listener.ora
、
sqlnet.ora
、
tnsnames.ora
;
$ORACLE_HOME/network/admin
下:
[oracle@oracle12c admin]$ pwd
/u01/app/oracle/product/12.2.0/dbhome_1/network/admin
[oracle@oracle12c admin]$ ls
samples shrept.lst
[oracle@oracle12c admin]$
由于建库时没有选择创建监听,所以该目录下没有有效的配置文件,使用网络连接时会报错(其实是因为没有打开监听,默认会动态注册):
[oracle@oracle12c admin]$ sqlplus scott/tiger@orcl
SQL*Plus: Release 12.2.0.1.0 Production on Sun Jan 20 16:37:26 2019
Copyright (c) 1982, 2016, Oracle. All rights reserved.
ERROR:
ORA-12154: TNS:could not resolve the connect identifier specified
samples目录下有三个配置文件示例:
[oracle@oracle12c admin]$ ls samples/
listener.ora sqlnet.ora tnsnames.ora
该文件是listener监听器进程的配置文件,监听器进程运行在数据库服务器端,负责监听通过 oracle net访问数据库服务器的连接请求,与已注册的实例信息进行匹配,判断是否建立连接。关闭该进程不影响已存在的数据库连接。
[oracle@oracle12c Desktop]$ netmgr
选择相应的协议(TCP/IP)、主机名或IP地址(192.168.10.10)、监听的端口号(默认1521)
全局数据库名(orcl)、oracle家目录(/u01/app/oracle/product/12.2.0/dbhome_1)、数据库实例名(orcl)
此时已经生成了监听器的配置文件listener.ora
[oracle@oracle12c admin]$ ls
listener.ora samples shrept.lst
[oracle@oracle12c admin]$ cat listener.ora
# listener.ora Network Configuration File: /u01/app/oracle/product/12.2.0/dbhome_1/network/admin/listener.ora
# Generated by Oracle configuration tools.
SID_LIST_LISTENER =
(SID_LIST =
(SID_DESC =
(GLOBAL_DBNAME = orcl)
(ORACLE_HOME = /u01/app/oracle/product/12.2.0/dbhome_1)
(SID_NAME = orcl)
)
)
LISTENER =
(DESCRIPTION =
(ADDRESS = (PROTOCOL = TCP)(HOST = 192.168.10.10)(PORT = 1521))
)
ADR_BASE_LISTENER = /u01/app/oracle
[oracle@oracle12c admin]$
参数LISTENER = (DESCRIPTION = (ADDRESS = (PROTOCOL = TCP)(HOST = 192.168.10.10)(PORT = 1521)) )
描述了监听进程LISTENER的信息:包括协议,地址,端口号;
参数SID_LIST_LISTENER = (SID_LIST = (SID_DESC = (GLOBAL_DBNAME = orcl) (ORACLE_HOME = /u01/app/oracle/product/12.2.0/dbhome_1) (SID_NAME = orcl) ) )
描述了监听进程LISTENER要注册到的实例列表,实例的描述信息:
全局数据库名(指定了对外的数据库服务名,如果没有指定该参数,则对外服务名为SID_NAME实例名)、oracle家目录、实例名SID_NAME(区分大小写
)。
注意:在配置LISTENER监听器的配置文件时,开始配置的SID_NAME = ORCL
实例名配置的是大写;启动监听之后能够通过oracle net 连接,所以我以为实例名不区分大小写;后来重新做实验才发现之所以能连上是因为自动做了动态注册,没有使用到配置的静态注册,也就是listener.ora
。
在之前的配置下(实例名大写时),只有静态注册时(重启监听后的前几分钟),由于监听配置的SID_NAME=ORCL
与 数据库的实例名:
SQL> select instance_name from v$instance;
INSTANCE_NAME
----------------
orcl
不匹配,所以造成了net连接报错。
[oracle@oracle12c Desktop]$ lsnrctl status
LSNRCTL for Linux: Version 12.2.0.1.0 - Production on 27-JAN-2019 21:36:18
Copyright (c) 1991, 2016, Oracle. All rights reserved.
Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=192.168.10.10)(PORT=1521)))
STATUS of the LISTENER
------------------------
Alias LISTENER
Version TNSLSNR for Linux: Version 12.2.0.1.0 - Production
Start Date 27-JAN-2019 21:26:28
Uptime 0 days 0 hr. 9 min. 49 sec
Trace Level off
Security ON: Local OS Authentication
SNMP OFF
Listener Parameter File /u01/app/oracle/product/12.2.0/dbhome_1/network/admin/listener.ora
Listener Log File /u01/app/oracle/diag/tnslsnr/oracle12c/listener/alert/log.xml
Listening Endpoints Summary...
(DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=192.168.10.10)(PORT=1521)))
Services Summary...
Service "orcl" has 2 instance(s).
Instance "orcl", status UNKNOWN, has 1 handler(s) for this service...
Instance "orcl", status READY, has 1 handler(s) for this service...
Service "orclXDB" has 1 instance(s).
Instance "orcl", status READY, has 1 handler(s) for this service...
The command completed successfully
我们关注下面的内容:
Service "orcl" has 2 instance(s).
:表示对外的服务名称,与tnsnames.ora中的service_name应一模一样(tns文件中好像不区分大小写);Instance "orcl", status UNKNOWN, has 1 handler(s) for this service...
:静态注册监听信息,状态为 UNKNOWN
,通过解析listener.ora生成;Instance "orcl", status READY, has 1 handler(s) for this service...
:动态注册监听信息,配置文件listener.ora不是必要的,而是由PMON进程根据实例的状态将实例信息动态注册到监听上,状态为READY
,对应的实例状态为mount
或open
;[oracle@oracle12c Desktop]$ lsnrctl stop
LSNRCTL for Linux: Version 12.2.0.1.0 - Production on 27-JAN-2019 21:12:16
Copyright (c) 1991, 2016, Oracle. All rights reserved.
Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=192.168.10.10)(PORT=1521)))
The command completed successfully
[oracle@oracle12c Desktop]$
[oracle@oracle12c Desktop]$ lsnrctl start
LSNRCTL for Linux: Version 12.2.0.1.0 - Production on 27-JAN-2019 21:26:28
Copyright (c) 1991, 2016, Oracle. All rights reserved.
Starting /u01/app/oracle/product/12.2.0/dbhome_1/bin/tnslsnr: please wait...
TNSLSNR for Linux: Version 12.2.0.1.0 - Production
System parameter file is /u01/app/oracle/product/12.2.0/dbhome_1/network/admin/listener.ora
Log messages written to /u01/app/oracle/diag/tnslsnr/oracle12c/listener/alert/log.xml
Listening on: (DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=192.168.10.10)(PORT=1521)))
Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=192.168.10.10)(PORT=1521)))
STATUS of the LISTENER
------------------------
Alias LISTENER
Version TNSLSNR for Linux: Version 12.2.0.1.0 - Production
Start Date 27-JAN-2019 21:26:28
Uptime 0 days 0 hr. 0 min. 0 sec
Trace Level off
Security ON: Local OS Authentication
SNMP OFF
Listener Parameter File /u01/app/oracle/product/12.2.0/dbhome_1/network/admin/listener.ora
Listener Log File /u01/app/oracle/diag/tnslsnr/oracle12c/listener/alert/log.xml
Listening Endpoints Summary...
(DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=192.168.10.10)(PORT=1521)))
Services Summary...
Service "orcl" has 1 instance(s).
Instance "orcl", status UNKNOWN, has 1 handler(s) for this service...
