The database it self seemed healthy; the v$active_services view showed that my services were indeed alive.
But still, the services wouldn't be registered by LREG and thus wouldn't be available for the the listener to service incoming requests.
I turned on logging for the listener by setting the following parameter in listener.ora:
LOGGING_LISTENER=onThen restart the listener. Logging starts:
lsnrctl start
LSNRCTL for Linux: Version 19.0.0.0.0 - Production on 07-MAR-2024 11:22:33
Copyright (c) 1991, 2023, Oracle. All rights reserved.
Connecting to (ADDRESS=(PROTOCOL=tcp)(HOST=)(PORT=1521))
STATUS of the LISTENER
------------------------
Alias LISTENER
Version TNSLSNR for Linux: Version 19.0.0.0.0 - Production
Start Date 07-MAR-2024 11:11:35
Uptime 0 days 0 hr. 10 min. 57 sec
Trace Level off
Security ON: Local OS Authentication
SNMP OFF
Listener Parameter File /orainst/product/19c/network/admin/listener.ora
Listener Log File /orainst/diag/tnslsnr/myserver/listener/alert/log.xml
I then put a tail on the listener log and register the services with the listener manually:
sqlplus / as sysdba alter system register;
I then noticed the output on the listener.log file:
07-MAR-2024 10:37:56 * service_register_NSGR * 1194 TNS-01194: The listener command did not arrive in a secure transportLook up the error:
oracle@myserver.oric.no:[cdb]# oerr tns 01194
01194, 00000, "The listener command did not arrive in a secure transport"
// *Cause: Most of the listener administrative commands are only intended to
// be issued in a secure transport, which are configured in
// secure_control_ parameter. If the parameter is set, then the listener
// accepts administrative requests only on those secure transports.
// *Action: Make sure the command is issued using a transport specified
// in secure transport list.
I then noticed that my listener.ora parameter SECURE_REGISTER_LISTENER was set to TCP:
SECURE_REGISTER_LISTENER = (TCP)To allow for dynamic instance registration, I needed to allow for the other protocol, IPC, too:
SECURE_REGISTER_LISTENER = (TCP,IPC)My tests showed that they both need to be present, in that particular order.
In fact, the listener.ora file could be as simple as this:
ADR_BASE_LISTENER = /orainst/oracle LOGGING_LISTENER=on TRACE_LEVEL_LISTENER=off SECURE_REGISTER_LISTENER = (TCP,IPC) SID_LIST_LISTENER = (SID_LIST = (SID_DESC = (ORACLE_HOME = /orainst/oracle/product/19c) (SID_NAME = cdb) ) ) LISTENER = (DESCRIPTION_LIST = (DESCRIPTION = (ADDRESS = (PROTOCOL = IPC)(KEY = EXTPROC1521)) ) )and still allow for remote client connections over TCP.
Sources: Oracle Net LISTENER Parameters for 19c
No comments:
Post a Comment