Solved

ORA 12170 TNS connect timeout

Posted on 2006-11-25
3
3,245 Views
Last Modified: 2013-12-01
Has anyone come across this in OAS 10g R2?

Oracle Application Server 10gR2 on Red Hat ES 4u4
Oracle 10gR2 RAC (2-node) on Red Hat AS 4u4

The Application Servers are on different subnet from the RAC database and hence on separate switches.

During Installation of Identity Management, my installation abruptly fails. Checking the logs revealed connect timeout error. Then telnet to the database machine on any port from the app server times-out, although ping works. In fact telnet from the application server to anything else times-out. Telnet is only successful after reboot.

However, when I moved the app servers onto the same subnet, hence same switch, as the RAC, the installation completed successfully.

Now I need to move the App servers back into the DMZ where they are intended for. So I'm running the chgiphost.sh script and I'm hiting the same problem as I did during the installation.

It appears that some process in the installation is killing ability of Linux to talk to other machines on ports. Has anyone come across this? Is this firewall or software - Oracle or Linux?

More symptoms:
I can still telnet from the RAC to the App server even though the app server cannot talk to the database server
Don't forget I can ping the RAC server from the app server but telnet or ssh timeout.

Don't forget connectivity is durable when all servers are placed on the same subnet.

The remote database is definitely listening

I'm considering moving my database servers to teh DMZ. Has anyone done this without security risks? I believe you could create port rules to protect your database servers.

0
Comment
Question by:rolutola
3 Comments
 
LVL 13

Accepted Solution

by:
anand_2000v earned 250 total points
ID: 18017904
it might be a simple issue of routing. please request in http://www.experts-exchange.com/Community_Support/ to shift this question to networking
0
 
LVL 6

Assisted Solution

by:bpeterse
bpeterse earned 250 total points
ID: 18030534
Re: last question.  Keep your DB behind all firewalls and put only the app server - or a portion thereof - on the DMZ.  If possible, put the Portal and SSO on it's own server in the DMZ and keep everything behind the firewall.  You could use port rules to protect your DB servers - but you can use the same logic to keeping it behind the firewall.  It adds one more layer of security to keep your data integrity intact.

0
 
LVL 16

Author Comment

by:rolutola
ID: 18059097
This was indeed a connectivity issue as I suspected.

I believe this should be deleted because it would not be of any use to anybody the fact that I was working where the network infrastructure is in a questionable state.

How do I delete this.
0

Featured Post

Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

Join & Write a Comment

Verbose logging is used to diagnose garbage collector problems. By default, -verbose:gc output is written to either native_stderr.log or native_stdout.log.   It is also possible to redirect the logs to a user-specified file. This article will de…
There are numerous questions about how to setup an IBM HTTP Server to be administered from WebSphere Application Server administrative console. I do hope this article will wrap things up and become a reference for this task. You need three things…
Illustrator's Shape Builder tool will let you combine shapes visually and interactively. This video shows the Mac version, but the tool works the same way in Windows. To follow along with this video, you can draw your own shapes or download the file…
This tutorial demonstrates a quick way of adding group price to multiple Magento products.

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now