Re: physical standby database managed/non-managed

Okay, so there's a host that you can use as a relay between your firewalls.

Could that server be an NFS server? That would provide an easy way to pass logfiles through the firewalls.

If your security people are happy with relaying SSH through this intermediary server, you might also have a chance of using (something like) "stunnel" to relay other traffic such as SQL*Net...

Of course, if you point this out they might just realise that they may as well allow a VPN path between your firewall "islands" -- or worse, decide the "ban" the relay host in the middle because it allows to much latitude to bypass their "security".

Is there anything that you can "suggest to network your security folks that will let you connect from primary to standby without opening any security risk"? Sure. It's called a "VPN", a "virtual private network". Of course,
this subverts the restriction that you cannot pass TCP packets between servers, but then I can't think of many good "security" reasons for prohibiting that. (Okay, I *can* think of a few, but they are mostly weird.)


Sandeep Dubey wrote:

Hi,

We need to implement physical standby database. Primary and standby
will be in two separate networks behind their own firewalls. Security
guys dont allow to ping from one server to other server. I can not
create sqlnet connection either.

So from primary I ssh to a hop server and from there I ssh to standby.
Under given situation I assume that I can not set up data guard. Or is
there any way I can implement data guard? Is any suggestion to network
security folks that will let me connect from primary to standby
without opening any security risk?

I have started looking into alternative solution using non-managed
standby. I created a standby database. I am copying the archived logs
from primary manually and applying on standby. Standby running behind
the primary acceptable here. Moving the archived logs will be
implemented through a perl script that will be called from cronjob.
In this script I have command "Recover standby database;" After that
if I do AUTO it applies all archived logs and give ORA-00308 for next
(not yet there) archived log.
This is the way it is supposed to be.

Is there any way that standby recover to the last available archived
log and comes out cleanly? How can I query the last archived log file
applied on the standby database?

Thanks

Sandeep
--
http://www.freelists.org/webpage/oracle-l








--
http://www.freelists.org/webpage/oracle-l


Other related posts: