Connecting Remotely to the Database by Using Oracle Net Services

Oracle Database Exadata Cloud Service supports remote database access by using Oracle Net Services.

Because Exadata Cloud Service leverages Oracle Grid Infrastructure, you can make connections by using Single Client Access Name (SCAN), which is a feature that provides a consistent mechanism for clients to access all of the Oracle databases running in a cluster.

By default, the SCAN is associated with 3 virtual IP addresses (VIPs). Each SCAN VIP is also associated with a SCAN listener that provides a connection endpoint for Oracle Database connections using Oracle Net Services. To maximize availability, Oracle Grid Infrastructure distributes the SCAN VIPs and SCAN listeners across the available cluster nodes. In addition, the SCAN VIPs and SCAN listeners are automatically migrated to a surviving node in the case of a node shutdown or failure. The aim is to ensure that Oracle Database clients always have a single, reliable set of connection endpoints that can service all of the databases running in the cluster.

The SCAN listeners are in addition to the Oracle Net Listeners that run on every node in the cluster, which are also known as the node listeners. When an Oracle Net Services connection comes through SCAN, the SCAN listener routes the connection to one of the node listeners and plays no further part in the connection. The selection of which node listener receives each connection is determined by a combination of factors including listener availability, database instance placement and workload distribution.

Before You Can Connect

By default, the Oracle Net Listeners (SCAN listeners and node listeners) use port 1521, and for security reasons network access to the Oracle Net Listener port (1521) is restricted. Therefore, before you can connect remotely to the database by using Oracle Net Services, you must enable access to the Oracle Net Listener port. See Using Network Encryption and Integrity.

Note:

An SSH tunnel cannot be used to connect to an Exadata Cloud Service database using the SCAN listeners because an SSH tunnel is a point-to-point connection to a specific port on a specific host IP address. However, the SCAN listeners route incoming connections to any of the available node listeners, which listen on a different set of virtual IP addresses.

After you are able to access the Oracle Net Listener port, you require two additional pieces of information in order to make a remote database connection by using Oracle Net Services:

  • The IP addresses for your SCAN VIPs. These IP addresses are contained in the detailed information associated with each database deployment. See Viewing Detailed Information for a Database Deployment.

  • The database identifier, either the database SID or service name. For database deployments running Oracle Database 11g, you can identify the database by using the SID. For deployments running Oracle Database 12c, or later, connecting to the database by specifying the database SID connects you to the CDB (container database). To connect to a PDB (pluggable database), specify the service name of the pluggable database by using the following format:

    pdb.network-domain

    where pdb is the name of the PDB and network-domain is the network domain name associated with your Exadata Cloud Service environment; for example:

    PDB1.us2.oraclecloud.com

    You can determine the network domain name associated with your Exadata Cloud Service environment by viewing details as described in Viewing Detailed Information for a Database Deployment.

Creating an Oracle Net Services Connection by Using SCAN

To create an Oracle Net Services connection by using the SCAN listeners you can choose between two approaches. You can:

  • Use a connect descriptor that references all of the SCAN VIPs.

    This approach requires you to supply all of the SCAN VIP addresses and allows Oracle Net Services to connect to an available SCAN listener. A Net Services alias is typically used to provide a convenient name for the connect descriptor. For example:

    alias-name = (DESCRIPTION=
      (ADDRESS_LIST=
        (ADDRESS=(PROTOCOL=tcp)(HOST=SCAN-VIP-1)(PORT=1521))
        (ADDRESS=(PROTOCOL=tcp)(HOST=SCAN-VIP-2)(PORT=1521))
        (ADDRESS=(PROTOCOL=tcp)(HOST=SCAN-VIP-3)(PORT=1521)))
      (CONNECT_DATA=
        (sid-or-service-entry)))
    where:
    • alias-name is the name you use to identify the alias.

    • SCAN-VIP-[1–3] are the IP addresses for the SCAN VIPs.

    • sid-or-service-entry identifies the database SID or service name using one of the following formats:

      • SID=sid-name; for example SID=ORCL.

      • SERVICE_NAME=service-name; for example SERVICE_NAME=PDB1.us2.oraclecloud.com.

    Note:

    By default, Oracle Net Services randomly selects one of the addresses in the address list in order to balance the load between the SCAN listeners.

    A suitable connect descriptor is contained in the database deployment connect string, which you can obtain by viewing details as described in Viewing Detailed Information for a Database Deployment. For database deployments running Oracle Database 11g, you can use the supplied connect string to connect to your database. For deployments running Oracle Database 12c, or later, you must modify the supplied connect string to specify the service name of the PDB or CDB that you want to connect to.

  • Use a connect identifier that references a custom SCAN name.

    Using this approach, the SCAN name resolves to one of the three SCAN VIPs and the connection is handled by one of the SCAN listeners. See Defining a Custom SCAN Host Name for Exadata Cloud Service.

    To create an Oracle Net Services connection using a customer SCAN name, you can use the easy connect method to specify a connect identifier with the following format:

    SCAN-name:1521/sid-or-service-entry

    For example:

    exa1scan.example.com:1521/ORCL

    or

    exa1scan.example.com:1521/PDB1.us2.oraclecloud.com