10.4 Using Oracle Connection Manager as a Bridge for IPv4 and IPv6

In some database connection environments, a client and database may use different versions of the IP protocol so that complete connectivity does not exist. In this case, at least two hops in the connection use different versions of the IP protocol.

For example, a request passes from an IPv4 source to an IPv6 destination, from an IPv6 source to an IPv4 destination, or from IPv6 to IPv6 through an IPv4 network.

You can use Oracle Connection Manager as a network bridge between IPv4 and IPv6. To serve as a bridge, Oracle Connection Manager must run on a dual-stack host configured with at least one IPv4 interface and at least one IPv6 interface.

Use the Oracle Connection Manager filtering feature to filter based on an IPv6 address. You can base rules on complete or partial IP addresses. The following figure shows the format of an IPv6 address:

Figure 10-1 IPv6 Address Format

Description of Figure 10-1 follows
Description of "Figure 10-1 IPv6 Address Format"

The numbers at the top of the diagram indicate the number of bits in the address. Each hexadecimal character in an IPv6 address represents 4 bits. Bits 4-16 are the Top-Level Aggregation Identifier (TLA ID) portion of the address. Bits 25-49 are the Next-Level Aggregation Identifiers (NLA ID).

For example, in the address 2001:0db8::203:BAFF:FE0F:C74B, the binary representation of the first four hexademical characters (2001) is as follows: 

0010000000000001

Thus, the first 3 bits in the address are 001. The TLA ID portion of the address is 0000000000001.

The following procedure describes how to create a rules filter for IPv6 address:

  1. Navigate to the cman.ora file located in the ORACLE_BASE_HOME/network/admin directory.

    If the cman.ora file is not present in the ORACLE_BASE_HOME/network/admin directory, then check for the file in the ORACLE_HOME/network/admin directory.

  2. Open the cman.ora file with a text editor.
  3. Create a RULE in the RULE_LIST based on IPv6 address format.

    For example, assume that the source host is an IPv6-only host with address 2001:0db8::203:BAFF:FE0F:C74B, whereas the destination is an IPv4-only host named SALESL1593. You configure Oracle Connection Manager as an IPv6-to-IPv4 bridge by creating one of the following rules:

    Type of Rule Description Example

    Filter based on subnet ID

    Filtering is based on the 64 bits up to and including the subnet ID

    		 
    (RULE = (SRC = 2001:0db8::203:BAFF:FE0F:C74B/64)
  (DST = SALESL1593)
  (SRV = SALES)
  (ACT = ACCEPT)
  (ACTION_LIST = (AUT=ON)(MOCT=10)(MIT=30)(CONN_STATE=YES))
)

    Filter based on NLA ID

    Filtering is based on the 48 bits up to and including the NLA ID

    		 
    (RULE = (SRC = 2001:0db8::203:BAFF:FE0F:C74B/48)
  (DST = SALESL1593)
  (SRV = SALES)
  (ACT = ACCEPT)
  (ACTION_LIST = (AUT=ON)(MOCT=10)(MIT=30)(CONN_STATE=YES))
)

    Filter based on TLA ID

    Filtering is based on the 16 bits up to and including the TLA ID

    		 
    (RULE = (SRC = 2001:0db8::203:BAFF:FE0F:C74B/16)
  (DST = SALESL1593)
  (SRV = SALES)
  (ACT = ACCEPT)
  (ACTION_LIST = (AUT=ON)(MOCT=10)(MIT=30)(CONN_STATE=YES))
)

    Filter based on number of bits

    Filtering is based on the first 60 bits of the address

    		 
    (RULE = (SRC = 2001:0db8::203:BAFF:FE0F:C74B/60)
  (DST = SALESL1593)
  (SRV = SALES)
  (ACT = ACCEPT)
  (ACTION_LIST = (AUT=ON)(MOCT=10)(MIT=30)(CONN_STATE=YES))
)

Related Topics

Parent topic: Configuring and Administering Oracle Connection Manager