Oracle® Transparent Gateway for DRDA Installation and User's Guide 10g Release 2 (10.2) for UNIX Part Number B16217-02 |
|
|
View PDF |
Oracle Net is an Oracle product providing network communication between Oracle applications, Oracle Database, and Oracle Gateways across different systems
This chapter contains the following sections:
This section provides checklists to be used when installing and configuring Oracle Net.
Oracle Net provides connectivity to the gateway through the use of Protocol Adapters, SQL*Net, and the TNS Listener. Configuration of Oracle Net is backward compatible with past versions of SQL*Net. A new facility called Heterogeneous Services (HS) has been added to both Oracle Net and the gateway to improve the throughput of data. For additional information, refer to Oracle Database Net Services Administrator's Guide, Oracle Database Net Services Reference, and Oracle Database Heterogeneous Connectivity Administrator's Guide.
Oracle Net is a required Oracle product supporting network communications between Oracle applications, Oracle Database, and Oracle gateways across different CPUs or operating systems. It also supports communication across different Oracle Databases and CPUs providing distributed database and distributed processing capabilities.
Oracle Net also allows applications to connect to multiple Oracle Database or gateways across a network, selecting from a variety of communications protocols and application program interfaces (APIs) to establish a distributed processing and distributed database environment.
A communications protocol is a set of implemented standards or rules governing data transmission across a network. An API is a set of subroutines providing an interface for application processes to the network environment.
Dividing processing between a front-end computer running an application and a back-end computer used by the application is known as distributed processing. Oracle Net enables an Oracle tool or application to connect to a remote computer containing Oracle Database or Oracle Gateway.
Distributed Database
Several databases linked through a network, appearing as a single logical database, are known as a distributed database. An Oracle tool running on a client computer or on Oracle Database running on a host computer can share and obtain information retrieved from other remote Oracle Database. Regardless of the number of database information sources, you might be aware of only one logical database.
The following terms are used to explain the architecture of Oracle Net:
host is the computer the database resides on and that runs Oracle Database or gateway.
client (task) is the application using a Oracle Net driver to communicate with Oracle Database or gateway.
protocol is a set of standards or rules governing the operation of a communication link.
driver is the part of Oracle Net supporting a given network protocol or communication method.
network is a configuration of devices and software connected for information interchange.
The gateway must be defined to the TNS listener, and a service name must be defined for accessing the gateway.
Step 1: Modify listener.ora file
Add an entry for the gateway to the listener.ora
file. For example:
(SID_DESC= (SID_NAME=sidname) (ORACLE_HOME=/oracle/tg4drda/10.2.0) (PROGRAM=g4drsrv))
Refer to Appendix B, "Sample Files", for a sample listener.ora
file.
Note:
ThePROGRAM=g4drsrv
parameter is required. It specifies to the listener the name of the gateway executable.Step 2: Modify tnsnames.ora file
Add a gateway service name to the tnsnames.ora
file on the system where your Oracle integrating server resides. Specify the service name in the USING
parameter of the database link defined for accessing the gateway from the Oracle Database 10g server.
linkname1 = (DESCRIPTION= (ADDRESS= (PROTOCOL=IPC) (KEY=ORAIPC)) (CONNECT_DATA=(SID=sidname)) (HS=) )
You can use the IPC protocol only if the Oracle integrating server and the gateway reside on the same computer. If you use the IPC protocol adapter, then add an entry like this to tnsnames.ora:
where:
linkname1
is the name used to define the database link referencing the gateway.
ORAIPC
is the IPC key defined in the listener.ora
file for the IPC protocol.
sidname
is your gateway SID, the same SID that you used for the entry in your listener.ora
file.
If you are using the TCP/IP protocol adapter, then add the following entry to tnsnames.ora
:
linkname2
is the name used to define the database link referencing the gateway.
where:
linkname2 = (DESCRIPTION= (ADDRESS= (PROTOCOL=TCP) (PORT=port) (HOST=hostname)) (CONNECT_DATA=(SID=sidname)) (HS=) )
port
is the TCP/IP port number on which the Oracle listener is listening (default is 1541).
hostname
is the name of your host system.
sidname
is your gateway SID.
Refer to "Sample Oracle Net tnsnames.ora File" for a sample tnsnames.ora
file. For more information about configuring Oracle Net, refer to Oracle Database Net Services Administrator's Guide.
Oracle Net supports the CHECKSUM
command and the Export encryption algorithms. The following sections describe a basic method of verifying this feature if it is used at your site. The easiest way to determine if Advanced Security encryption is attempting to work is to deliberately set wrong configuration parameters and attempt a connection between the server and client. Incorrect parameters cause the connection to fail.
After receiving the expected failure message, set the configuration parameters to the correct settings and try the connection again. Encryption is working properly if you receive no further error messages.
The following procedures test Advance Security encryption by the above method. The incorrect parameter settings produce error 12660
Step 1: Set Advanced Security Encryption Parameters for the Gateway
Step 2: Set Advanced Security Encryption Parameters for Oracle Server
Step 1: Set Advanced Security Encryption Parameters for the Gateway
Edit the Oracle Net configuration file on the host system (gateway system) to add the following parameters and values:
SQLNET.CRYPTO_CHECKSUM_SERVER = REJECTED SQLNET.ENCRYPTION_SERVER = REJECTED SQLNET.CRYPTO_CHECKSUM_TYPES_SERVER = (SHA1) SQLNET.ENCRYPTION_TYPES_SERVER = (DES40,RC4_40) SQLNET.CRYPTO_SEED = "abcdefg123456789"
The value shown for SQLNET.CRYPTO_SEED
is only an example. Set it to the value you want. Refer to the Oracle Database Advanced Security Administrator's Guide for more information.
Step 2: Set Advanced Security Encryption Parameters for Oracle Server
Set the advanced security encryption parameters for the Oracle integrating server.
Edit the Oracle Net configuration file on the Oracle integrating server system to add the following parameters:
SQLNET.CRYPTO_CHECKSUM_CLIENT = REQUIRED SQLNET.ENCRYPTION_CLIENT = REQUIRED SQLNET.CRYPTO_CHECKSUM_TYPES_CLIENT = (SHA1) SQLNET.ENCRYPTION_TYPES_CLIENT = (DES40,RC4_40) SQLNET.CRYPTO_SEED = "abcdefg123456789"
The value shown for SQLNET.CRYPTO_SEED
is only an example.
After completing Steps 1 and 2 to set up Advanced Security encryption, you are ready to test the operation of the Advanced Security encryption by using the following steps:
Step 1: Connect Gateway and Oracle Integrating Server
Use SQL*Plus to logon to the Oracle integrating server. Access the gateway through a database link. You should receive the following error:
ORA-12660: Encryption or crypto-checksumming
Step 2: Reset Configuration Parameters on the Gateway
Change the following Advanced Security encryption parameters on the gateway to:
SQLNET.CRYPTO_CHECKSUM_SERVER = REQUIRED SQLNET.ENCRYPTION_SERVER = REQUIRED
Attempt the connection between the gateway and the Oracle integrating server again. If no error message is returned and the connection completes, then you can assume Advanced Security encryption is working properly.