17,382
社区成员
发帖
与我相关
我的任务
分享关于1521端口问题
我想通过databaselink,收集另一台服务器的数据,但对方的路由器1024以上端口屏蔽了,我要求对方开放了1521,Oracle还是通信,据说Oracle的端口是可变的,朋友给我了一端英文资料,我英文差,看不明白,请大家帮忙!
On Windows NT, when a connect request comes in to the listener, the listener
spawns and Oracle thread. This thread is a listening thread, and is started
on a wild-card address meaning that the thread is listening for connections
on the current I.P. address, and an unused port number given to the thread by
the networking software. The Oracle thread will contact the listener using
IPC and inform the listener of its listening address, connection load, and some
other status information. The listener sends back to the client a REDIRECT
address. This tells the client to reconnect to the newly spawned Oracle thread.
Since this Oracle thread is on a random port (a range of ports cannot be
defined), the firewall will not let the connection through. The resulting
error is usually a TNS-12203.
There are two ways to resolve this issue.
The first way is to use a firewall that has a SQL*Net proxy built into it. The
way this works is that the SQL*Net proxy starts another listening processes
(usually on port 1610). This causes the firewall to act as a Multi Protocol
Interchange. So, by using the tnsnav.ora file on the client, you connect to
port 1610 (the firewall). The firewall passes the connection to the server.
The server gives a redirect to the client. The client reconnects to the
firewall proxy on port 1610, and the firewall passes the connection to the
Oracle thread on the wild-card listening address. Here is what the connection
flow would look like:
1. connect to proxy and pass connection to listener
2. send redirect to client
3. connect to redirected address via the proxy
4. oracle accepts the connection
firewall
||
+------+ <--------2--------||-------2------ +---------+
|client| || |listener |(port=1521)
+------+ --------1------> proxy ----1------> +---------+
A \ /||\
| \---------3-------/ || \-----3------> +---------+
| || | oracle |(port=xxxx)
+--------------4---------||-------4------- +---------+
The second way to resolve this issue is to upgrade the server to 8.0.x and use
the USE_SHARED_SOCKET parameter in the Windows NT Registry. With this method, it
does not matter what kind of firewall you have. The syntax for this parameter is:
USE_SHARED_SOCKET = TRUE
Place the parameter in the registry under HKEY_LOCAL_MACHINE:Software:Oracle
Restart Oracle and the listener for the parameter to take effect.
Here's how USE_SHARED_SOCKET works. The listener binds and creates a socket
on the address specified in the listener.ora file. On this socket, there is a
LISTEN state active that is used by the listener. When a new connection comes
in to the listener, the listener spawns an Oracle thread on the listening port
(i.e. 1521). This happens over and over again so that you have a listener and
several established connections using port 1521. Pictorially this scenario
would look like this:
+---<O>--------<O>----<O>---<O>--+
| |
| This square represents <O>
| a listening socket for |
| port 1521. |
<O> |
| <O> = oracle thread <O>
| <L> = listener |
| |
+-<O>-------<L>--<O>------<O>----+
The operating system then does a poll() or a select() on the socket to test for
any data. If any of the threads have data, a signal handler is used to contact
the application and inform it of the new data.
The disadvantage of USE_SHARED_SOCKET is that if the listener shuts down, all
connections are dissolved.
Finally, a very common question concerning the listener and port numbers is why
different port numbers show up in the listener.log file. What you are seeing
is the client's source port and client's source IP address. Here's how this
relates to your firewall.
If you want to make a TCP connection to a server (let's say with TELNET), you need
to create a socket. To create a socket, you need 4 pieces of information: A
source IP and port, and a destination IP and port. So let's use TELNET as an
example (the listening port for the TELNET process is 23 on the server):
source destination
+-----------+---------------+
IP |138.2.12.8 |185.45.67.53 |
+-----------+---------------+
port | xx | 23 |
+-----------+---------------+
Notice the source port is labeled as 'xx'. The networking software on the client chooses
at random, or in sequential order, a valid port (between 1024 and 65535) so the client
can send and receive data. This is what you are seeing in the listener.log file.
Will the be a problem with the firewall?
No. The firewall will restrict incoming connections, but will freely let any
connection on any port out (which is okay). Here is what it might look like:
Firewall
<-------------||---------\
<-------------||---------\\
[CLIENT]----------------->|| \---[SERVER]
<-------------||---------//
<-------------||---------/
On Windows NT, when a connect request comes in to the listener, the listener
spawns and Oracle thread. This thread is a listening thread, and is started
on a wild-card address meaning that the thread is listening for connections
on the current I.P. address, and an unused port number given to the thread by
the networking software. The Oracle thread will contact the listener using
IPC and inform the listener of its listening address, connection load, and some
other status information. The listener sends back to the client a REDIRECT
address. This tells the client to reconnect to the newly spawned Oracle thread.
