Tài liệu hạn chế xem trước, để xem đầy đủ mời bạn chọn Tải xuống
1
/ 50 trang
THÔNG TIN TÀI LIỆU
Thông tin cơ bản
Định dạng
Số trang
50
Dung lượng
0,97 MB
Nội dung
Configuring Oracle Net for the Client 631 FIGURE 11.20 Choosing a network protocol 3. The next step is to choose the hostname and port. This step depends on the protocol you chose in the previous step. If you chose TCP/IP, you are prompted for the host- name and the port number. The hostname is the name of the machine on which the listener process is running. The port number is the listening location for the listener. The default port is 1521 (see Figure 11.21). FIGURE 11.21 Choosing a hostname and a port 4. The next step is to define the service name. For Oracle 11g, the service name does not have to be the same as the ORACLE_SID because a database can have multiple service names. In Oracle 11g, the service name is normally the same as the global database name. This is the service name that is supplied to the listener, so the listener has to be listening for this service. You can also choose whether this service is for Oracle8i or 95127c11.indd 631 2/17/09 2:17:19 PM Please purchase PDF Split-Merge on www.verypdf.com to remove this watermark. 632 Chapter 11 N Understanding Network Architecture later databases or Oracle8i and previous databases. You can also select the connection type from one of these choices: Database Default ÛN Shared Server ÛN Dedicated Server ÛN Figure 11.22 shows an example of the Oracle Net Manager service name screen. 5. The last step is to test the net service name and verify that all the connection informa- tion entered is correct. Click the Test button to test the network connection. Click Finish button to create the tnsnames.ora entry. You can edit the entry, as shown in Figure 11.23. FIGURE 11.22 Choosing the service name FIGURE 11.23 The Oracle Net Manager tnsnames.ora wizard 95127c11.indd 632 2/17/09 2:17:20 PM Please purchase PDF Split-Merge on www.verypdf.com to remove this watermark. Configuring Oracle Net for the Client 633 After you complete all this, save your changes by choosing File Save Network Con- figuration. This creates and saves the tnsnames.ora file. Contents and Structure of the tnsnames.ora File You created the tnsnames.ora file using the Oracle Net Manager, so open the tnsnames.ora file to view its contents. The tnsnames.ora file is located at the location the TNS_ADMIN variable is set to, which defaults to the $ORACLE_HOME/network/admin directory. Here is an example of the tnsnames.ora file: OCP11G = (DESCRIPTION = (ADDRESS_LIST = (ADDRESS = (PROTOCOL = TCP)(HOST = bt-dell1)(PORT = 1521)) ) (CONNECT_DATA = (SERVICE_NAME = OCPTEST) ) ) Table 11.6 summarizes the parameters in the tnsnames.ora file. TABLE 11.6 The tnsnames.ora Parameters Parameter Description DESCRIPTION Starts the connect descriptor section of the file. ADDRESS_LIST Starts a list of all connect descriptor address information. ADDRESS Specifies the connect descriptor for the net service name. PROTOCOL Specifies the protocol used, such as TCP/IP. HOST Specifies the name of the machine on which the listener is running. An IP address can also be specified in TCP/IP. PORT Specifies the listening location of the listener specific to TCP/IP. CONNECT_DATA Starts the services section for this net service name. SERVICE_NAME Replaces the SID parameter from older releases of Oracle. Defines which service to connect to, which can be the same as the ORACLE_SID or the global database name. Databases can now be referred to by more than a single service name. 95127c11.indd 633 2/17/09 2:17:20 PM Please purchase PDF Split-Merge on www.verypdf.com to remove this watermark. 634 Chapter 11 N Understanding Network Architecture Configuring Local Naming Using Enterprise Manager You can also use Oracle Enterprise Manager to configure local naming. You do so from the Net Services Administration screen as described in the “Adding a Listener Using Enterprise Manager Database Control” section earlier in this chapter. You will see the screen shown in Figure 11.15. Choose Local Naming from the Administer drop-down list, and click Go to open the Local Naming screen, as shown in Figure 11.24. FIGURE 11.24 Using Enterprise Manager to configure local naming 1. Click the Create button to open the Create Net Service Name page. Here you can enter the unique service name that you want users to use to connect to this Oracle service. This can also be the Oracle SID. 2. Select the type of connection to use for this service: a dedicated server, shared server, or the database default. 