Connection Manager (CMAN)
Installation
Document is based on Oracle release 10gR2 (10.2.0.4.0). To test it on a single server it is better to create 2 Oracle home. One Oracle database server home that will handle our test database and one small Oracle client home that will handle Connection Manager executable.On Unix the executable is called cmctl.
In following Oracle client installed under /ora_client10g/software with oraclient account. Oracle database installed under /ora_10g/software with ora10g account.
Configuration
Connection Manager
To create the first Connection Manager configuration inherit cman.ora file from /ora_client10g/software/network/admin/samples. Then modify it to map your target configuration. In following cman.ora example we target to listen on port 1551 and redirect connection for 10g.world service to databse running on the same server. For all clients whatever their IP.cman.ora:
cman =
(configuration=
(address=(protocol=tcp)(host=eult93.sgp.st.com)(port=1551))
(parameter_list =
(aso_authentication_filter=off)
(connection_statistics=on)
(log_directory=/ora_client10g/software/network/log)
(log_level=SUPPORT)
(max_connections=256)
(idle_timeout=0)
(inbound_connect_timeout=0)
(session_timeout=0)
(outbound_connect_timeout=0)
(max_gateway_processes=16)
(min_gateway_processes=2)
(remote_admin=on)
(trace_directory=/ora_client10g/software/network/trace)
(trace_level=SUPPORT)
(trace_timestamp=on)
(trace_filelen=1000)
(trace_fileno=1)
(max_cmctl_sessions=4)
(event_group=init_and_term,memory_ops)
)
(rule_list=
(rule=
(src=*)(dst=*)(srv=10g.world)(act=accept)
(action_list=(aut=off)(moct=0)(mct=0)(mit=0)(conn_stats=on))
)
(rule=
(src=eult93)(dst=127.0.0.1)(srv=cmon)(act=accept)
(action_list=(aut=off)(moct=0)(mct=0)(mit=0)(conn_stats=on))
)
)
)
tnsnames.ora:
10g.world= (DESCRIPTION = (ADDRESS_LIST = (ADDRESS = (PROTOCOL = TCP)(HOST = eult93.sgp.st.com) (PORT = 1541)) ) (CONNECT_DATA = (SID = 10g)) )
sqlnet.ora:
NAMES.DEFAULT_DOMAIN = world NAMES.DIRECTORY_PATH= (TNSNAMES) USE_CMAN = true SQLNET.EXPIRE_TIME = 1
Then start it using cmctl command. You must launch it interactively to tell which is the name of the connection manager you plan to administer (the name in the cman.ora file).
[oraclient@eult93 ~]$ cmctl CMCTL for Linux: Version 10.2.0.4.0 - Production on 14-SEP-2009 14:04:31 Copyright (c) 1996, 2007, Oracle. All rights reserved. Welcome to CMCTL, type "help" for information. CMCTL> administer cman Current instance cman is not yet started Connections refer to (address=(protocol=tcp)(host=eult93.sgp.st.com)(port=1551)). The command completed successfully. CMCTL:cman> startup Starting Oracle Connection Manager instance cman. Please wait... TNS-04077: WARNING: No password set for the Oracle Connection Manager instance. CMAN for Linux: Version 10.2.0.4.0 - Production Status of the Instance ---------------------- Instance name cman Version CMAN for Linux: Version 10.2.0.4.0 - Production Start date 14-SEP-2009 14:04:44 Uptime 0 days 0 hr. 0 min. 9 sec Num of gateways started 2 Average Load level 0 Log Level SUPPORT Trace Level SUPPORT Instance Config file /ora_client10g/software/network/admin/cman.ora Instance Log directory /ora_client10g/software/network/log Instance Trace directory /ora_client10g/software/network/trace The command completed successfully.
You can get some statistics (rules, uptime, conneciton, ...) using show command:
CMCTL:cman> show all listener_address | (address=(protocol=tcp)(host=eult93.sgp.st.com)(port=1551)) aso_authentication_filter | OFF connection_statistics | ON event_group | (init_and_term, memory_ops) log_directory | /ora_client10g/software/network/log log_level | SUPPORT max_connections | 256 idle_timeout | 0 inbound_connect_timeout | 0 session_timeout | 0 outbound_connect_timeout | 0 max_gateway_processes | 16 min_gateway_processes | 2 max_cmctl_sessions | 4 password | OFF remote_admin | ON trace_directory | /ora_client10g/software/network/trace trace_level | SUPPORT trace_timestamp | ON trace_filelen | 1000 trace_fileno | 1 Number of filtering rules currently in effect: 2 (rule_list= (rule= (src=*) (dst=*) (srv=10g.world) (act=accept) (action_list=(aut=off)(moct=0)(mct=0)(mit=0)(conn_stats=on)) ) (rule= (src=eult93) (dst=127.0.0.1) (srv=cmon) (act=accept) (action_list=(aut=off)(moct=0)(mct=0)(mit=0)(conn_stats=on)) ) ) The command completed successfully.
