Skip to content

Listener valid node checking

by Mohamed Azar on February 26, 2012

Valid node checking is the one of the listener secuirty feature. I thought may be very lesser known this feature. What purpose of this feature use, this feature uses If you configuring the the set of invited or exluded nodes, you can take control of which hosts are allowed to connect your database. You can add it hostnames or ip address in sqlnet.ora file.

In other cases it can be more complex, particularly when a single database is hosting several applications.There will be some cases where a database must accept connections from a large number of hosts, when the list of hosts that connect is constantly hanging, or even some organizations that change both IP addresses and hostnames for their machines on a somewhat random basis. For these systems,Valid Node Checking is not a viable feature.

If you think your database may connect few client hosts, you can add this feature in sqlnet.ora file. this feature restricted to connect the database from other client hosts.

Let’s See ,

Database Server , I just configured following entries in sqlnet.ora file.



tcp.validnode_checking = yes


 


 tcp.invited_nodes = (siebelpoc)




Reload listener






lsnrctl>reload




From client host :




[oracle@siebelpoc ~]$ export ORACLE_SID=testdb 
[oracle@siebelpoc ~]$ sqlplus system/Admin123@testdb

SQL*Plus: Release 11.2.0.1.0 Production on Sun Feb 26 11:02:48 2012

Copyright (c) 1982, 2009, Oracle.  All rights reserved.

Connected to: Oracle Database 11g Enterprise Edition Release 11.2.0.2.0 - 64bit Production With the Partitioning, OLAP, Data Mining and Real Application Testing options

SQL> select name from v$database;

NAME --------- TESTDB




I can able to connect.


Again I just edited invited nodes in database server sqlnet.ora file






tcp.validnode_checking = yes


 


tcp.invited_nodes = (siebel)




Reload listener






lsnrctl>reload




From client machine,




[oracle@siebelpoc ~]$ sqlplus system/Admin123@testdb

SQL*Plus: Release 11.2.0.1.0 Production on Sun Feb 26 11:05:36 2012

Copyright (c) 1982, 2009, Oracle.  All rights reserved.

ERROR: ORA-12537: TNS:connection closed




Now I can not able to connect the database from client hosts because of i changed invited node in sqlnet.ora file.



		
	
			

			
																	

				

					

											

					

						From: Security					

				

			

				

			

			

		

		

	
	

		No comments yet
	




	

		
Leave a Reply 





	
	






	

		
Fill in your details below or click an icon to log in:

		
	


	

		

			

				Gravatar
			


				

				
				

					
					

				

				

					
					

				

			

			
		

	


	

		

			

				WordPress.com Logo
			


				

				
				
				
						

			
			You are commenting using your WordPress.com account.			Log Out / 
				Change )
			
			
		

					

	
		

	


	

		

			

				Twitter picture
			


				

				
				
				
						

			
			You are commenting using your Twitter account.			Log Out / 
				Change )
			
			
		

					

	
		

	


	

		

			

				Facebook photo
			


				

				
				
				
						

			
			You are commenting using your Facebook account.			Log Out / 
				Change )
			
			
		

					

	
		

	



	

		
Cancel

		
Connecting to %s

	









	
 
 






 





	

	
	

	


		





	

		

	

	

	

	

	

	

	

	

	

	

	



			
	


	
	
				



	
	

		

			%d bloggers like this: