exception situation. Use the connection pool to automatically close the cursor. Disable automatic submission and delay cursor closing.
How to create cursors in oracle loop
Apr 12, 2025 am 06:18 AM
In Oracle, the FOR LOOP loop can create cursors dynamically. The steps are: 1. Define the cursor type; 2. Create the loop; 3. Create the cursor dynamically; 4. Execute the cursor; 5. Close the cursor. Example: A cursor can be created cycle-by-circuit to display the names and salaries of the top 10 employees.
What steps are required to configure CentOS in HDFS
Apr 14, 2025 pm 06:42 PM
Building a Hadoop Distributed File System (HDFS) on a CentOS system requires multiple steps. This article provides a brief configuration guide. 1. Prepare to install JDK in the early stage: Install JavaDevelopmentKit (JDK) on all nodes, and the version must be compatible with Hadoop. The installation package can be downloaded from the Oracle official website. Environment variable configuration: Edit /etc/profile file, set Java and Hadoop environment variables, so that the system can find the installation path of JDK and Hadoop. 2. Security configuration: SSH password-free login to generate SSH key: Use the ssh-keygen command on each node
What to do if the oracle log is full
Apr 12, 2025 am 06:09 AM
When Oracle log files are full, the following solutions can be adopted: 1) Clean old log files; 2) Increase the log file size; 3) Increase the log file group; 4) Set up automatic log management; 5) Reinitialize the database. Before implementing any solution, it is recommended to back up the database to prevent data loss.
Oracle's Role in the Business World
Apr 23, 2025 am 12:01 AM
Oracle is not only a database company, but also a leader in cloud computing and ERP systems. 1. Oracle provides comprehensive solutions from database to cloud services and ERP systems. 2. OracleCloud challenges AWS and Azure, providing IaaS, PaaS and SaaS services. 3. Oracle's ERP systems such as E-BusinessSuite and FusionApplications help enterprises optimize operations.
How to stop oracle database
Apr 12, 2025 am 06:12 AM
To stop an Oracle database, perform the following steps: 1. Connect to the database; 2. Shutdown immediately; 3. Shutdown abort completely.
How to export oracle view
Apr 12, 2025 am 06:15 AM
Oracle views can be exported through the EXP utility: Log in to the Oracle database. Start the EXP utility, specifying the view name and export directory. Enter export parameters, including target mode, file format, and tablespace. Start exporting. Verify the export using the impdp utility.
