Oracle9i Net Services Reference Guide Release 1 (9.0.1) Part Number A90155-01 |
|
This chapter provides a complete listing of the sqlnet.ora
file configuration parameters.
This chapter contains these topics:
The sqlnet.ora
file enables you to:
By default, sqlnet.ora
is located in the $ORACLE_HOME/network/admin
directory on UNIX, and the ORACLE_HOME
\network\admin
directory on Windows operating systems. sqlnet.ora
can also be stored in the following locations:
TNS_ADMIN
environment variable
For Sun Solaris, this directory is /var/opt/oracle
. Windows NT does not have a central directory.
This section lists and describes the sqlnet.ora
file parameters.
Use the BEQUEATH_DETACH
parameter to turn signal handling on or off for UNIX systems.
no
--Leaves signal handling on
yes
--Turns off signal handling
no
--Leaves signal handling on
BEQUEATH_DETACH=yes
Use the DAEMON.TRACE_DIRECTORY
parameter to specify the destination directory of the Oracle Enterprise Manager daemon trace file.
The $ORACLE_HOME/network/trace
directory on UNIX, and the ORACLE_HOME
\network\trace
directory on Windows operating systems
The following parameter setting sets the trace directory to /oracle/traces
.
DAEMON.TRACE_DIRECTORY=/oracle/traces
Use the parameter DAEMON.TRACE_LEVEL
to turn tracing on or off. If set to on, sets a specific level of tracing for the Oracle Enterprise Manager daemon.
off
off
--No trace output
user
--User trace information
admin
--Administration trace information
support
--Oracle Support Services trace information
DAEMON.TRACE_LEVEL=user
Use the parameter DAEMON.TRACE_MASK
to specify that only the Oracle Enterprise Manager daemon trace entries are logged into the trace file.
The $ORACLE_HOME/network/trace
directory on UNIX, and the ORACLE_HOME
\network\trace
directory on Windows operating systems
DAEMON.TRACE_MASK=(106)
If turned off
, the parameter DISABLE_OOB
enables Oracle Net to send and receive "break" messages using urgent data provided by the underlying protocol.
If turned on
, disables the ability to send and receive "break" messages using urgent data provided by the underlying protocol. Once enabled, this feature applies to all protocols used by this client.
off
DISABLE_OOB=on
Use the parameter LOG_DIRECTORY_CLIENT
to specify the destination directory for the client log file.
Current directory from which the executable is started
LOG_DIRECTORY_CLIENT=/oracle/network/log
Use the parameter LOG_DIRECTORY_SERVER
to specify the destination directory for the database server log file.
Current directory from which the executable is started
LOG_DIRECTORY_SERVER=/oracle/network/log
Use the parameter LOG_FILE_CLIENT
to specify the name of the log file for the client.
sqlnet.log
LOG_FILE_CLIENT=client
Use the parameter LOG_FILE_SERVER
to specify the name of the log file for the database server.
sqlnet.log
LOG_FILE_SERVER=svr.log
Use the parameter NAMES.CONNECT_TIMEOUT
to limit the amount of time in seconds the client waits for the connection to an Oracle Names server to complete.
3 seconds
1 second
600 seconds
NAMES.CONNECT_TIMEOUT=8
Use the parameter NAMES.DCE.PREFIX
to specify the Distributed Computing Environment (DCE) cell name (prefix) to use for name lookups.
/.:/subsys/oracle/names
NAMES.DCE.PREFIX=/.:/subsys/oracle/names
Use the parameter NAMES.DEFAULT_DOMAIN
to set the domain from which the client most often looks up names resolution requests. When this parameter is set, the default domain name is automatically appended to any unqualified net service name or service name.
For example, if the default domain is set to us.acme.com
, the connect string CONNECT scott/tiger@sales
gets searched as sales.us.acme.com
. If the connect string includes the domain extension, such as CONNECT scott/tiger@sales.acme.com
, the domain is not appended.
None
NAMES.DEFAULT_DOMAIN=acme.com
Use the parameter NAMES.DIRECTORY_PATH
to specify the order of the naming methods used for client name resolution lookups.
NAMES.DIRECTORY_PATH=(tnsnames, onames, hostname)
NAMES.DIRECTORY_PATH=(tnsnames, onames)
Use the parameter NAMES.INITIAL_RETRY_TIMEOUT
to determine how long a client waits for a response from an Oracle Names server before reiterating the request to the next Oracle Names server in the preferred servers list.
15
1
600
NAMES.INITIAL_RETRY_TIMEOUT=20
Use the parameter NAMES.MAX_OPEN_CONNECTIONS
to determine how many connections an Oracle Names client can have open at one time.
10
3
64
NAMES.MAX_OPEN_CONNECTIONS=3
Use the parameter NAMES.MESSAGE_POOL_START_SIZE
to determine the initial number of messages allocated in the client's message pool for message requests.
10
3
256
NAMES.MESSAGE_POOL_START_SIZE=10
Use the parameter NAMES.NIS.META_MAP
to specify the map file to be used to map Network Information Service (NIS) attributes to an NIS mapname
sqlnet.maps
NAMES.NIS.META_MAP=sqlnet.maps
Use the parameter NAMES.PREFERRED_SERVERS
to indicate the name, protocol addresses, and order of Oracle Names servers that are used for a client's name requests.
None
NAMES.PREFERRED_SERVERS= (ADDRESS_LIST= (ADDRESS=(PROTOCOL=icp)(KEY=n23)) (ADDRESS=(PROTOCOL=tcp)(HOST=nineva)(PORT=1575)) (ADDRESS=(PROTOCOL=tcp)(HOST=cicada)(PORT=1575)))
Use the parameter NAMES.REQUEST_RETRIES
to specify the number of times the client should try each Oracle Names server in the list of preferred Oracle Names servers before allowing the operation to fail.
1
1
5
NAMES.REQUEST_RETRIES=5
If set to true
, the parameter NAMESCTL.INTERNAL_ENCRYPT_PASSWORD
encrypts the password when it is sent to the Oracle Names server.
If set to false
, this parameter does not encrypt the password. A false
setting enables unencrypted passwords to be set in the names.ora
file with the NAMES.PASSWORD
parameter.
true
true
| false
NAMESCTL.INTERNAL_ENCRYPT_PASSWORD=true
If set to true
, the parameter NAMESCTL.INTERNAL_USE
enables a set of internal undocumented commands. All internal commands are preceded by an underscore to distinguish them as internal.
false
true
| false
NAMESCTL.INTERNAL_USE=true
If set to true
, the parameter NAMESCTL.NO_INITIAL_SERVER
suppresses any error messages when the client is unable to connect to a default Oracle Names server.
false
true
| false
NAMESCTL.NO_INITIAL_SERVER=true
Use the parameter NAMESCTL.NOCONFIRM
to indicate whether sensitive commands, such as STOP
, RELOAD
, and RESTART
, should be prompted with a confirmation when running the Oracle Names Control utility.
off
on
| off
NAMESCTL.NOCONFIRM=on
Use the parameter NAMESCTL.SERVER_PASSWORD
to indicate the value that matches the configured password set in the names.ora
file with the NAMES.PASSWORD
parameter. This eliminates the need to enter the password with the
SET PASSWORD
command each time you use the Oracle Names Control utility to use secure commands, such as
STOP
,
RESTART
, and
RELOAD
.
NAMESCTL.SERVER_PASSWORD=secret
Use the parameter NAMESCTL.TRACE_LEVEL
to set a specific level of tracing for the he Oracle Names Control utility.
off
off
--No trace output
user
--User trace information
admin
--Administration trace information
support
--Oracle Support Services trace information
NAMESCTL.TRACE_LEVEL=admin
Use the parameter NAMESCTL.TRACE_FILE
to specify the file in which the Oracle Names Control utility trace output is placed.
namesctl_
pid
.trc
NAMESCTL.TRACE_FILE=nmsctl
Use the parameter NAMESCTL.TRACE_DIRECTORY
to specify the directory where trace output from the Oracle Names Control utility is placed.
The $ORACLE_HOME/network/trace
directory on UNIX, and the ORACLE_HOME
\network\trace
directory on Windows NT
NAMESCTL.TRACE_DIRECTORY=/oracle/trace
Use the parameter NAMESCTL.TRACE_UNIQUE
to indicate whether or not a process identifier is appended to the name of each trace file generated. If this parameter is enabled, several trace files can co-exist.
on
on
| off
NAMESCTL.TRACE_UNIQUE=on
Use the parameter SQLNET.AUTHENTICATION_KERBEROS5_SERVICE
to define the name of the service used to obtain a Kerberos service ticket.
None
SQLNET.AUTHENTICATION_KERBEROS5_SERVICE=oracle
Use the parameter SQLNET.AUTHENTICATION_GSSAPI_SERVICE
to define the CyberSAFE service principal.
Use the parameter SQLNET.AUTHENTICATION_SERVICES
to enable one or more authentication services. If authentication has been installed, it is recommended that this parameter be set to either none
or to one of the authentication methods.
None
none
--No authentication methods. A valid user name and password can be used to access the database.
all
--All authentication methods
nts
--Windows NT native authentication
kerberos5
--Kerberos authentication
cybersafe
--Cybersafe authentication
radius
--RADIUS authentication
dcegssapi
--DCE GSSAPI authentication
SQLNET.AUTHENTICATION_SERVICES=(kerberos5, cybersafe)
Use the parameter SQLNET.CLIENT_REGISTRATION
to set a unique identifier for this client computer. This identifier is passed to the listener with any connection request and is included in the Audit Trail. The identifier can be any alphanumeric string up to 128 characters long.
None
SQLNET.CLIENT_REGISTRATION=1432
Use the parameter SQLNET.CRYPTO_CHECKSUM_CLIENT
to specify the checksum behavior for the client.
rejected
accepted
--Enables the security service if required or requested by the other side
rejected
--Disables the security service, even if the required by the other side
requested
--Enables the security service if the other side allows it
required
--Enables the security service and disallows the connection if the other side is not enabled for the security service
SQLNET.CRYPTO_CHECKSUM_CLIENT=accepted
Use the parameter SQLNET.CRYPTO_CHECKSUM_SERVER
to specify the checksum behavior for the database server.
rejected
accepted
--Enables the security service if required or requested by the other side
rejected
--Disables the security service, even if the required by the other side
requested
--Enables the security service if the other side allows it
required
--Enables the security service and disallows the connection if the other side is not enabled for the security service
SQLNET.CRYPTO_CHECKSUM_SERVER=accepted
Use the parameter SQLNET_CRYPTO_CHECKSUM_TYPE_CLIENT
to specify a list of crypto-checksum algorithms for the client to use.
md5
md5
--RSA Data Security's MD5 algorithm
sha1
--Secure Hash algorithm
sqlnet.crypto_checksum_types_client=(md5)
Use the parameter SQLNET_CRYPTO_CHECKSUM_TYPE_SERVER
to specify a list of crypto-checksum algorithms for the database server to use.
md5
md5
--RSA Data Security's MD5 algorithm
sha1
--Secure Hash algorithm
SQLNET.CRYPTO_CHECKSUM_TYPES_SERVER=(md5)
Use the parameter SQLNET.CRYPTO_SEED
to specify the characters used when generating cryptographic keys. The more random the characters are, the stronger the keys are. The string should be 10-70 random characters. This is required for when encryption or checksumming are turned on. Encryption is turned on if the SQLNET.ENCRYPTION_CLIENT
parameter is specified for the client and the
SQLNET.ENCRYPTION_SERVER
parameter is specified for the database server; checksumming is turned on if the
SQLNET.CRYPTO_CHECKSUM_CLIENT
parameter is specified for the client and the
SQLNET.CRYPTO_CHECKSUM_SERVER
parameter is specified for the database server.
