8 Replies Latest reply on Feb 15, 2013 11:49 AM by g777

    network problem - connection for developers


      I'm going to use Oracle RAC 11gR2 on top of RH Linux (2 nodes).
      The cluster will be accessed by application server (web application running on another Windows machine).

      I want to push the whole application (=users) traffic via dedicated network (not public LAN) between app server and database cluster. Let's call it "internal public" network.
      (FYI only, it's for performance sake).

      This wouldn't be a problem if developers don't need to connect directly to the database. But they need it!

      Please, explain to me, if possible, how to create network (and install clusterware/db) to allow:
      1. traffic between app server and db cluster (let's say in subnet and - "internal public")
      2. connecting developers over LAN network to this db (from public corporate subnet

      Note. The interconnect is the 3rd network but it doesn't impact other networks so we skip it here.
      And don't worry, I have enough ethernet adapters.

      I understand that listeners will work on the IP's given in /1/.
      But is there a way to somehow forward the connections from LAN to this "internal public" subnet or something else...?
        • 1. Re: network problem - connection for developers
          Register your networks, giving them each a unique network number (if that wasn't done at install time):
          srvctl add network -k give_it_a_number -s the_subnet_mask
          add a VIP for each network:
          srvctl add vip -n node_name -k the_number -A ip_and_mask
          create listeners for the internal public and the corporate networks, nominating a network number:
          srvctl add listener -l listener_name -p port_numbr -k network_number
          then use TNSnames to direct the apps server to one listener and your developers to the other.
          1 person found this helpful
          • 2. Re: network problem - connection for developers
            Thanks a lot, I will try it on my VBoxes and come back with results.
            • 3. Re: network problem - connection for developers
              Sebastian Solbach -Database Community-Oracle
              Hi John,

              your forgot one important step:

              set listener_networks parameter in the instance to separate both networks.

              Otherwise you will have the problem of cross loadbalancing: It could happen that the developers come in from one network and are forwarded to the application user networks (which will fail, because different network address).

              How to Configure A 2nd Listener on a separate Network in 11.2 Grid Infrastructure (Doc ID 1063571.1)

              • 4. Re: network problem - connection for developers
                Another issue arose. Seems it is NOT ok to define virtual interface like eth2:0 for 2nd network.
                I've created such one on both nodes (it's just for testing, no more eth's available, all 4 Vbox NIC's used), but it gives errors when creating the network.

                Here's the new device

                eth2:0 Link encap:Ethernet HWaddr 08:00:27:BD:FC:3E
                inet addr: Bcast: Mask:
                UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1


                [root@plwrs-vm1 ~]# srvctl add network -k 2 -S -v
                Successfully added Network.

                it shows offline:

                OFFLINE OFFLINE plwrs-vm1
                OFFLINE OFFLINE plwrs-vm2

                When I try to force start:

                [root@plwrs-vm1 ~]# crsctl start res ora.net2.network
                CRS-2672: Attempting to start 'ora.net2.network' on 'plwrs-vm1'
                CRS-2672: Attempting to start 'ora.net2.network' on 'plwrs-vm2'
                CRS-2674: Start of 'ora.net2.network' on 'plwrs-vm1' failed
                CRS-2674: Start of 'ora.net2.network' on 'plwrs-vm2' failed
                CRS-4000: Command Start failed, or completed with errors.

                So eth2:0 is not good idea, as it probes the subnet of eth2

                2013-02-13 13:10:39.593: [ora.net2.network][3724412672] {1:11342:179} [start] Checking if eth2 Interface is fine
                2013-02-13 13:10:39.607: [ora.net2.network][3724412672] {1:11342:179} [start] ifname=eth2
                2013-02-13 13:10:39.608: [ora.net2.network][3724412672] {1:11342:179} [start] subnetmask=
                2013-02-13 13:10:39.608: [ora.net2.network][3724412672] {1:11342:179} [start] subnetnumber=
                2013-02-13 13:10:39.608: [   AGENT][3724412672] {1:11342:179} UserErrorException: Locale is
                2013-02-13 13:10:39.609: [ora.net2.network][3724412672] {1:11342:179} [start] CRS-5008: Invalid attribute value: eth2 for the network interface

                Edited by: g777 on 2013-02-13 14:18

                OK, I employed temporarly another interface (eth3), and it WORKS.

                One more question:
                I've had to configure SCAN (the installer forces to do it).
                I haven't got any DNS server in my internal network, so I put just one entry of SCAN name to '/etc/hosts' file like:
       plwrs-vm-scan.protondomain plwrs-vm-scan
                The SCAN is up and running (also failover works fine among the 2 nodes I have).
                what's your opinion? -
                - should I use SCAN as usual in link definition (alias) for regular application connections?
                - it's better to define 10g-fashioned alias on APP server?
                (let's say, due to not supported SCAN configuration; in fact I don't know if this is the fact).

                Edited by: g777 on 2013-02-13 14:29
                • 5. Re: network problem - connection for developers
                  Oracle recommends to use SCAN as it simplifies client connectivity and eliminates the need to modify database connect strings when the cluster grows and/or shrinks. It gives you a single name for clients to access DBs running in a cluster. The benefit that the client’s connect information does not need to change if you add or remove nodes in the cluster. If you don't want that benefit then you can still use 10g-fashioned alias.

                  11gR2 Grid Infrastructure Single Client Access Name (SCAN) Explained [ID 887522.1]
                  • 6. Re: network problem - connection for developers
                    yes, I know the general teaching on that ;-)
                    my question arise in the non-standard configuration, where I put one SCAN entry into /etc/hosts instead of 3 entries into DNS records (as I haven't got it,and won't have, in my internal/private network).
                    Is it supported solution by MOS?
                    As I wrote the failover works, so I wonder, if I can use it in production.
                    If not, I can always turn off and disable SCAN and use old-fashioned aliases.

                    Any clues, experience?
                    • 7. Re: network problem - connection for developers
                      Hi g777 ,

                      Oracle recommends to use SCAN but if you dont want to use the same, you can use VIP's as in 11gR1 for TAF. SCAN would be required to bypass installation (oui). As you mentioned, you just need to make one SCAN entry in your /etc/hosts and need to set your nslookup file.

                      We have setup a 2-node RAC (production) without SCAN after confirming with MOS. You can also refer below link to set up dummy SCAN.


                      Nikhil Mehta.
                      1 person found this helpful
                      • 8. Re: network problem - connection for developers
                        I will also consult MOS.

                        Thanks a lot guys! Great help.