Database Server
listener.ora:LISTENER_10g = (DESCRIPTION_LIST = (DESCRIPTION = (ADDRESS_LIST = (ADDRESS = (PROTOCOL = TCP)(HOST = eult93.sgp.st.com)(PORT = 1541)) ) ) ) SID_LIST_LISTENER_10g = (SID_LIST = (SID_DESC = (GLOBAL_DBNAME = 10g.world) (SID_NAME = 10g) (ORACLE_HOME = /ora_10g/software) ) )
sqlnet.ora:
NAMES.DEFAULT_DOMAIN = world NAMES.DIRECTORY_PATH= (TNSNAMES) USE_CMAN = true TCP.VALIDNODE_CHECKING = yes TCP.INVITED_NODES = (localhost,eult93.sgp.st.com) #TCP.EXCLUDED_NODES = (localhost,164.129.228.51,eult93.sgp.st.com) TCP.EXCLUDED_NODES= (164.129.228.51) SQLNET.EXPIRE_TIME = 1
The configuration is made to forbid direct access to the database for client IP 164.129.228.51 (desktop used for testing) and to allow database listener connection only for itself (or the Connection Manager hostname/IP if different for your environment). This a good security rue that would avoid end users to modify the tnsnames.ora file they have on their desktop to remove the Connection Manager entry...
Client
Classic connection:EULT93_10G.WORLD = (DESCRIPTION = (ADDRESS_LIST = (ADDRESS = (PROTOCOL = TCP)(HOST = eult93.sgp.st.com)(PORT = 1541)) ) (CONNECT_DATA = (SID = 10g) (SERVER = DEDICATED) ) )
Using Connection Manager:
EULT93_CMAN.WORLD = (DESCRIPTION = (ADDRESS_LIST = (ADDRESS = (PROTOCOL = TCP)(HOST = eult93.sgp.st.com)(PORT = 1551)) (ADDRESS = (PROTOCOL = TCP)(HOST = eult93.sgp.st.com)(PORT = 1541)) ) (CONNECT_DATA = (SERVICE_NAME = 10g.world) (SERVER = DEDICATED) ) (SOURCE_ROUTE=YES) )
Testing
With classic connection
C:\>tnsping eult93_10g TNS Ping Utility for 32-bit Windows: Version 10.2.0.1.0 - Production on 14-SEP-2009 17:32:01 Copyright (c) 1997, 2005, Oracle. All rights reserved. Used parameter files: C:\oem10g\network\admin\sqlnet.ora Used TNSNAMES adapter to resolve the alias Attempting to contact (DESCRIPTION = (ADDRESS_LIST = (ADDRESS = (PROTOCOL = TCP)(HOST = eult93.sgp.st.com)(PORT = 1541))) (CONNECT_DATA = (SID = 10g) (SERVER = DEDICATED))) TNS-12547: TNS:lost contact
C:\>sqlplus yjaquier@eult93_10g SQL*Plus: Release 10.2.0.1.0 - Production on Mon Sep 14 17:51:16 2009 Copyright (c) 1982, 2005, Oracle. All rights reserved. Enter password: ERROR: ORA-12537: TNS:connection closed
With Connection Manager
C:\>tnsping eult93_cman TNS Ping Utility for 32-bit Windows: Version 10.2.0.1.0 - Production on 14-SEP-2009 17:32:02 Copyright (c) 1997, 2005, Oracle. All rights reserved. Used parameter files: C:\oem10g\network\admin\sqlnet.ora Used TNSNAMES adapter to resolve the alias Attempting to contact (DESCRIPTION = (ADDRESS_LIST = (ADDRESS = (PROTOCOL = TCP)(HOST = eult93.sgp.st.com)(PORT = 1551)) (ADDRESS = (PROTOCOL = TCP)(HOST = eult93.sgp.st.com)(PORT = 1541))) (CONNECT_DATA = (SERVICE_NAME = 10g.world) (SERVER = DEDICATED)) (SOURCE_ROUTE=YES)) OK (20 msec)
C:\>sqlplus yjaquier@eult93_cman SQL*Plus: Release 10.2.0.1.0 - Production on Mon Sep 14 17:32:05 2009 Copyright (c) 1982, 2005, Oracle. All rights reserved. Enter password: Connected to: Oracle Database 10g Enterprise Edition Release 10.2.0.4.0 - Production With the Partitioning, Data Mining and Real Application Testing options SQL>
Thanks for the information. I am currently maintaining the server back in the office and when I research about servers it's really helpful to read blogs just like this. Thanks for sharing.
ReplyDeleteDatacenter