This discussion is archived
2 Replies Latest reply: Aug 19, 2013 11:18 PM by BillyVerreynne RSS

Unable to ssh ipvip from RAC nodes

Sukrut Newbie
Currently Being Moderated

Hi

 

I am not able to ssh ipvip from outisde the RAC nodes

 

./srvctl status scan_listener

SCAN Listener LISTENER_SCAN1 is enabled

SCAN listener LISTENER_SCAN1 is not running

SCAN Listener LISTENER_SCAN2 is enabled

SCAN listener LISTENER_SCAN2 is not running

SCAN Listener LISTENER_SCAN3 is enabled

SCAN listener LISTENER_SCAN3 is not running

 

 

Let me know what is wrong here ?

 

Sukrut

  • 1. Re: Unable to ssh ipvip from RAC nodes
    SAML. Explorer
    Currently Being Moderated

    The SCAN listener is not running, start the scan listener "srvctl start scan_listener" and try again.

  • 2. Re: Unable to ssh ipvip from RAC nodes
    BillyVerreynne Oracle ACE
    Currently Being Moderated

    886560 wrote:

    I am not able to ssh ipvip from outisde the RAC nodes

     

     

    You should not be using ssh with virtual IPs at all. Not inside the RAC. Not outside the RAC.

     

    A virtual IP can reside, over time, on a number of DIFFERENT host platforms.

     

    A ssh expects that IP to reside (always) on a SINGLE host platform. (it stores the host platform's signature against that IP as a known host)

     

    So when a virtual IP address moves from one platform to another, ssh will fail with a man-in-the-middle-attack. The new host signature of that virtual IP is different from the host the IP was on previously.

     

    Yes, you an manually fix it.

     

    No, it does not make sense.

Legend

  • Correct Answers - 10 points
  • Helpful Answers - 5 points