Since this Oracle thread is on a random port (a range of ports cannot be
defined), the firewall will not let the connection through. The resulting
error is usually a TNS-12203.
There are two ways to resolve this issue.
The first way is to use a firewall that has a SQL*Net proxy built into it. The
way this works is that the SQL*Net proxy starts another listening processes
(usually on port 1610). This causes the firewall to act as a Multi Protocol
Interchange. So, by using the tnsnav.ora file on the client, you connect to
port 1610 (the firewall). The firewall passes the connection to the server.
The server gives a redirect to the client. The client reconnects to the
firewall proxy on port 1610, and the firewall passes the connection to the
Oracle thread on the wild-card listening address. Here is what the connection
flow would look like:
1. connect to proxy and pass connection to listener
2. send redirect to client
3. connect to redirected address via the proxy
4. oracle accepts the connection
firewall
||
+------+ <--------2--------||-------2------ +---------+
|client| || |listener |(port=1521)
+------+ --------1------> proxy ----1------> +---------+
A \ /||\
| \---------3-------/ || \-----3------> +---------+
| || | oracle |(port=xxxx)
+--------------4---------||-------4------- +---------+
The second way to resolve this issue is to upgrade the server to 8.0.x and use
the USE_SHARED_SOCKET parameter in the Windows NT Registry. With this method, it
does not matter what kind of firewall you have. The syntax for this parameter is:
USE_SHARED_SOCKET = TRUE
Place the parameter in the registry under HKEY_LOCAL_MACHINE:Software:Oracle
Restart Oracle and the listener for the parameter to take effect.
Here's how USE_SHARED_SOCKET works. The listener binds and creates a socket
on the address specified in the listener.ora file. On this socket, there is a
LISTEN state active that is used by the listener. When a new connection comes
in to the listener, the listener spawns an Oracle thread on the listening port
(i.e. 1521). This happens over and over again so that you have a listener and
several established connections using port 1521. Pictorially this scenario
would look like this:
+---<O>--------<O>----<O>---<O>--+
| |
| This square represents <O>
| a listening socket for |
| port 1521. |
<O> |
| <O> = oracle thread <O>
| <L> = listener |
| |
+-<O>-------<L>--<O>------<O>----+
The operating system then does a poll() or a select() on the socket to test for
any data. If any of the threads have data, a signal handler is used to contact
the application and inform it of the new data.
The disadvantage of USE_SHARED_SOCKET is that if the listener shuts down, all
connections are dissolved.
Finally, a very common question concerning the listener and port numbers is why
different port numbers show up in the listener.log file. What you are seeing
is the client's source port and client's source IP address. Here's how this
relates to your firewall.
If you want to make a TCP connection to a server (let's say with TELNET), you need
to create a socket. To create a socket, you need 4 pieces of information: A
source IP and port, and a destination IP and port. So let's use TELNET as an
example (the listening port for the TELNET process is 23 on the server):
source destination
+-----------+---------------+
IP |138.2.12.8 |185.45.67.53 |
+-----------+---------------+
port | xx | 23 |
+-----------+---------------+
Notice the source port is labeled as 'xx'. The networking software on the client chooses
at random, or in sequential order, a valid port (between 1024 and 65535) so the client
can send and receive data. This is what you are seeing in the listener.log file.
Will the be a problem with the firewall?
No. The firewall will restrict incoming connections, but will freely let any
connection on any port out (which is okay). Here is what it might look like:
Firewall
<-------------||---------\
<-------------||---------\\
[CLIENT]----------------->|| \---[SERVER]
<-------------||---------//
<-------------||---------/
...全文
请发表友善的回复…
发表回复
cwjuan 2002-11-01
- 打赏
- 举报
前两位朋友有点离题了,我想问的是在注册表里如何设置,因为E文看不懂,第三位说得,是该好好学习。
牧牛人软件 2002-11-01
- 打赏
- 举报
你要好好学E文,天天上网,一定会进步的。
hushuangyang 2002-11-01
- 打赏
- 举报
oracle listener.ora配置不是有一个端口设置嘛!
将1521改为1024以下的并且没有占用的端口。
然后你的客户端的配置也做相应的改变即可。
将1521改为1024以下的并且没有占用的端口。
然后你的客户端的配置也做相应的改变即可。
nowhappy 2002-10-30
- 打赏
- 举报
叫对方开一个1024以下的监听即可。
hushuangyang 2002-10-30
- 打赏
- 举报
不一定要用1024以上的端口嘛!
是要1024以下并且没被占用的端口就可以!
是要1024以下并且没被占用的端口就可以!
