【RAC】RAC 實作IP通路控制

<b>相對與單節點的oracle ，11gr2 rac中，listener是</b><b>配置在</b><b>GRID_HOME，而不是ORACLE_HOME,是以我們要修改的sqlnet.ora檔案是在GI_HOME/network/admin目錄下的而非ORACLE_HOME/network/admin 目錄。</b>

實驗環境：

資料庫版本 11.2.0.1.0

rac1 10.250.7.225

rac2 10.250.7.249 vip 10.250.7.112

rac3 10.250.7.241

<b>1 最初的配置，tcp.invited_nodes隻包含rac1，rac2兩個節點的ip,不包含rac3的ip</b>

grid@rac1:/opt/11202/11.2.0/grid/network/admin&gt;vim sqlnet.ora 

NAMES.DIRECTORY_PATH= (TNSNAMES, EZCONNECT)

tcp.validnode_checking=yes

#允許通路的ip

tcp.invited_nodes =(<b>10.250.7.225,10.250.7.249</b>)

ADR_BASE = /opt/rac/grid

grid@rac2:/opt/11202/11.2.0/grid/network/admin&gt;vim sqlnet.ora       

tcp.invited_nodes =(<b>10.250.7.249,10.250.7.225</b>)

<b>2 在rac3 上進行測試tnsping rac1 rac2 </b>

oracle@rac3:/opt/oracle/11.2.0/alifpre/network/admin&gt;tnsping rac1

TNS Ping Utility for Linux: Version 11.2.0.1.0 - Production on 15-DEC-2011 16:19:46

Copyright (c) 1997, 2009, Oracle.  All rights reserved.

Used parameter files:

/opt/oracle/11.2.0/alifpre/network/admin/sqlnet.ora

Used TNSNAMES adapter to resolve the alias

Attempting to contact (DESCRIPTION = (ADDRESS_LIST = (ADDRESS = (PROTOCOL = TCP)(HOST = 10.250.7.225)(PORT = 1521))) (CONNECT_DATA = (SID = rac1)))

TNS-12547: TNS:lost contact

oracle@rac3:/opt/oracle/11.2.0/alifpre/network/admin&gt;tnsping rac2

TNS Ping Utility for Linux: Version 11.2.0.1.0 - Production on 15-DEC-2011 16:19:48

Attempting to contact (DESCRIPTION = (ADDRESS_LIST = (ADDRESS = (PROTOCOL = TCP)(HOST = 10.250.7.112)(PORT = 1521))) (CONNECT_DATA = (SID = rac2)))

<b>分别修改rac1 rac2 的 sqlnet.ora檔案</b>

tcp.invited_nodes =(10.250.7.249,10.250.7.241)

<b>3 修改之後必須重新開機監聽，(這個對于生産庫比較麻煩,最造成操作期間的新連接配接失敗)</b>

grid@rac2:/opt/11202/11.2.0/grid/network/admin&gt;<b>srvctl stop listener </b>

grid@rac2:/opt/11202/11.2.0/grid/network/admin&gt;<b>srvctl start listener</b>

grid@rac1:/opt/11202/11.2.0/grid/network/admin&gt;vim sqlnet.ora        

tcp.invited_nodes =(10.250.7.225,10.250.7.241)

重新開機監聽！

grid@rac1:/opt/11202/11.2.0/grid/network/admin&gt;<b>srvctl stop listener </b> 

grid@rac1:/opt/11202/11.2.0/grid/network/admin&gt;<b>srvctl start listener</b>

<b>4 再次進行測試：</b>

OK (0 msec)

OK (10 msec)

成功配置！