The command completed successfully
该文件记录oracle net 别名与数据库服务器的主机或ip地址、数据库服务名的对应关系。
服务名可以自己取,相当于连接串的别名
服务名与服务端监听中实例信息中的service name 相对应
[oracle@oracle12c admin]$ ls
listener.ora samples shrept.lst tnsnames.ora
[oracle@oracle12c admin]$ cat tnsnames.ora
# tnsnames.ora Network Configuration File: /u01/app/oracle/product/12.2.0/dbhome_1/network/admin/tnsnames.ora
# Generated by Oracle configuration tools.
ORCL =
(DESCRIPTION =
(ADDRESS_LIST =
(ADDRESS = (PROTOCOL = TCP)(HOST = 192.168.10.10)(PORT = 1521))
)
(CONNECT_DATA =
(SERVICE_NAME = orcl)
)
)
[oracle@oracle12c admin]$
定义了一个名为ORCL
的命名服务,对应的连接串是后面那一长串(DESCRIPTION = (ADDRESS_LIST = (ADDRESS = (PROTOCOL = TCP)(HOST = 192.168.10.10)(PORT = 1521)) ) (CONNECT_DATA = (SERVICE_NAME = orcl) ) )
,连接串中的信息应与服务端监听中的注册实例信息向匹配:如PROTOCOL、HOST和PORT要与监听器的协议,地址和监听的端口相匹配,SERVICE_NAME要与监听器中的对外服务名(global_name、没有global_name就是sid_name)相同(tns文件中不区分大小写)。
sqlnet.ora在服务端和客户端都可以有,主要用来配置服务器的访问控制参数。比如(Oracle docs):
1.配置指定客户端的访问限制;
2.配置命名方法的优先级;
3.启用日志和跟踪特性;
4.通过特定进程路由连接
5.为外部命名配置参数;
6.配置Oracle高级安全;
7.使用协议特定的参数限制对数据库的访问;
sqlnet.ora在客户端上的主要作用是为名称解析配置客户端的属性,比如指定用于解析连接标识符的命名方法的优先级顺序。参数为NAMES.DIRECTORY_PATH
,该参数的值有如下几种情况:
命名方法值 | 描述 |
---|---|
TNANAMES | 本地命名方法:通过客户端上的tnsnames.ora解析网络服务名 |
LDAP | 目录命名方法:通过目录服务器解析数据库服务名称、网络服务名称或网络服务别名 |
EZCONNECT / HOSTNAME | 简单连接命名方法:允许客户端使用TCP/IP连接标识符(由主机名和可选端口和服务名组成)如:CONNECT username/password@host[:port][/service_name][/instance_name] 或者通过现有的名称解析服务和/etc/hosts文件 解析主机名别名。 |
NIS | 外部命名方法:通过现有的NIS解析网络服务 |
sqlnet.ora在服务器上主要用于对客户端的访问控制,参数一般如下:
TCP.VALIDNODE_CHECKING = YES ##是否启用客户端地址限制
TCP.INVITED_NODES= (192.168.10.10) ##可以访问的客户端ip
TCP.EXCLUDED_NODES= (192.168.10.20, 192.168.10.30) ##不可以访问的客户端ip
[oracle@oracle12c admin]$ ls
listener.ora samples shrept.lst sqlnet.ora tnsnames.ora
[oracle@oracle12c admin]$ cat sqlnet.ora
# sqlnet.ora Network Configuration File: /u01/app/oracle/product/12.2.0/dbhome_1/network/admin/sqlnet.ora
# Generated by Oracle configuration tools.
NAMES.DIRECTORY_PATH= (EZCONNECT)
ADR_BASE = /u01/app/oracle
[oracle@oracle12c admin]$
此时,参数NAMES.DIRECTORY_PATH只有一个值EZCONNECT,表示只允许客户端使用TCP/IP连接标识符(由主机名和可选端口和服务名组成)连接数据库服务器。
[oracle@oracle12c admin]$ sqlplus scott/tiger@orcl
SQL*Plus: Release 12.2.0.1.0 Production on Sun Feb 24 23:37:15 2019
Copyright (c) 1982, 2016, Oracle. All rights reserved.
ERROR:
ORA-12154: TNS:could not resolve the connect identifier specified
Enter user-name:
ERROR:
ORA-01017: invalid username/password; logon denied
Enter user-name:
ERROR:
ORA-01017: invalid username/password; logon denied
SP2-0157: unable to CONNECT to ORACLE after 3 attempts, exiting SQL*Plus
[oracle@oracle12c admin]$ sqlplus scott/[email protected]:1521/orcl
SQL*Plus: Release 12.2.0.1.0 Production on Sun Feb 24 23:39:39 2019
Copyright (c) 1982, 2016, Oracle. All rights reserved.
Last Successful login time: Sun Feb 24 2019 21:54:45 +08:00
Connected to:
Oracle Database 12c Enterprise Edition Release 12.2.0.1.0 - 64bit Production
SQL> show user
USER is "SCOTT"
配置了NAMES.DIRECTORY_PATH= (EZCONNECT)
后,只可以使用简单连接命名方法连接到数据库服务器;