3. Specify the address information. This includes the protocol, port, and host used by the service being connected to. 4. Click the Add button under Addresses to open the Add Address screen to fill in the appropriate information. On the Create New Service Name page, there is a section to configure failover and load balancing options. Five choices are listed under the Connect Time Failover and Load Bal- ancing section. Table 11.7 summarizes these prompts. If you have multiple listeners listening for this service or are using Oracle Connection Manager, you can select from this list. The default is to use the first address only; this is the case where a single listener is being used. Source routing is used with Oracle Connection Manager. Oracle passes control from the first address listed to the next address, and so on, until the ultimate destination is reached. Every address listed is used in the case of source routing. 95127c11.indd 634 2/17/09 2:17:20 PM Please purchase PDF Split-Merge on www.verypdf.com to remove this watermark. Configuring Oracle Net for the Client 635 TABLE 11.7 Advanced-Features Summary Option Advanced Feature Try each address, in order, until one succeeds. Failover Try each address, randomly, until one succeeds. Failover Load Balancing Try one address, selected at random. Load Balancing Use each address in order until you reach the destination. Source Routing Use only the first address. None Troubleshooting Client-Side Connection Problems Connection problems can also occur from the Oracle client. Several areas affect the ability of a client to connect successfully to the server. The client must be able to contact both the computer on which the Oracle server is located and the listener listening for connections to the Oracle server. The client must also be able to resolve the net service name. Let’s look at the checks to perform on the client to verify connectivity to the Oracle server and to detect and troubleshoot client-side connection problems. Use the following list to help you system- atically check various aspects of the client connection process: Verify that the client can contact the server. ÛN Determine the network route that the client is taking to the server. ÛN Verify local naming configuration files. ÛN Check for multiple-client network configuration files. ÛN Check network file locations. ÛN Check the ÛN NAMES.DIRECTORY_PATH parameter. Check the ÛN NAMES.DEFAULT_DOMAIN parameter. Check the client protocol adapters installed. ÛN Check for any common client-side error codes. ÛN Oracle provides the tnsping utility to verify that the local naming entry defined in the tnsnames.ora file can talk to the service name defined in the listener.ora file. You can find tnsping in the $ORACLE_HOME/bin direc- tory. It also provides the time it took to reach the listener in milliseconds. 95127c11.indd 635 2/17/09 2:17:20 PM Please purchase PDF Split-Merge on www.verypdf.com to remove this watermark. 636 Chapter 11 N Understanding Network Architecture Checking Network File Locations One of the most common problems encountered is clients moving network files and not setting the TNS_ADMIN environmental variable to the new file location. Oracle expects the tnsnames.ora and sqlnet.ora files to be in the default location. If it cannot locate the files and you have not set TNS_ADMIN , you receive an ORA-12154 error message. You also receive this error if the supplied net service name is invalid or the NAMES.DEFAULT_DOMAIN value is mismatched in tnsnames.ora and sqlnet.ora files. The following code shows an example of this error message: $ sqlplus system@ocp11r1 SQL*Plus: Release 11.1.0.6.0 - Production on Sun Aug 17 23:47:17 2008 Copyright (c) 1982, 2007, Oracle. All rights reserved. Enter password: ERROR: ORA-12154: TNS: could not resolve the connect identifier specified If you decide to move network files, be sure to set the TNS_ADMIN environ- mental variable to the location of the files. Oracle first searches the default location for the files and then searches the TNS_ADMIN location for the files. Checking NAMES.DIRECTORY_PATH Make sure the client has the proper names resolution setting. The NAMES.DIRECTORY_PATH parameter in the sqlnet.ora file controls the order in which the client resolves net service names. If the parameter is not set, the default is local naming, OID, and then host naming. If this parameter is set incorrectly, the client may never check the appropriate names resolution type. For example, if you are using local naming and the parameter is set to HOSTNAMES , the tnsnames.ora file will never be used to resolve the net service name. You will receive an ORA-12154 “Could Not Resolve the Connect Identifier Specified” error message. Checking NAMES.DEFAULT_DOMAIN NAMES.DEFAULT_DOMAIN is another common error. It was more common in older releases of Oracle because the parameter defaulted to the value WORLD . Check the client sqlnet.ora file to see whether the parameter is set. If the parameter has a value and you are using unquali- fied net service names, the parameter value is appended to the end of the net service name. An unqualified service name is a service name that does not contain domain information. For