Oracle Database Exadata Cloud Service supports remote database access by using Oracle Net Services.
Because Exadata Cloud Service uses Oracle Grid Infrastructure, you can make connections by using Single Client Access Name (SCAN), which is a feature that provides a consistent mechanism for clients to access all of the Oracle databases running in a cluster.
By default, the SCAN is associated with three virtual IP addresses (VIPs). Each SCAN VIP is also associated with a SCAN listener that provides a connection endpoint for Oracle Database connections using Oracle Net Services. To maximize availability, Oracle Grid Infrastructure distributes the SCAN VIPs and SCAN listeners across the available cluster nodes. In addition, the SCAN VIPs and SCAN listeners are automatically migrated to a surviving node if a node fails or shuts down. The aim is to ensure that Oracle Database clients always have a single, reliable set of connection endpoints that can service all of the databases running in the cluster.
The SCAN listeners are in addition to the Oracle Net Listeners that run on every node in the cluster, which are also known as the node listeners. When an Oracle Net Services connection comes through SCAN, the SCAN listener routes the connection to one of the node listeners and plays no further part in the connection. A combination of factors including listener availability, database instance placement, and workload distribution determines which node listener receives each connection.
Before You Can Connect
By default, the Oracle Net Listeners (SCAN listeners and node listeners) use port 1521, and network access to the Oracle Net Listener port (1521) is restricted for security reasons. Therefore, you must enable access to the Oracle Net Listener port before you can connect remotely to the database by using Oracle Net Services.
Likewise, Oracle Net Services sends messages to the Oracle Notification Service (ONS), which typically uses port 6200. If ONS is inaccessible, the Oracle Net Services connection functions but some operations are subject to extra wait times. By default, network access to the ONS port (6200) is also restricted for security reasons. Therefore, Oracle recommends that you enable access to the ONS port before you connect remotely to the database by using Oracle Net Services.
An SSH tunnel cannot be used to connect to an Exadata Cloud Service database using the SCAN listeners because an SSH tunnel is a point-to-point connection to a specific port on a specific host IP address. However, the SCAN listeners route incoming connections to any of the available node listeners, which listen on a different set of virtual IP addresses.
To make a remote database connection by using Oracle Net Services, you also need the following information:
The IP addresses for your SCAN VIPs. These IP addresses are contained in the detailed information associated with each database deployment. See Viewing Detailed Information for a Database Deployment.
The database identifier, either the database SID or service name. For database deployments running Oracle Database 11g, you can identify the database by using the SID. For deployments running Oracle Database 12c, or later, connecting to the database by specifying the database SID connects you to the CDB (container database). To connect to a PDB (pluggable database), specify the service name of the pluggable database by using the following format:
pdbis the name of the PDB and
network-domainis the network domain name associated with your Exadata Cloud Service environment; for example:
You can determine the network domain name associated with your Exadata Cloud Service environment by viewing details as described in Viewing Detailed Information for a Database Deployment.
Creating an Oracle Net Services Connection by Using SCAN
To create an Oracle Net Services connection by using the SCAN listeners you can choose between two approaches. You can:
Use a connect descriptor that references all of the SCAN VIPs.
This approach requires you to supply all of the SCAN VIP addresses and allows Oracle Net Services to connect to an available SCAN listener. A Net Services alias is typically used to provide a convenient name for the connect descriptor. For example:
alias-name = (DESCRIPTION= (ADDRESS_LIST= (ADDRESS=(PROTOCOL=tcp)(HOST=SCAN-VIP-1)(PORT=1521)) (ADDRESS=(PROTOCOL=tcp)(HOST=SCAN-VIP-2)(PORT=1521)) (ADDRESS=(PROTOCOL=tcp)(HOST=SCAN-VIP-3)(PORT=1521))) (CONNECT_DATA= (sid-or-service-entry)))where:
alias-nameis the name you use to identify the alias.
SCAN-VIP-[1–3]are the IP addresses for the SCAN VIPs.
sid-or-service-entryidentifies the database SID or service name using one of the following formats:
SID=sid-name; for example,
SERVICE_NAME=service-name; for example,
Note:By default, Oracle Net Services randomly selects one of the addresses in the address list to balance the load between the SCAN listeners.
A suitable connect descriptor is contained in the database deployment connect string, which you can obtain by viewing details as described in Viewing Detailed Information for a Database Deployment. For database deployments running Oracle Database 11g, you can use the supplied connect string to connect to your database. For deployments running Oracle Database 12c, or later, you must modify the supplied connect string to specify the service name of the PDB or CDB that you want to connect to.
Use a connect identifier that references a custom SCAN name.
Using this approach, the SCAN name resolves to one of the three SCAN VIPs and the corresponding SCAN listener handles the connection. See Defining a Custom SCAN Host Name for Exadata Cloud Service.
To create an Oracle Net Services connection using a customer SCAN name, you can use the easy connect method to specify a connect identifier with the following format: