Solved

ORA 12170 TNS connect timeout

Posted on 2006-11-25
3
3,257 Views
Last Modified: 2013-12-01
Has anyone come across this in OAS 10g R2?

Oracle Application Server 10gR2 on Red Hat ES 4u4
Oracle 10gR2 RAC (2-node) on Red Hat AS 4u4

The Application Servers are on different subnet from the RAC database and hence on separate switches.

During Installation of Identity Management, my installation abruptly fails. Checking the logs revealed connect timeout error. Then telnet to the database machine on any port from the app server times-out, although ping works. In fact telnet from the application server to anything else times-out. Telnet is only successful after reboot.

However, when I moved the app servers onto the same subnet, hence same switch, as the RAC, the installation completed successfully.

Now I need to move the App servers back into the DMZ where they are intended for. So I'm running the chgiphost.sh script and I'm hiting the same problem as I did during the installation.

It appears that some process in the installation is killing ability of Linux to talk to other machines on ports. Has anyone come across this? Is this firewall or software - Oracle or Linux?

More symptoms:
I can still telnet from the RAC to the App server even though the app server cannot talk to the database server
Don't forget I can ping the RAC server from the app server but telnet or ssh timeout.

Don't forget connectivity is durable when all servers are placed on the same subnet.

The remote database is definitely listening

I'm considering moving my database servers to teh DMZ. Has anyone done this without security risks? I believe you could create port rules to protect your database servers.

0
Comment
Question by:Richard Olutola
3 Comments
 
LVL 13

Accepted Solution

by:
anand_2000v earned 250 total points
ID: 18017904
it might be a simple issue of routing. please request in http://www.experts-exchange.com/Community_Support/ to shift this question to networking
0
 
LVL 6

Assisted Solution

by:bpeterse
bpeterse earned 250 total points
ID: 18030534
Re: last question.  Keep your DB behind all firewalls and put only the app server - or a portion thereof - on the DMZ.  If possible, put the Portal and SSO on it's own server in the DMZ and keep everything behind the firewall.  You could use port rules to protect your DB servers - but you can use the same logic to keeping it behind the firewall.  It adds one more layer of security to keep your data integrity intact.

0
 
LVL 16

Author Comment

by:Richard Olutola
ID: 18059097
This was indeed a connectivity issue as I suspected.

I believe this should be deleted because it would not be of any use to anybody the fact that I was working where the network infrastructure is in a questionable state.

How do I delete this.
0

Featured Post

Simple, centralized multimedia control

Watch and learn to see how ATEN provided an easy and effective way for three jointly-owned pubs to control the 60 televisions located across their three venues utilizing the ATEN Control System, Modular Matrix Switch and HDBaseT extenders.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
activemq cluster 1 245
Secure cookies 1 72
Running Java application as ordinary user 24 101
Java Email Transport Not working 14 106
Configure Web Service (server application) I. Configure security for Web Services methods First, we need to protect Session bean which implements the service: 1. Open EJB deployment descriptor (ejb-jar.xml) in the EJB project that contains you…
There are numerous questions about how to setup an IBM HTTP Server to be administered from WebSphere Application Server administrative console. I do hope this article will wrap things up and become a reference for this task. You need three things…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

685 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question