example, if you entered sqlplus matt/casey@PROD and the NAMES.DEFAULT_DOMAIN is set to WORLD , Oracle appends .WORLD to the net service name; as a result, Oracle passes the 95127c11.indd 636 2/17/09 2:17:20 PM Please purchase PDF Split-Merge on www.verypdf.com to remove this watermark. An Overview of Oracle Shared Server 637 command as sqlplus matt/casey@PROD.WORLD . You will receive an ORA-12154 “Could Not Resolve the Connect Identifier Specified” error message if the service name should not include the .WORLD domain extension. You use this parameter only if you are using a hierar- chical naming convention. Checking for Client-Side Error Codes You should next check for client-side error codes. Here is a summary of some of the com- mon client-side Oracle error messages you might encounter. They are discussed in detail in the following sections. ORA-12154 “TNS: could not resolve connect identifier specified” ORA-12198 “TNS: could not find path to destination” ORA-12203 “TNS: Unable to connect to destination” ORA-12533 “TNS: illegal address parameters” ORA-12541 “TNS: No listener” ORA-12154 This indicates that the client cannot find the service listed in the tnsnames. ora file. Some of the causes of this were previously described, such as the file is not in the proper directory or the TNS_ADMIN variable is not specified or specified incorrectly. ORA-12198 and ORA-12203 This indicates that the client found an entry for the service in the tnsnames.ora file but the service specified was not found. Check to make sure the service specified in the tnsnames.ora file actually points to a valid database service. ORA-12533 This indicates that you have configured the ADDRESS section of the tnsnames. ora file incorrectly. Check to make sure the syntax is correct, or re-create the definition using the Oracle Net Manager tool. ORA-12541 This indicates that the client contacted a server that does not have a listener running on the specified port. Make sure the listener is started on the server and that the listening port specifications on the client and the server match. An Overview of Oracle Shared Server Oracle Shared Server is an optional configuration of Oracle Server that allows the server to support a larger number of concurrent connections without increasing physical resource requirements. It does so by sharing resources among groups of users. Shared Server is suitable for high-think applications. High-think applications are com- posed of small transactions with natural pauses in the transaction patterns, which makes them good candidates for Oracle Shared Server connections. Many web-based applications fit this model. These types of applications are typically form-based and involve submissions of small amounts of information to the database with small result sets returned to the client. 95127c11.indd 637 2/17/09 2:17:20 PM Please purchase PDF Split-Merge on www.verypdf.com to remove this watermark. 638 Chapter 11 N Understanding Network Architecture Oracle manages dedicated server and shared server connections differently. As a DBA, you need to be able to identify these differences. This knowledge will help you better under- stand the advantages and disadvantages of Oracle Shared Server and when it might be advantageous to use Oracle Shared Server in your environment. Dedicated Server vs. Shared Server If you have ever gone to an upscale restaurant, you may have had your own personal wait- person. That waitperson is there to greet you and escort you to your seat. They take your order for food and drinks and even help prepare your order. No matter how many other patrons enter the restaurant, your waitperson is responsible for serving only your requests. Therefore, your service is consistent—if the person is a good waitperson. A dedicated server environment works in much the same way. Every client connection is associated with a dedicated server process, sometimes called a shadow process, on the machine where the Oracle server exists. No matter how many other connections are made to the server, the same dedicated server is always responsible for processing only your requests. You use the services of that server process until you disconnect from the Oracle server. Most restaurants operate more like shared servers. When you walk in, you are assigned a waitperson, but they may be responsible for serving many other tables. This is good for the restaurant because they can serve more customers without increasing the staff. It may be fine for you as well, if the restaurant is not too busy and the waitperson is not respon- sible for too many tables. Also, if most of the orders are small, the staff can keep up with the requests, and the service will be as good as if you had your own waitperson. In a diner, things work slightly different; the waitperson takes your order and places it on a turnstile. If the diner has multiple cooks, the order is picked up