|
Replies:
6
-
Pages:
1
-
Last Post:
Jun 30, 2008 7:50 AM
Last Post By: frits hoogland
|
|
|
Posts:
194
Registered:
05/29/01
|
|
|
|
ssh tunnel for Oracle client?
Posted:
Jun 26, 2008 6:08 AM
|
|
|
|
I have a client and database separated by a slow LAN. I'd like to utilize SSH's compression scheme to see if I could improve performance.
ssh -C -L 3333:mydbhost:1521
(and then change the tnsnames.ora to point to localhost 3333)
But, if I understand correctly, this will only tunnel the connection to the listener. Since the listener spawns a "random" TCP port, the true connection to the database would not utilize the tunnel.
Does anyone know how to do this using ssh?
I'm inclined to think that it would also involve ssh back tunneling (ssh connection client-to-server and back-tunneled server-to-client)
|
|
|
Posts:
1,567
Registered:
04/17/06
|
|
|
|
Re: ssh tunnel for Oracle client?
Posted:
Jun 26, 2008 8:07 AM
in response to: bilger1
|
|
|
|
I've used tunnels to environments which only where reachable using a ssh gateway, and:
ssh -C -L 3333:<remote db host>:1521 <username>@<ssh gateway machine>
and it did work perfectly. did you test it?
|
|
|
Posts:
1,567
Registered:
04/17/06
|
|
|
|
Re: ssh tunnel for Oracle client?
Posted:
Jun 26, 2008 8:17 AM
in response to: frits hoogland
|
|
|
|
Please mind the following situation:
yourpc ----------------> sshgatewayserver -----------------> oracledbserver
10.0.0.1 -----------> 10.0.0.50 - - - 192.168.0.1 -----------> 192.168.0.100
(gateway server has two ip address, one which is visible for 'yourpc', one which is visible to 'oracle db server'
the command to make the tunnel to the oracle server is:
[me@yourpc]$ ssh -C -L 3333:oracledbserver:1521 me@sshgatewayserver
if the ssh connection to sshgatewayserver is established (and tunnels are allowed in the ssh daemon config), a connection to the oracle database on 'oracledbserver' can be establised using localhost:3333
|
|
|
Posts:
194
Registered:
05/29/01
|
|
|
|
Re: ssh tunnel for Oracle client?
Posted:
Jun 26, 2008 12:57 PM
in response to: frits hoogland
|
|
|
|
Only the listener talks on 1521. The listener then spawns a new TCP port and the client and server communicate on the new port.
|
|
|
Posts:
1,567
Registered:
04/17/06
|
|
|
|
Re: ssh tunnel for Oracle client?
Posted:
Jun 27, 2008 7:03 AM
in response to: bilger1
|
|
|
|
That's correct. But the setup database session still uses the tunnel. As I've said before, I've done this several times. In fact, it's a way to do remote administration over the internet.
|
|
|
Posts:
194
Registered:
05/29/01
|
|
|
|
Re: ssh tunnel for Oracle client?
Posted:
Jun 27, 2008 8:04 AM
in response to: frits hoogland
|
|
|
|
Are you using the USE_SHARED_SOCKET option?
To me, it looks like I would need to configure an (MTS) Dispatcher and force it to stay on a static port (and then tunnel onto that).
I did some tests last night, and if straight 1521 ssh tunneling does the trick, then SSH compression does not improve throughput at all.
Doesn't your netstat -a show dozens (more) ports that Oracle has opened for client connections?
|
|
|
Posts:
1,567
Registered:
04/17/06
|
|
|
|
Re: ssh tunnel for Oracle client?
Posted:
Jun 30, 2008 7:50 AM
in response to: bilger1
|
|
|
|
No, use_shared_socket is not needed, it just works. Please try it.
It works because once the listener forks the process, the connection is already setup.
|
|
|
|
Legend
|
|
Guru : 2500
- 1000000
pts
|
|
Expert : 1000
- 2499
pts
|
|
Pro : 500
- 999
pts
|
|
Journeyman : 200
- 499
pts
|
|
Newbie : 0
- 199
pts
|
|
Oracle ACE Director
|
|
Oracle ACE Member
|
|
Oracle Employee ACE
|
|
Helpful Answer
(5 pts)
|
|
Correct Answer
(10 pts)
|
|
