RE: moving from dedicated connections to MTS
Or get a firewall that understands the Net8 protocol and open that protocol rather than specific ports. Also, some further Metalink references that should help: On Metalink check out the following note: http://metalink.oracle.com/metalink/plsql/ml2_documents.showDocument?p_database_id=NOT&p_id=132729.1 This is the Technical Library "Connection Manager and Firewalls " index. eg check out: How to enable USE_SHARED_SOCKET on WINNT and Windows 2000 124140.1 Oracle And Firewalls : Answers To Frequently Asked Questions 2084440.6 Oracle Connectivity with Firewalls 125021.1 Firewalls, Windows NT and Redirections 66382.1 Solving Firewall problems on NT 68652.1 In particular, with a normal connection you come in on the listener port (often 1521 or 1526) but the listener then selects a random port for communication from the server back to the client. So the summary is - you shouldn't need to use MTS just to get Oracle to work with a firewall Regards, Bruce Reardon -Original Message- Sent: Wednesday, 20 November 2002 4:30 AM Doc: 125021.1 talks about firewalls. Look for "USE_SHARED_SOCKET " to keep the dedicated connections. > -Original Message- > From: Yechiel Adar [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, November 19, 2002 11:24 AM > > Hello all > > First a little background. > > We work with oracle 8.1.6.3.4 on NT or win2000 servers. > The technical people have just move an application server > behind a firewall. > The application servers access a database that is a central > repository of > user connections (i.e. all applications on the intranet > access this database > for each page for each user). They saw that the application > works fine for a > while and then they get access denied. They track it down to the port > numbers in the firewall. We are working with dedicated > connections and it > seems that the port numbers for each connections are climbing > up until they > exceeded the range of open ports in the firewall. They said > that they had > the same problems in another server, they brought an outside > guy (of course > without telling the DBA group) and he solved the problem. > They brought me > the init.ora file of that database (I can not access it via > the firewall) > and showed me the parameters that made the difference. The guy put in: > mts_dispatchers= ... port=8000) (5 dispatchers). Since they > want me to do it > on a central and essential database I want to ask you guys: > > 1) Any gotcha moving from dedicated connections to MTS? > 2) Is each dispatcher assigned for the current sql command > and then released > or is it assigned for the duration of the session? > 3) What is the ratio of users per dispatcher? > 4) Is there a way to tell oracle to reuse port numbers for dedicated > connections that were closed? > 5) Anything else you care to share. > > Sorry if my questions are somewhat trivial but we need a > decision tomorrow > morning (in 18 hours) as they start doing some training session on the > system on Sunday and time is short. > > TIA > > Yechiel Adar > Mehish -- Please see the official ORACLE-L FAQ: http://www.orafaq.com -- Author: Reardon, Bruce (CALBBAY) INET: [EMAIL PROTECTED] Fat City Network Services-- 858-538-5051 http://www.fatcity.com San Diego, California-- Mailing list and web hosting services - To REMOVE yourself from this mailing list, send an E-Mail message to: [EMAIL PROTECTED] (note EXACT spelling of 'ListGuru') and in the message BODY, include a line containing: UNSUB ORACLE-L (or the name of mailing list you want to be removed from). You may also send the HELP command for other information (like subscribing).
RE: moving from dedicated connections to MTS
Doc: 125021.1 talks about firewalls. Look for "USE_SHARED_SOCKET " to keep the dedicated connections. > -Original Message- > From: Yechiel Adar [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, November 19, 2002 11:24 AM > To: Multiple recipients of list ORACLE-L > Subject: moving from dedicated connections to MTS > > > Hello all > > First a little background. > > We work with oracle 8.1.6.3.4 on NT or win2000 servers. > The technical people have just move an application server > behind a firewall. > The application servers access a database that is a central > repository of > user connections (i.e. all applications on the intranet > access this database > for each page for each user). They saw that the application > works fine for a > while and then they get access denied. They track it down to the port > numbers in the firewall. We are working with dedicated > connections and it > seems that the port numbers for each connections are climbing > up until they > exceeded the range of open ports in the firewall. They said > that they had > the same problems in another server, they brought an outside > guy (of course > without telling the DBA group) and he solved the problem. > They brought me > the init.ora file of that database (I can not access it via > the firewall) > and showed me the parameters that made the difference. The guy put in: > mts_dispatchers= ... port=8000) (5 dispatchers). Since they > want me to do it > on a central and essential database I want to ask you guys: > > 1) Any gotcha moving from dedicated connections to MTS? > 2) Is each dispatcher assigned for the current sql command > and then released > or is it assigned for the duration of the session? > 3) What is the ratio of users per dispatcher? > 4) Is there a way to tell oracle to reuse port numbers for dedicated > connections that were closed? > 5) Anything else you care to share. > > Sorry if my questions are somewhat trivial but we need a > decision tomorrow > morning (in 18 hours) as they start doing some training session on the > system on Sunday and time is short. > > TIA > > Yechiel Adar > Mehish > > -- > Please see the official ORACLE-L FAQ: http://www.orafaq.com > -- > Author: Yechiel Adar > INET: [EMAIL PROTECTED] > > Fat City Network Services-- 858-538-5051 http://www.fatcity.com > San Diego, California-- Mailing list and web hosting services > - > To REMOVE yourself from this mailing list, send an E-Mail message > to: [EMAIL PROTECTED] (note EXACT spelling of 'ListGuru') and in > the message BODY, include a line containing: UNSUB ORACLE-L > (or the name of mailing list you want to be removed from). You may > also send the HELP command for other information (like subscribing). > -- Please see the official ORACLE-L FAQ: http://www.orafaq.com -- Author: Anderson, Brian INET: [EMAIL PROTECTED] Fat City Network Services-- 858-538-5051 http://www.fatcity.com San Diego, California-- Mailing list and web hosting services - To REMOVE yourself from this mailing list, send an E-Mail message to: [EMAIL PROTECTED] (note EXACT spelling of 'ListGuru') and in the message BODY, include a line containing: UNSUB ORACLE-L (or the name of mailing list you want to be removed from). You may also send the HELP command for other information (like subscribing).
RE: moving from dedicated connections to MTS
Yechiel - This is an inexperienced reply, but since I will be facing your situation soon, I thought I would share my ideas also. 1. Most application servers can do connection pooling, so why use MTS as a second layer on top of connection pooling? 2. I believe Oracle uses a range of ports, so the firewall needs to have those open. I did some quick searches on Metalink and Google and saw a wealth of information, but couldn't easily summarize what I found. Dennis Williams DBA, 40%OCP Lifetouch, Inc. [EMAIL PROTECTED] -Original Message- Sent: Tuesday, November 19, 2002 10:24 AM To: Multiple recipients of list ORACLE-L Hello all First a little background. We work with oracle 8.1.6.3.4 on NT or win2000 servers. The technical people have just move an application server behind a firewall. The application servers access a database that is a central repository of user connections (i.e. all applications on the intranet access this database for each page for each user). They saw that the application works fine for a while and then they get access denied. They track it down to the port numbers in the firewall. We are working with dedicated connections and it seems that the port numbers for each connections are climbing up until they exceeded the range of open ports in the firewall. They said that they had the same problems in another server, they brought an outside guy (of course without telling the DBA group) and he solved the problem. They brought me the init.ora file of that database (I can not access it via the firewall) and showed me the parameters that made the difference. The guy put in: mts_dispatchers= ... port=8000) (5 dispatchers). Since they want me to do it on a central and essential database I want to ask you guys: 1) Any gotcha moving from dedicated connections to MTS? 2) Is each dispatcher assigned for the current sql command and then released or is it assigned for the duration of the session? 3) What is the ratio of users per dispatcher? 4) Is there a way to tell oracle to reuse port numbers for dedicated connections that were closed? 5) Anything else you care to share. Sorry if my questions are somewhat trivial but we need a decision tomorrow morning (in 18 hours) as they start doing some training session on the system on Sunday and time is short. TIA Yechiel Adar Mehish -- Please see the official ORACLE-L FAQ: http://www.orafaq.com -- Author: Yechiel Adar INET: [EMAIL PROTECTED] Fat City Network Services-- 858-538-5051 http://www.fatcity.com San Diego, California-- Mailing list and web hosting services - To REMOVE yourself from this mailing list, send an E-Mail message to: [EMAIL PROTECTED] (note EXACT spelling of 'ListGuru') and in the message BODY, include a line containing: UNSUB ORACLE-L (or the name of mailing list you want to be removed from). You may also send the HELP command for other information (like subscribing). -- Please see the official ORACLE-L FAQ: http://www.orafaq.com -- Author: DENNIS WILLIAMS INET: [EMAIL PROTECTED] Fat City Network Services-- 858-538-5051 http://www.fatcity.com San Diego, California-- Mailing list and web hosting services - To REMOVE yourself from this mailing list, send an E-Mail message to: [EMAIL PROTECTED] (note EXACT spelling of 'ListGuru') and in the message BODY, include a line containing: UNSUB ORACLE-L (or the name of mailing list you want to be removed from). You may also send the HELP command for other information (like subscribing).
moving from dedicated connections to MTS
Hello all First a little background. We work with oracle 8.1.6.3.4 on NT or win2000 servers. The technical people have just move an application server behind a firewall. The application servers access a database that is a central repository of user connections (i.e. all applications on the intranet access this database for each page for each user). They saw that the application works fine for a while and then they get access denied. They track it down to the port numbers in the firewall. We are working with dedicated connections and it seems that the port numbers for each connections are climbing up until they exceeded the range of open ports in the firewall. They said that they had the same problems in another server, they brought an outside guy (of course without telling the DBA group) and he solved the problem. They brought me the init.ora file of that database (I can not access it via the firewall) and showed me the parameters that made the difference. The guy put in: mts_dispatchers= ... port=8000) (5 dispatchers). Since they want me to do it on a central and essential database I want to ask you guys: 1) Any gotcha moving from dedicated connections to MTS? 2) Is each dispatcher assigned for the current sql command and then released or is it assigned for the duration of the session? 3) What is the ratio of users per dispatcher? 4) Is there a way to tell oracle to reuse port numbers for dedicated connections that were closed? 5) Anything else you care to share. Sorry if my questions are somewhat trivial but we need a decision tomorrow morning (in 18 hours) as they start doing some training session on the system on Sunday and time is short. TIA Yechiel Adar Mehish -- Please see the official ORACLE-L FAQ: http://www.orafaq.com -- Author: Yechiel Adar INET: [EMAIL PROTECTED] Fat City Network Services-- 858-538-5051 http://www.fatcity.com San Diego, California-- Mailing list and web hosting services - To REMOVE yourself from this mailing list, send an E-Mail message to: [EMAIL PROTECTED] (note EXACT spelling of 'ListGuru') and in the message BODY, include a line containing: UNSUB ORACLE-L (or the name of mailing list you want to be removed from). You may also send the HELP command for other information (like subscribing).