from the turnstile and prepared by one of the available cooks. When the cook completes the preparation of the dinner, it is placed in a location where the waitperson can pick it up and bring it to your table. This is how an Oracle Shared Server environment works. In an Oracle Shared Server environment, dispatcher processes are responsible for servicing client requests. These processes are capable of handling requests from many clients. This is different from the dedicated server environment, where a single client process is handled by a single server process. Like the waitperson in the diner, a dispatcher can be responsible for taking the orders of many clients. When using Oracle Shared Server, idle connections can be reused and allow several users to connect to the database, thus improving scalability. When you request something from the server, it is the dispatcher’s responsibility to take your request and place it in a location called a request queue. The request queue functions 95127c11.indd 638 2/17/09 2:17:20 PM Please purchase PDF Split-Merge on www.verypdf.com to remove this watermark. An Overview of Oracle Shared Server 639 like the turnstile in the diner analogy. All dispatcher processes place their client requests in one request queue, which is a structure contained in the system global area (SGA). Shared Server processes, like cooks in a diner, are responsible for fulfilling the client requests. The Oracle Shared Server process executes the request and places the result into an area of the SGA called a response queue. Every dispatcher has its own response queue. The dispatcher picks up the completed request from the response queue and returns the results to the client. Figure 11.25 illustrates the following processing steps for a Shared Server request: 1. The client passes a request to the dispatcher serving it. 2. The dispatcher places the request on a request queue in the SGA. 3. One of the Shared Server processes executes the request. 4. The Shared Server places the completed request on the dispatchers’ response queue of the SGA. 5. The dispatcher picks up the completed request from the response queue. 6. The completed request is passed back to the client. FIGURE 11.25 Request processing in Shared Server SQL>SELECT ename FROM emp; ENAME ------------ SMITH JONES 2 rows selected. Dispatcher Process Client Computer Server Computer Request Queue Response Queue Shared Server Process Oracle SGA 3 4 1 2 5 6 95127c11.indd 639 2/17/09 2:17:21 PM Please purchase PDF Split-Merge on www.verypdf.com to remove this watermark. 640 Chapter 11 N Understanding Network Architecture Requests placed in the request queue are processed on a first-in, first-out basis (FIFO). Currently, there is no way to prioritize requests within the queue. Advantages and Disadvantages of Shared Server Oracle Shared Server is used when server resources, such as memory and active processes, become constrained. People tend to throw more hardware at problems such as these; this will likely remedy the problem, but it may be an unnecessary expense. If your system is experiencing these problems, Oracle Shared Server allows you to sup- port the same number or a greater number of connections without requiring additional hardware. As a result, Oracle Shared Server tends to decrease the overall memory and pro- cess requirements on the server. Because clients are sharing processes, the total number of processes is reduced. This translates into resource savings on the server. Shared Server also allows for connection pooling. Connection pooling enables the data- base server to disconnect an idle Oracle Shared Server connection to service an incoming request. The idle connection is still active and is reenabled once the client makes the next request. The connection pooling feature of Oracle Shared Server allows it to handle a larger number of requests without having to start additional dispatcher processes. You configure connection pooling by adding attributes to one of the Oracle Shared Server parameters. See the section “Configuring Connection Pooling with the Dispatch- ers Parameter” later in this chapter to see how connection pooling is configured. Shared Server is also required to take advantage of certain network options, such as connection multiplexing and client access control, which are features of Oracle Connection Manager. Oracle Connection Manager is a facility provided by Oracle that controls access to database services and multiplex connections in an Oracle environment. The access con- trol component of Oracle Connection Manager allows you to configure rules that allow or disallow fulfillment of a connection request. The multiplexing component acts as a concen- trator feature. It funnels multiple client sessions through a shared network connection from the Oracle Connection Manager server to the database server. You can find out more about Oracle Connection Manager in “Oracle Data- base Net Services Administrators Guide 11g Release 1 (11.1) Part Number B28316-04.” Oracle Shared Server also has some disadvantages. Applications that generate a signifi- cant amount of network traffic or result in large result sets are not good candidates for Shared Server connections. Think of the earlier diner analogy. Your service is fine until 95127c11.indd 640 2/17/09 2:17:21 PM Please purchase PDF Split-Merge on www.verypdf.com to remove this watermark. [...]