qwertyuiopasdfghjkl;zxcvbnm,.s1
SQLNET.CRYPTO_SEED="qwertyuiopasdfghjkl;zxcvbnm,.s1"
Use the parameter SQLNET.ENCRYPTION_CLIENT
to turn encryption on for the client.
rejected
accepted
--Enables the security service if required or requested by the other side
rejected
--Disables the security service, even if the required by the other side
requested
--Enables the security service if the other side allows it
required
--Enables the security service and disallows the connection if the other side is not enabled for the security service
SQLNET.ENCRYPTION_CLIENT=accepted
Use the parameter SQLNET.ENCRYPTION_SERVER
to turn encryption on for the client.
rejected
accepted
--Enables the security service if required or requested by the other side
rejected
--Disables the security service, even if the required by the other side
requested
--Enables the security service if the other side allows it
required
--Enables the security service and disallows the connection if the other side is not enabled for the security service
SQLNET.ENCRYPTION_SERVER=accepted
Use the parameter SQLNET.ENCRYPTION_TYPES_CLIENT
to specify a list of encryption algorithms for the client to use.
All algorithms are used if none are specified.
One or more of the following:
rc4_256
--256 bit key size
3des168
--Triple DES with a three-key (168 bit) option
rc4_128
--128 bit key size
3des112
--Triple DES with a two-key (112 bit) option
rc4_56
--56 bit key size
des
--Standard 56 bit key size
rc4_40
--40 bit key size
des40
--40 bit key size
SQLNET.ENCRYPTION_TYPES_CLIENT=(rc4_56)
Use the parameter SQLNET.ENCRYPTION_TYPES_SERVER
to specify a list of encryption algorithms for the database server to use.
All algorithms are used if none are specified.
One or more of the following:
rc4_256
--256 bit key size
3des168
--Triple DES with a three-key (168 bit) option
rc4_128
--128 bit key size
3des112
--Triple DES with a two-key (112 bit) option
rc4_56
--56 bit key size
des
--Standard 56 bit key size
rc4_40
--40 bit key size
des40
--40 bit key size
SQLNET.ENCRYPTION_TYPES_SERVER=(rc4_56, des, ...)
Use the parameter SQLNET.EXPIRE_TIME
to determine the time interval in which to send a probe to verify that the session is active. Enabling this parameter allows for dead connection detection. Connections which do not respond to this probe signal are disconnected.
None
0 minutes
10 minutes
SQLNET.EXPIRE_TIME=10
Use the parameter SQLNET.KERBEROS5_CC_NAME
to specify the complete path name to the Kerberos credentials cache file.
/usr/tmp/krbcache
on UNIX and c:\tmp\krbcache
on Windows
SQLNET.KERBEROS5_CC_NAME=/usr/tmp/krbcache
Use the parameter SQLNET.KERBEROS5_CLOCKSKEW
to specify how many seconds can pass before a Kerberos credential is considered out of date.
300
SQLNET.KERBEROS5_CLOCKSKEW=1200
Use the parameter SQLNET.KERBEROS5_CONF
to specify the complete path name to the Kerberos configuration file, which contains the realm for the default Key Distribution Center (KDC) and maps realms to KDC hosts. The KDC maintains a list of user principals and is contacted through the kinit
program for the user's initial ticket.
/krb5/krb.conf
on UNIX and c:\krb5\krb.conf
on Windows
SQLNET.KERBEROS5_CONF=/krb5/krb.conf
Use the parameter SQLNET.KERBEROS5_KEYTAB
to specify the complete path name to the Kerberos principal/secret key mapping file, which is used to extract keys and decrypt incoming authentication information.
/etc/v5srvtab
on UNIX, and c:\krb5\v5srvtab
on Windows
SQLNET.KERBEROS5_KEYTAB=/etc/v5srvtab
Use the protocol SQLNET.KERBEROS5_REALMS
to specify the complete path name to the Kerberos realm translation file, which provides a mapping from a host name or domain name to a realm.
/krb5/krb.realms
on UNIX and c:\krb5\krb.realms
on Windows
SQLNET.KERBEROS5_REALMS=/krb5/krb.realms
Use the protocol SQLNET.RADIUS_ALTERNATE
to specify an alternate RADIUS server to use in case the primary server is unavailable. The value can be either the IP address or host name of the server.
None
SQLNET.RADIUS_ALTERNATE=radius2
Use the parameter SQLNET.RADIUS_ALTERNATE_PORT
to specify the listening port of the alternate RADIUS server.
1645
SQLNET.RADIUS_ALTERNATE_PORT=1667
Use the parameter SQLNET.RADIUS_ALTERNATE_RETRIES
to specify the number of times the database server should resend messages to the alternate RADIUS server.
3
SQLNET.RADIUS_ALTERNATE_RETRIES=4
Use the parameter SQLNET.RADIUS_AUTHENTICATION
to specify the location of the primary RADIUS server, either by its host name or IP address.
Local host
SQLNET.RADIUS_AUTHENETICATION=officeacct
Use the parameter SQLNET.RADIUS_AUTHENTICATION_INTERFACE
to specify the class containing the user interface used to interact with the user.
DefaultRadiusInterface
SQLNET.RADIUS_AUTHENTICATION_INTERFACE=DefaultRadiusInterface
Use the parameter SQLNET.RADIUS_AUTHENTICATION_PORT
to specify the listening port of the primary RADIUS server.
1645
SQLNET.RADIUS_AUTHENTICATION_PORT= 1667
Use the parameter SQLNET.RADIUS_AUTHENTICATION_RETRIES
to specify the number of times the database server should resend messages to the primary RADIUS server.
3
SQLNET.RADIUS_AUTHENTICATION_RETRIES=4
Use the parameter SQLNET.RADIUS_AUTHENTICATION_TIMEOUT
to specify the number of seconds the database server should wait for a response from the primary RADIUS server.
5 seconds
SQLNET.RADIUS_AUTHENTICATION_TIMEOUT=10
Use the parameter SQLNET.RADIUS_CHALLENGE_RESPONSE
to turn challenge response on or off.
off
on
| off
SQLNET.RADIUS_CHALLENGE_RESPONSE=on
Use the parameter SQLNET.RADIUS_SECRET
to specify the location of the RADIUS secret key.
The $ORACLE_HOME/network/security/radius.key
file on UNIX, and the ORACLE_HOME
\network\security\radius.key
file on Windows NT
SQLNET.RADIUS_SECRET=oracle/bin/admin/radiuskey
Use the parameter SQLNET.RADIUS_SEND_ACCOUNTING
to turn accounting on
and off
. If enabled, packets are sent to the active RADIUS server at listening port plus one. The default port is 1646.
off
on
| off
SQLNET.RADIUS_SEND_ACCOUNTING=on
Use the parameter SSL_CIPHER_SUITES
to control what combination of encryption and data integrity is used by the Secure Sockets Layer (SSL).
None
See Also:
Oracle Advanced Security Administrator's Guide for further information about cipher suite values |
SSL_CIPHER_SUITE=(ssl_rsa_with_rc4_138_md5)
Use the parameter SSL_CLIENT_AUTHENTICATION
to specify whether or not a client--in addition to the database server--is authenticated using SSL.
true
true
| false
SSL_CLIENT_AUTHENTICATION=true
Use the parameter SSL_SERVER_DN_MATCH
to enforce that the database server's distinguished name (DN) matches its service name. If you enforce the match verifications, then SSL ensures that the certificate is from the server. If you select to not enforce the match verification, then SSL performs the check but allows the connection, regardless if there is a match. Not enforcing the match allows the server to potentially fake its identify.
no
yes
| on
| true
--Specify to enforce a match. If the DN matches the service name, then the connection succeeds. If the DN does not match the service name, then the connection fails.
no
| off
| false
--Specify to not enforce a match. If does not match the service name, then the connection is successful, but an error is logged to the sqlnet.log
file.
Additionally configure the tnsnames.ora
parameter SSL_SERVER_CERT_DN
to enable server DN matching.
See Also:
Chapter 7, "Configuring Secure Sockets Layer Authentication," in the Oracle Advanced Security Administrator's Guide |
SSL_SERVER_DN_MATCH=yes
Use the parameter SSL_VERSION
to force the version of the SSL connection.
Clients and database servers must use a compatible version.
undetermined
undetermined
| 2.0
| 3.0
SSL_VERSION=2.0
Use the parameter TCP.EXCLUDED_NODES
to specify which clients are denied access to the database.
TCP.EXCLUDED_NODES=(hostname |ip_address
, hostname |ip_address
, ...)
TCP.EXCLUDED_NODES=(finance.us.acme.com, mktg.us.acme.com, 144.25.5.25)
Use the parameter TCP.INVITED_NODES
to specify which clients are allowed access to the database. This list takes precedence over the TCP.EXCLUDED_NODES
parameter if both lists are present.
TCP.INVITED_NODES=(hostname |ip_address
, hostname |ip_address
, ...)
TCP.INVITED_NODES=(sales.us.acme.com, hr.us.acme.com, 144.185.5.73)
Use the parameter TCP.VALIDNODE_CHECKING
to check for the TCP.INVITED_NODES
and TCP.EXCLUDED_NODES
to determine which clients to allow or deny access.
no
yes
| no
TCP.VALIDNODE_CHECKING=yes
Use the parameter TCP.NODELAY
to preempt delays in buffer flushing within the TCP/IP protocol stack.
no
yes
| no
TCP.NODELAY=yes
Use the parameter TNSPING.TRACE_DIRECTORY
to specify the destination directory for the TNSPING utility trace file.
The $ORACLE_HOME/network/trace
directory on UNIX, and the ORACLE_HOME
\network\trace
directory on Windows operating systems
TNSPING.TRACE_DIRECTORY=/oracle/traces
Use the parameter TNSPING.TRACE_LEVE
L to turn tracing on or off. If set to on, sets a specific level of tracing for the TNSPING utility.
off
off
--No trace output
user
--User trace information
admin
--Administration trace information
support
--Oracle Support Services trace information
TNSPING.TRACE_LEVEL=admin
Use the parameter TRACE_DIRECTORY_CLIENT
to specify the destination directory for the client trace file.
The $ORACLE_HOME/network/trace
directory on UNIX, and the ORACLE_HOME
\network\trace
directory on Windows operating systems
TRACE_DIRECTORY_CLIENT=/oracle/traces
Use the parameter TRACE_DIRECTORY_SERVER
to specify the destination directory for the database server trace file.
The $ORACLE_HOME/network/trace
directory on UNIX, and the ORACLE_HOME
\network\trace
directory on Windows NT
TRACE_DIRECTORY_SERVER=/oracle/traces
Use the parameter TRACE_FILE_CLIENT
to specify the name of the client trace file.
sqlnet.trc
TRACE_FILE_CLIENT=clientsqlnet.trc
Use the parameter TRACE_FILE_SERVER
to specify the name of the database server trace file
svr_
pid
.trc
TRACE_FILE_SERVER=svrsqlnet.trc
Use the parameter TRACE_FILELEN_CLIENT
to specify the size of the client trace files in kilobytes (KB). When the size is met, the trace information is written to the next file. The number of files is specified with the TRACE_FILENO_CLIENT
parameter.
TRACE_FILELEN_CLIENT=100
Use the parameter TRACE_FILELEN_SERVER
to specify the size of the database server trace files in kilobytes (KB). When the size is met, the trace information is written to the next file. The number of files is specified with the TRACE_FILENO_SERVER
parameter.
