[20171120]關於INBOUND_CONNECT_TIMEOUT設置.txt--//上午翻看以前我的發的帖子,發現鏈接:http://www.itpub.net/thread-2066758-1-1.html--//今天再仔細看了一下,註意看了一下別人的回覆,才發現一些細節問題,原始鏈接:-- ...
[20171120]關於INBOUND_CONNECT_TIMEOUT設置.txt
--//上午翻看以前我的發的帖子,發現鏈接:http://www.itpub.net/thread-2066758-1-1.html
--//今天再仔細看了一下,註意看了一下別人的回覆,才發現一些細節問題,原始鏈接:
--//http://www.cnblogs.com/kerrycode/p/5224483.html
關於sqlnet.ora的參數SQLNET.INBOUND_CONNECT_TIMEOUT,它表示等待用戶認證超時的時間,單位是秒,預設值是60秒,如果用戶認證超
時了,伺服器日誌alert.log顯示出錯信息"WARNING: inbound connection timed out (ORA-3136)",sqlnet.log裡面出現TNS-12535:
TNS:operation timed out錯誤信息。
關於listener.ora的參數inbound_connect_timeout_監聽器名,它表示等待用戶連接請求超時的時間,單位是秒,預設值是60秒,如果連
接請求超時了,監聽器日誌listener.log顯示出錯信息"TNS-12525: TNS:listener has not received client's request in time
allowed"。
其中sqlnet.ora裡面的參數為SQLNET.INBOUND_CONNECT_TIMEOUT, listener.ora裡面的參數設置為
INBOUND_CONNECT_TIMEOUT_listener_name ,其中根據監聽名字來替換listener_name。官方文檔關於兩者的介紹如下所示:
SQLNET.INBOUND_CONNECT_TIMEOUT parameter in sqlnet.ora on the database server
Specify the time, in seconds, for a client to connect with the database server and provide the necessary authentication
information. If the client fails to establish a connection and complete authentication in the time specified, then the
database server terminates the connection. In addition, the database server logs the IP address of the client and an
ORA-12170: TNS:Connect timeout occurred error message to the sqlnet.log file. The client receives either an ORA-12547:
TNS:lost contact or an ORA-12637: Packet receive failed error message.
INBOUND_CONNECT_TIMEOUT_listener_name in listener.ora
Specify the time, in seconds, for the client to complete its connect request to the listener after the network
connection had been established.
If the listener does not receive the client request in the time specified, then it terminates the connection. In
addition, the listener logs the IP address of the client and an ORA-12525: TNS:listener has not received client’s
request in time allowed error message to the listener.log file
查看inbound_connect_timeout值
1:查看SQLNET.INBOUND_CONNECT_TIMEOUT的設置值,一般進入$ORACLE_HOME/network/admin下,查看sqlnet.ora參數文件即可。
2:查看監聽INBOUND_CONNECT_TIMEOUT參數,可以查看listener.ora參數文件。但是有時候,例如預設情況,參數文件裡面沒有設置這個
參數,或是有些動態監聽沒有配置listener.ora,那麼可以使用lsnrctl命令查看,如下所示:
--//下午我仔細看,才發現我以前的測試錯誤在那裡.我以為2個都可以通過telnet ip port的方式測試出來.理解錯誤.^_^ .
--//實際上文檔已經明確說明,看文檔還是不夠認真,理解還是不夠透徹.
--//測試SQLNET.INBOUND_CONNECT_TIMEOUT,需要網路連接,出現超時才會報錯.
1.測試環境:
SCOTT@book> @ &r/ver1
PORT_STRING VERSION BANNER
------------------------------ -------------- --------------------------------------------------------------------------------
x86_64/Linux 2.4.xx 11.2.0.4.0 Oracle Database 11g Enterprise Edition Release 11.2.0.4.0 - 64bit Production
2.測試一:
--//首先不做任何設置(預設設置)
--//session 3:
$ ps -ef | grep oracleboo[k]
--//當前沒有任何通過網路連接到資料庫.
--//打開幾個會話:
--//session 1:
$ tail -f alert*.log
--//session 2:
$ cd /u01/app/oracle/product/11.2.0.4/dbhome_1/network/log
--//註意:監聽listener.log的目錄位置,我在監聽配置中加入DIAG_ADR_ENABLED_LISTENER=OFF.
$ tail -f sqlnet.log listener.log
$ date;sqlplus scott/xxxxx@book
Mon Nov 20 16:30:37 CST 2017
SQL*Plus: Release 11.2.0.4.0 Production on Mon Nov 20 16:30:38 2017
Copyright (c) 1982, 2013, Oracle. All rights reserved.
ERROR:
ORA-01017: invalid username/password; logon denied
Enter user-name:
--//不做任何操作,等60秒....
--//session 3:
$ ps -ef | grep oracleboo[k]
oracle 56566 1 0 16:34 ? 00:00:00 oraclebook (LOCAL=NO)
--//可以發現服務端開啟1個進程.
$ tail -f alert*.log
Mon Nov 20 16:31:38 2017
WARNING: inbound connection timed out (ORA-3136)
$ tail -f sqlnet.log listener.log
==> sqlnet.log <==
***********************************************************************
Fatal NI connect error 12170.
VERSION INFORMATION:
TNS for Linux: Version 11.2.0.4.0 - Production
Oracle Bequeath NT Protocol Adapter for Linux: Version 11.2.0.4.0 - Production
TCP/IP NT Protocol Adapter for Linux: Version 11.2.0.4.0 - Production
Time: 20-NOV-2017 16:31:38
Tracing not turned on.
Tns error struct:
ns main err code: 12535
TNS-12535: TNS:operation timed out
ns secondary err code: 12606
nt main err code: 0
nt secondary err code: 0
nt OS err code: 0
Client address: (ADDRESS=(PROTOCOL=tcp)(HOST=192.168.100.78)(PORT=42714))
--//listener.log沒有相關輸出.
--//註意看時間,相減就是60秒.
$ ps -ef | grep oracleboo[k]
--//沒有輸出.說明進程已經over.
--//也就是在網路連接錯誤超時的情況下,oracle要通過SQLNET.INBOUND_CONNECT_TIMEOUT參數確定超時認證時間.
--//如果通過telnet(註client ip:192.168.100.40 ) 連接測試:
# date;time telnet 192.168.100.78 1521
Mon Nov 20 16:44:12 CST 2017
Trying 192.168.100.78...
Connected to gxqyydg4 (192.168.100.78).
Escape character is '^]'.
--//session 3:
$ ps -ef | grep oracleboo[k]
--//可以發現根本沒有相關進程.
# lsof -P -n -i | grep 192.168.100.40
tnslsnr 56702 oracle 15u IPv4 37111676 0t0 TCP 192.168.100.78:1521->192.168.100.40:40923 (ESTABLISHED)
# ps -ef | grep 5670[2]
oracle 56702 1 0 Nov20 ? 00:00:01 /u01/app/oracle/product/11.2.0.4/dbhome_1/bin/tnslsnr LISTENER -inherit
--//進程號對於監聽進程.
# date;time telnet 192.168.100.78 1521
Tue Nov 21 08:41:12 CST 2017
Trying 192.168.100.78...
Connected to gxqyydg4 (192.168.100.78).
Escape character is '^]'.
Connection closed by foreign host.
real 1m0.106s
user 0m0.001s
sys 0m0.001s
--//你可以發現在伺服器還沒有開啟伺服器進程,僅僅存在一個網路連接.而這個時候實際上監聽配置inbound_connect_timeout_監聽器名起作
--//用.只不過預設設置是60秒.
--//而前面sqlplus scott/xxxxx@book,既打開網路連接,有開啟服務端進程.2者測試就很容易理解了.
--//理解這些,後面的測試就很容易理解.
--//session 2:
$ tail -f sqlnet.log listener.log
==> listener.log <==
21-NOV-2017 08:39:22 * service_update * book * 0
21-NOV-2017 08:42:12 * <unknown connect data> * (ADDRESS=(PROTOCOL=tcp)(HOST=192.168.100.40)(PORT=40923)) * establish * <unknown sid> * 12525
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
TNS-12525: TNS:listener has not received client's request in time allowed
TNS-12535: TNS:operation timed out
TNS-12606: TNS: Application timeout occurred
--//註意看下劃線內容,sid=<unknown sid>,<unknown connect data>,埠號PORT=40923也能對上.
--//sqlnet.log沒有相關輸出.
--//也就是在監聽配置listener.ora中的inbound_connect_timeout_監聽器名是用戶連接監聽時的超時限制.
--// sqlnet.ora中SQLNET.INBOUND_CONNECT_TIMEOUT是等待用戶認證超時的時間(註已經通過網路連接).
--//繼續做一個測試說明問題(註:使用本地連接.不做任何操作)
$ date;sqlplus scott/xxxxx
Mon Nov 20 17:07:08 CST 2017
SQL*Plus: Release 11.2.0.4.0 Production on Mon Nov 20 17:07:08 2017
Copyright (c) 1982, 2013, Oracle. All rights reserved.
ERROR:
ORA-01017: invalid username/password; logon denied
Enter user-name:
$ ps -ef | grep oracleboo[k]
oracle 61056 61055 0 08:45 ? 00:00:00 oraclebook (DESCRIPTION=(LOCAL=YES)(ADDRESS=(PROTOCOL=beq)))
# lsof -P -n -i | grep 6105[56]
--//註意前面的連接不同,沒有通過網路連接.
$ sleep 60
$ ps -ef | grep oracleboo[k] |
oracle 61056 61055 0 08:45 ? 00:00:00 oraclebook (DESCRIPTION=(LOCAL=YES)(ADDRESS=(PROTOCOL=beq)))
--//你可以發現這樣的進程不會kill掉.也就是不通過網路這個參數不會生效.
--//理解以上測試就明白,實際上2個參數對應是不同的設置,一個針對監聽,一個針對用戶認證.
3.測試二:
--//修改sqlnet.ora加入:
SQLNET.INBOUND_CONNECT_TIMEOUT=30
--//修改listener.ora加入,並且重啟監聽:
INBOUND_CONNECT_TIMEOUT_LISTENER=10
$ lsnrctl stop ;sleep 1;lsnrctl start
# date;time telnet 192.168.100.78 1521
Tue Nov 21 08:52:52 CST 2017
Trying 192.168.100.78...
Connected to gxqyydg4 (192.168.100.78).
Escape character is '^]'.
Connection closed by foreign host.
real 0m10.015s
user 0m0.002s
sys 0m0.000s
--//使用telnet測試,測試是listener.ora設置參數INBOUND_CONNECT_TIMEOUT_LISTENER=10.
$ date;sqlplus scott/xxxxx@book
Tue Nov 21 08:54:29 CST 2017
SQL*Plus: Release 11.2.0.4.0 Production on Tue Nov 21 08:54:29 2017
Copyright (c) 1982, 2013, Oracle. All rights reserved.
ERROR:
ORA-01017: invalid username/password; logon denied
Enter user-name:
--//alter.log輸出:
==> sqlnet.log <==
Tue Nov 21 08:54:59 2017
WARNING: inbound connection timed out (ORA-3136)
--//sqlnet.log輸出:
==> sqlnet.log <==
***********************************************************************
Fatal NI connect error 12170.
VERSION INFORMATION:
TNS for Linux: Version 11.2.0.4.0 - Production
Oracle Bequeath NT Protocol Adapter for Linux: Version 11.2.0.4.0 - Production
TCP/IP NT Protocol Adapter for Linux: Version 11.2.0.4.0 - Production
Time: 21-NOV-2017 08:54:59
Tracing not turned on.
Tns error struct:
ns main err code: 12535
TNS-12535: TNS:operation timed out
ns secondary err code: 12606
nt main err code: 0
nt secondary err code: 0
nt OS err code: 0
Client address: (ADDRESS=(PROTOCOL=tcp)(HOST=192.168.100.78)(PORT=54593))
--//時間相減就是30秒.說明這樣測試網路連接的用戶認證.
--//其它可以參考鏈接測試http://www.cnblogs.com/kerrycode/p/5224483.html,不再重覆了.
總結:
我主要犯了一個概念上錯誤,認為這個參數INBOUND_CONNECT_TIMEOUT設置針對的超時認證是一樣的東西,實際上2者存在不同.
一個表示等待用戶認證超時的時間,一個表示等待用戶連接請求超時的時間.
講的通俗一點,一個針對監聽,一個針對用戶認證(網路連接已經確立).
另外一個文檔看別人的文檔還是跟認真一點,這樣的錯誤就能很快發現.總之自己還是存在一些概念的混淆混亂...
我不知道還有什麼方法認證這些參數測試!!
