Re: session timeout in 10g
- From: Paul Drake <bdbafh@xxxxxxxxx>
- To: cstephens16@xxxxxxxxx
- Date: Tue, 30 Aug 2005 16:58:31 -0400
On 8/30/05, Chris Stephens <cstephens16@xxxxxxxxx> wrote:
>
> so I found the following in the alert log:
>
> WARNING: inbound connection timed out (ORA-3136)
>
> ...not much of anything on metastink or google.
>
> no profiles are set and the machine is on the same network.
>
> any ideas on what could be causing this? ...or how to find out what is
> causing this? :)
Chris,
That sounds like a classis case of attempting to obtain a dedicated server
session through a listener where NAT or a firewall is involved. The incoming
request to the listener is translated inbounds, but the redirected client
never finds its port in the storm. One can tnsping and get a reply, but not
create a session.
Might you have setup iptables whereby all incoming connection attempts are
blocked except for those explicitly allowed? That is a laudable objective,
but you'll need to open the high TCP ports (>1024) for dedicated server
connections. You can restrict the range of ports used in the kernel
settings, if desired.
I've never seen that message in an alert log - usually messages regarding
failed connection attempts are in the listener log file.
hth.
Paul
On 8/30/05, Paul Drake <bdbafh@xxxxxxxxx> wrote:
> >
> > On 8/30/05, Chris Stephens <cstephens16@xxxxxxxxx> wrote:
> >
> > > I recently installed 10gR2 on red hat 3. i am getting disconnected
> through toad and isqlpus. i haven't determined the exact lenght of time this
> takes to occur yet.
> > >
> > > i looked in sqlnet.ora for a timeout setting but there is nothing
> there. is this default behavior? if so how do i change it?
> > >
> > > thanks,
> > > chris
> > >
> >
> > Chris,
> >
> > Unless your DBA has set profiles that limit connect time, this is most
> likely a networking issue. Even with a resource limit of connect_time, it
> would still just "snipe" the session, not kill it itself until another call
> is made.
> >
> > Is the oracle client on the same LAN as the oracle server - meaning, do
> you traverse a router or firewall where NAT/IP masquerading is involved?
> >
> > An easy way to tell is if a netstat (from the client desktop) returns a
> high port and an IP address different than that of the oracle server.
> >
> > You might consider enabling keep_alive settings in the oracle network
> configuration files.
> > Metalink has various notes covering this, as well as the Networking
> guide available via OTN.
> >
> > As far as iSqlplus, I haven't a clue. Never used it. Knew that there was
> an exploit for itearly on, so I never installed it.
> >
> > hth.
> >
> > Paul
> >
> >
> >
> >
> >
> > --
> > #/etc/init.d/init.cssd stop
> > # f=ma, divide by 1, convert to moles.
> --
> //www.freelists.org/webpage/oracle-l
>
--
#/etc/init.d/init.cssd stop
# f=ma, divide by 1, convert to moles.
Other related posts:
