Use this procedure to enable agent connectivity on a secondary network interface card.
After a secondary NIC is online, you can enable it for agent database communication. This topic describes how to enable this agent connectivity on secondary network interface cards.
To enable agent connectivity on secondary network interfaces card for Audit Vault Server:
cp /usr/local/dbfw/etc/dbfw.conf /usr/local/dbfw/etc/dbfw.conf.backup
vi /usr/local/dbfw/etc/dbfw.conf
# Enable agent connectivity on eth1.
SECONDARY_NIC_1_AGENT="all"
Note:
Optionally, you can replace all
with disabled
or with a blank string. This disables agent connections on the network interface card.
SECONDARY_NIC_1_AGENT=”<IP address 1> <IP address 2>”
1521
and 1522
. To use a different port number, add the following keys:
SECONDARY_NIC_1_AGENT_PORT="21521"
SECONDARY_NIC_1_AGENT_PORT_TLS="21522"
cat <<EOF>> /usr/local/dbfw/etc/dbfw.conf # Enable agent connectivity on eth1. SECONDARY_NIC_1_AGENT="all" SECONDARY_NIC_1_AGENT_PORT="21521" SECONDARY_NIC_1_AGENT_PORT_TLS="21522" EOF
/usr/local/dbfw/bin/priv/configure-networking
/usr/local/dbfw/bin/os_manager execute_script update_connect_string_ip.sh
netstat -pean | grep tnslsnr
The following output confirms that a listener is waiting for an incoming connection:
tcp 0 0 127.0.0.1:5700 0.0.0.0:* LISTEN 503 9423978 13596/tnslsnr tcp 0 0 127.0.0.1:1521 0.0.0.0:* LISTEN 503 9423976 13596/tnslsnr tcp 0 0 <IP address>:21521 0.0.0.0:* LISTEN 503 9423970 13596/tnslsnr tcp 0 0 10.170.90.16:1521 0.0.0.0:* LISTEN 503 9423935 13596/tnslsnr tcp 0 0 <IP address>:21522 0.0.0.0:* LISTEN 503 9423974 13596/tnslsnr tcp 0 0 10.170.90.16:1522 0.0.0.0:* LISTEN 503 9423966 13596/tnslsnr tcp 0 0 127.0.0.1:1523 0.0.0.0:* LISTEN 507 272087 32752/tnslsnr tcp 0 0 127.0.0.1:1521 127.0.0.1:10272 ESTABLISHED 503 9433031 13596/tnslsnr tcp 0 0 127.0.0.1:1521 127.0.0.1:10273 ESTABLISHED 503 9433032 13596/tnslsnr unix 2 [ ACC ] STREAM LISTENING 272084 32752/tnslsnr /var/tmp/.oracle/sEXTPROC1523 unix 2 [ ACC ] STREAM LISTENING 272085 32752/tnslsnr /var/tmp/.oracle/s#32752.1 unix 2 [ ACC ] STREAM LISTENING 272088 32752/tnslsnr /var/tmp/.oracle/s#32752.2 unix 2 [ ACC ] STREAM LISTENING 9423930 13596/tnslsnr /var/tmp/.oracle/sEXTPROC1521 unix 2 [ ACC ] STREAM LISTENING 9423931 13596/tnslsnr /var/tmp/.oracle/s#13596.1 unix 2 [ ACC ] STREAM LISTENING 9423979 13596/tnslsnr /var/tmp/.oracle/s#13596.2
sqlplus64 avadmin/<password>@(DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=<IP address>)(PORT=21521))(CONNECT_DATA = (SERVICE_NAME=dbfwdb)))
Note:
This connects to the clear text communication port of Audit Vault Server, which you must avoid. Use encrypted communication protocols whenever possible.
The following output verifies the established connection:
SQL*Plus: Release 12.1.0.2.0 Production on Wed Oct 12 11:37:00 2016 Copyright (c) 1982, 2014, Oracle. All rights reserved. Last Successful login time: Wed Oct 12 2016 11:36:23 +01:00 Connected to: Oracle Database 12c Enterprise Edition Release 12.1.0.2.0 - 64bit Production With the Partitioning, Automatic Storage Management, Oracle Label Security, OLAP, Advanced Analytics, Oracle Database Vault and Real Application Testing options SQL> select 1 from dual; 1 ---------- 1 SQL>
DECLARE hostName VARCHAR2(300 CHAR); CURSOR HOST_NAMES IS SELECT HOST_NAME FROM AVSYS.AGENT_VIEW WHERE STATUS IN ('RUNNING'); BEGIN OPEN HOST_NAMES; LOOP FETCH HOST_NAMES INTO hostName; EXIT WHEN HOST_NAMES%notfound; BEGIN AVSYS.ADM.send_update_message(hostName); EXCEPTION WHEN NO_DATA_FOUND THEN -- no host to auto upgrade. EXIT; END; END LOOP; CLOSE HOST_NAMES; END;