TRACE_FILELEN_SERVER=100
Use the parameter TRACE_FILENO_CLIENT
to specify the number of trace files for client tracing. When this parameter is set along with the TRACE_FILELEN_CLIENT
parameter, trace files are used in a cyclical fashion. The first file is filled first, then the second file, and so on. When the last file has been filled, the first file is re-used, and so on.
The trace file names are distinguished from one another by their sequence number. For example, if the default trace file of svr_
pid
.trc
is used, and this parameter is set to 3, the trace files would be named svr1_
pid
.trc
, svr2_
pid
.trc
and svr3_
pid
.trc
.
In addition, trace events in the trace files are preceded by the sequence number of the file.
None
TRACE_FILENO_SERVER=3
Use the parameter TRACE_FILENO_SERVER
to specify the number of trace files for database server tracing. When this parameter is set along with the TRACE_FILELEN_SERVER
parameter, trace files are used in a cyclical fashion. The first file is filled first, then the second file, and so on. When the last file has been filled, the first file is re-used, and so on.
The trace file names are distinguished from one another by their sequence number. For example, if the default trace file of svr_
pid
.trc
is used, and this parameter is set to 3, the trace files would be named svr1_
pid
.trc
, svr2_
pid
.trc
and svr3_
pid
.trc
.
In addition, trace events in the trace files are preceded by the sequence number of the file.
None
TRACE_FILENO_SERVER=3
Use the parameter TRACE_LEVEL_CLIENT
to turn tracing on or off on the client at a specified level.
off
off
--No trace output
user
--User trace information
admin
--Administration trace information
support
--Oracle Support Services trace information
TRACE_LEVEL_CLIENT=user
Use the parameter TRACE_LEVEL_SERVER
to turn tracing on or off on the database server at a specified level.
off
off
--No trace output
user
--User trace information
admin
--Administration trace information
support
--Oracle Support Services trace information
TRACE_LEVEL_SERVER=admin
Use the parameter TRACE_TIMESTAMP_CLIENT
to add a time stamp in the form of dd-month-yyyy hh:mm:ss
to every trace event in the client trace file, which has a default name of sqlnet.trc
.
off
on
or true
| off
or false
TRACE_TIMESTAMP_SERVER=true
Use the parameter TRACE_TIMESTAMP_SERVER
to add a time stamp in form of dd-month-yy hh:mm:ss
to every trace event in the database server trace file, which has a default name of svr_
pid
.trc
.
off
on
or true
| off
or false
TRACE_TIMESTAMP_SERVER=true
Use the parameter TRACE_UNIQUE_CLIENT
to determine whether or not a unique trace file is created for each client trace file. If the value is set to on
, a process identifier is appended to the name of each trace file, enabling several files named sqlnet
pid.
trc
to coexist. If the value is set to off
, when a new trace file is created for a client, it overwrites the existing file.
on
TRACE_UNIQUE_CLIENT=on
If set to true
, the parameter USE_CMAN
routes the client to a protocol address for an Oracle Connection Manager.
The following example shows two address lists. While the first address list routes the client to an Oracle Connection Manager, the second address list routes the client directly to a listener.
sales= (DESCRIPTION= (LOAD_BALANCE=on) (FAILOVER=on) (ADDRESS_LIST= (SOURCE_ROUTE=yes) (ADDRESS=(PROTOCOL=tcp)(HOST=host1)(PORT=1630)) (ADDRESS=(PROTOCOL=tcp)(HOST=host2)(PORT=1521))) (ADDRESS_LIST= (ADDRESS=(PROTOCOL=tcp)(HOST=host3)(PORT=1521))) (CONNECT_DATA=(SERVICE_NAME=sales.us.acme.com)))
Without USE_CMAN
=true
, the client picks one of the address lists at random and fails over to the other address list if the chosen ADDRESS_LIST
fails. With USE_CMAN
=true
, the client always uses the first address list.
If no Oracle Connection Manager addresses are available, connections are routed through any available listener address.
false
true
| false
USE_CMAN=true
If set to on
, the parameter USE_DEDICATED_SERVER
automatically appends (SERVER=dedicated)
to a connect descriptor's connect data. This way connections from this client use a dedicated server process, even if shared server is configured.
This parameter adds (SERVER=dedicated)
to the CONNECT_DATA
section of the connect descriptor the client uses. It overrides any current value SERVER
parameter.
off
on
--Spawns dedicated server processes
off
--Hands off request to existing server processes
USE_DEDICATED_SERVER=on
Use the VI_RECEIVE_BUFFERS
command to specify the number of buffers that have been posted on the receive queue for a VI protocol address.
Any number between 1 and 100 or one of the following values:
small
--Maps to 5 buffers
medium
--Maps to 15 buffers (Default)
large
--Maps to 30 buffers
The following example shows the number of receive buffers being set to 10. This means that each connection will allocate 10 buffers for receiving data.
RECEIVE_BUFFERS=10
Use the VI_SEND_BUFFERS
command to specify the number of buffers that been posted on the send queue for a VI protocol address.
Any number between 1 and 100 or one of the following values:
small
--Maps to 5 buffers
medium
--Maps to 15 buffers (default)
large
--Maps to 30 buffers
The following example shows the number of send buffers being set to 5. This means that each connection will allocate five buffers for sending data.
SEND_BUFFERS=5
Use the parameter WALLET_LOCATION
to specify the location of wallets. Wallets are certificates, keys, and trustpoints processed by SSL.
Oracle wallets on file system:
WALLET_LOCATION= (SOURCE= (METHOD=file
) (METHOD_DATA= (DIRECTORY=directory
)))
Microsoft certificate store:
WALLET_LOCATION= (SOURCE= (METHOD=mcs))
Oracle wallets in the Windows NT registry:
WALLET_LOCATION=
(SOURCE=
(METHOD=reg)
(METHOD_DATA=
(KEY=registry_key
)))
Entrust wallets:
WALLET_LOCATION= (SOURCE= (METHOD=entr) (METHOD_DATA= (PROFILE=file
.epf) (INIFILE=file
.ini)))
SOURCE
--Type of storage for wallets and storage location
METHOD
--Type of storage
METHOD_DATA
--Storage location
DIRECTORY
--Location of Oracle wallets on file system
KEY
--Wallet type and location in the Windows NT registry
PROFILE
--Entrust profile file (.epf
)
INIFILE
--Entrust initialization file (.ini
)
None
METHOD_DATA
parameter because MCS does not use wallets. Instead, Oracle PKI (public key infrastructure) applications obtain certificates, trustpoints and private keys directly from the user's profile.
ke
y (KEY)
is SALESAPP
, the storage location of the encrypted wallet is HKEY_CURRENT_USER\SOFTWARE\ORACLE\WALLETS\SALESAPP\EWALLET.P12
. The storage location of the decrypted wallet is HKEY_CURRENT_USER\SOFTWARE\ORACLE\WALLETS\SALESAPP\CWALLET.SSO.
Oracle wallets on file system:
WALLET_LOCATION= (SOURCE= (METHOD=file) (METHOD_DATA= (DIRECTORY=/etc/oracle/wallets/databases)))
Microsoft certificate store:
WALLET_LOCATION= (SOURCE= (METHOD=mcs))
Oracle Wallets in the Windows NT registry:
WALLET_LOCATION= (SOURCE= (METHOD=REG) (METHOD_DATA= (KEY=SALESAPP)))
Entrust Wallets:
WALLET_LOCATION= (SOURCE= (METHOD=entr) (METHOD_DATA= (PROFILE=/etc/oracle/wallets/test.epf) (INIFILE=/etc/oracle/wallets/test.ini)))
|
Copyright © 1996-2001, Oracle Corporation. All Rights Reserved. |
|