... Security and Auditing Oracle Database 11g: Administration I exam objectives covered in this chapter: ÛÛ Administering User Security NN Create and manage database user accounts NN Grant and revoke privileges NN Create and manage roles NN Create and manage profiles ÛÛ Implementing Oracle Database Security NN Database security and principle of least privilege NN Work with standard database auditing One... password is welcome) tell the database that this user account is a password-authenticated account The user password in the Oracle 11gdatabase is case sensitive In earlier releases of Oracle, user passwords were case insensitive Externally Authenticated Users When an externally identified user attempts to connect to the database, the database verifies that the username is a valid database account and trusts... number of Oracle shared servers you want, not to the number of Oracle shared servers you want to add Using the SHARED_SERVER_SESSIONS Parameter The SHARED_SERVER_SESSIONS parameter specifies the total number of Oracle Shared Server sessions that are allowed for the Oracle instance If the number of Oracle Shared Server client connections reaches this limit, any clients that attempt to connect via an Oracle. .. Oracle Shared Server, you need to know how to configure these parameters Managing a Shared Server If the Oracle Shared Server parameters were configured dynamically using the ALTER SYSTEM command or at database creation, it isn’t necessary to stop and start the server After you configure the Oracle Shared Server parameters, you need to understand how to view information about Oracle Shared Server Oracle. .. You can configure Oracle Shared Server connections and dedicated server connections to connect to a single Oracle server This is advantageous if you have a mix of database Oracle Shared Server Infrastructure 651 activity Some types of activities are well suited to Oracle Shared Server connections, and other types of activities are better suited to dedicated connections By default, if Oracle Shared Server... configuring, and managing the Oracle network infrastructure Oracle Net manages the flow of information from client computers to Oracle servers and forms the foundation of all networked computing in the Oracle environment Oracle Net provides services that can be divided into five main categories: connectivity, directory services, scalability, security, and accessibility Oracle Net provides support to... listener.ora file 5 A, B, C. Oracle uses service names in networks in much the same way it uses synonyms in the database Service names provide location transparency and hide the complexity of connect string information You can configure Oracle Net to connect in several ways, including host naming, local naming, OID, and Oracle Easy Connect Oracle Global Naming is not a valid Oracle option 6 D. Connection... configure Oracle Shared Server I’ll also give examples of how to configure Shared Server at database creation or after the database is created using EM Defining the Shared Server Parameters You configure Oracle Shared Server by adding parameters to the Oracle initialization file These parameters identify the number and type of dispatchers, the number of shared servers, and the name of the database you... authentication attempts to connect to the database, the database verifies that the username is a valid database account and that the password supplied matches that user’s password as stored in the database Password-authenticated user accounts are the most common and are sometimes referred to as database- authenticated accounts With a password-authenticated account, the database stores the encrypted password... you want to associate with Shared Server One advantage of Oracle 11g is that all the parameters necessary to manage Oracle Shared Server can be changed dynamically This fulfills one of your primary goals of ensuring the highest degree of database availability possible Let’s take a look at the parameters used to manage Oracle Shared Server Oracle Shared Server Infrastructure 645 Using the DISPATCHERS . name. For Oracle 11g, the service name does not have to be the same as the ORACLE_ SID because a database can have multiple service names. In Oracle 11g, the. the Oracle Connection Manager server to the database server. You can find out more about Oracle Connection Manager in Oracle Data- base Net Services Administrators