INBOUND_CONNECT_TIMEOUT与SQLNET.INBOUND_CONNECT_TIMEOUT小结

本文涉及的产品
日志服务 SLS,月写入数据量 50GB 1个月
简介:

   关于sqlnet.ora的参数SQLNET.INBOUND_CONNECT_TIMEOUT,它表示等待用户认证超时的时间,单位是秒,缺省值是60 秒,如果用户认证超时了,服务器日志alert.log显示出错信息"WARNING: inbound connection timed out (ORA-3136)",sqlnet.log里面出现TNS-12535: TNS:operation timed out错误信息。

   关于listener.ora的参数inbound_connect_timeout_监听器名,它表示等待用户连接请求超时的时间,单位是秒,缺省值是 60秒,如果连接请求超时了,监听器日志listener.log显示出错信息"TNS-12525: TNS:listener has not received client's request in time allowed"。

   其中sqlnet.ora里面的参数为SQLNET.INBOUND_CONNECT_TIMEOUT, listener.ora里面的参数设置为INBOUND_CONNECT_TIMEOUT_listener_name ,其中根据监听名字来替换listener_name。官方文档关于两者的介绍如下所示:

 

SQLNET.INBOUND_CONNECT_TIMEOUT parameter in sqlnet.ora on the database server

Specify the time, in seconds, for a client to connect with the database server and provide the necessary authentication information. If the client fails to establish a connection and complete authentication in the time specified, then the database server terminates the connection. In addition, the database server logs the IP address of the client and an ORA-12170: TNS:Connect timeout occurred error message to the sqlnet.log file. The client receives either an ORA-12547: TNS:lost contact or an ORA-12637: Packet receive failed error message.

INBOUND_CONNECT_TIMEOUT_listener_name in listener.ora

Specify the time, in seconds, for the client to complete its connect request to the listener after the network connection had been established.

If the listener does not receive the client request in the time specified, then it terminates the connection. In addition, the listener logs the IP address of the client and an ORA-12525: TNS:listener has not received client’s request in time allowed error message to the listener.log file

 

查看inbound_connect_timeout值

1:查看SQLNET.INBOUND_CONNECT_TIMEOUT的设置值,一般进入$ORACLE_HOME/network/admin下,查看sqlnet.ora参数文件即可。

2: 查看监听INBOUND_CONNECT_TIMEOUT参数,可以查看listener.ora参数文件。但是有时候,例如默认情况,参数文件里面没有 设置这个参数,或是有些动态监听没有配置listener.ora,那么可以使用lsnrctl命令查看,如下所示:

LSNRCTL> show
The following operations are available after show
An asterisk (*) denotes a modifier or extended command:
 
rawmode                     displaymode                 
rules                       trc_file                    
trc_directory               trc_level                   
log_file                    log_directory               
log_status                  current_listener            
inbound_connect_timeout     startup_waittime            
snmp_visible                save_config_on_stop         
dynamic_registration        
 
LSNRCTL> show inbound_connect_timeout
Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=IPC)(KEY=EXTPROC1)))
LISTENER parameter "inbound_connect_timeout" set to 60
The command completed successfully
LSNRCTL> 

clip_image001

 

设置SQLNET.INBOUND_CONNECT_TIMEOUT值

我们首先设置SQLNET.INBOUND_CONNECT_TIMEOUT为30秒,这个参数修改后立即生效,不需要做任何其它操作。

[oracle@DB-Server admin]$ vi sqlnet.ora
# sqlnet.ora Network Configuration File: /u01/app/oracle/product/10.2.0/db_1/network/admin/sqlnet.ora
# Generated by Oracle configuration tools.
 
NAMES.DIRECTORY_PATH= (TNSNAMES, EZCONNECT)
SQLNET.INBOUND_CONNECT_TIMEOUT=30
 
 
C:\Users>sqlplus /@mytest
 
SQL*Plus: Release 11.2.0.1.0 Production on 星期日 2月 28 10:57:09 2016
 
Copyright (c) 1982, 2010, Oracle.  All rights reserved.
 
ERROR:
ORA-01017: invalid username/password; logon denied
 
 
请输入用户名:

clip_image002

 

当30秒后,此时,在sqlnet.log里面就能看到新增了一条关于TNS-12535的错误记录,其中10.20.34.14是我客户端的IP地址。

clip_image003

 

告警日志里面你会看到WARNING: inbound connection timed out (ORA-3136)错误。有意思的是,监听日志里面你不会看到任何错误信息。(可以用了对比这两个参数的区别)

clip_image004

 

设置INBOUND_CONNECT_TIMEOUT_listener_name的值

这个参数可以通过lsnrctl命令设置,如下所示,当然最简单的还是设置listener.ora参数文件。这个参数也是立即生效,不需要重启监听。

LSNRCTL> show inbound_connect_timeout
NL-00853: undefined show command "inbound_connect—meout".  Try "help show"
LSNRCTL> show inbound_connect_timeout
Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=IPC)(KEY=EXTPROC1)))
LISTENER parameter "inbound_connect_timeout" set to 60
The command completed successfully
LSNRCTL> set inbound_connect_timeout 20
Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=IPC)(KEY=EXTPROC1)))
LISTENER parameter "inbound_connect_timeout" set to 20
The command completed successfully
LSNRCTL> show inbound_connect_timeout
Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=IPC)(KEY=EXTPROC1)))
LISTENER parameter "inbound_connect_timeout" set to 20
The command completed successfully
LSNRCTL> 

clip_image005

此时我们用telnet来模拟用户连接请求超时的时间,如下所示,当超过20秒,就会自动退出

[root@test ~]# time telnet 192.168.9.124 1521
Trying 192.168.9.124...
Connected to 192.168.9.124 (192.168.9.124).
Escape character is '^]'.
Connection closed by foreign host.
 
real    0m20.019s
user    0m0.001s
sys     0m0.003s

此时在listener.log里面,你就能看到TNS-12525的错误,如下所示

28-FEB-2016 11:32:20 * <unknown connect data> * (ADDRESS=(PROTOCOL=tcp)(HOST=10.20.34.14)(PORT=38051)) * establish * <unknown sid> * 12525
 
TNS-12525: TNS:listener has not received client's request in time allowed
 
TNS-12535: TNS:operation timed out
 
TNS-12606: TNS: Application timeout occurred

注意:set inbound_connect_timeout只对当前环境生效,如果重启监听服务,则会失效,如下所示

LSNRCTL> set inbound_connect_timeout 18
Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=IPC)(KEY=EXTPROC1)))
LISTENER parameter "inbound_connect_timeout" set to 18
The command completed successfully
LSNRCTL> reload
Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=IPC)(KEY=EXTPROC1)))
The command completed successfully
LSNRCTL> show inbound_connect_timeout
Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=IPC)(KEY=EXTPROC1)))
LISTENER parameter "inbound_connect_timeout" set to 60
The command completed successfully

clip_image006

此时需要使用命令set save_config_on_stop on保存配置信息,使其永远生效。但是我测试发现,动态监听也无法使用set save_config_on_stop on保存配置信息,需要修改配置文件(注意,修改listener.ora,需要重启监听使之生效)。如下所示

clip_image007

 

关于两者之间的关系,一般INBOUND_CONNECT_TIMEOUT_listener_name的值应该低于SQLNET.INBOUND_CONNECT_TIMEOUT的值,官方文档介绍如下,

When specifying values for these parameters, consider the following

recommendations:

Set both parameters to an initial low value.

Set the value of the INBOUND_CONNECT_TIMEOUT_listener_name parameter to a lower value than the SQLNET.INBOUND_CONNECT_TIMEOUT parameter.

For example, you can set INBOUND_CONNECT_TIMEOUT_listener_name to 2 seconds and INBOUND_CONNECT_TIMEOUT parameter to 3 seconds. If clients are unable to complete connections within the specified time due to system or network delays that are normal for the particular environment, then increment the time as needed.

相关实践学习
日志服务之使用Nginx模式采集日志
本文介绍如何通过日志服务控制台创建Nginx模式的Logtail配置快速采集Nginx日志并进行多维度分析。
相关文章
成功解决: Client network socket disconnected before secure TLS connection was established
这篇文章记录了在使用Avue时遇到的"Client network socket disconnected before secure TLS connection was established"错误的解决方法,即通过修改为国内镜像(如淘宝npm镜像)来解决安装问题,并提供了具体的命令示例以及安装成功后的截图。
成功解决: Client network socket disconnected before secure TLS connection was established
|
5月前
|
应用服务中间件 nginx Docker
connect() failed (113: No route to host) while connecting to upstream
connect() failed (113: No route to host) while connecting to upstream
174 0
【已解决】kex_exchange_identification: Connection closed by remote host fatal: Could not read from
【已解决】kex_exchange_identification: Connection closed by remote host fatal: Could not read from
|
6月前
|
Linux 数据安全/隐私保护
Could not connect to ‘121.37.92.110‘ (port 22): Connection failed.
Could not connect to ‘121.37.92.110‘ (port 22): Connection failed.
|
Java 应用服务中间件 PHP
Nginx——*5 connect() failed (111: Connection refused) while connecting to upstream
Nginx——*5 connect() failed (111: Connection refused) while connecting to upstream
686 0
Nginx——*5 connect() failed (111: Connection refused) while connecting to upstream
|
Kubernetes 网络协议 容器
kubectl命令报错:Unable to connect to the server: dial tcp XXX:16443: connect: no route to host
kubectl命令报错:Unable to connect to the server: dial tcp XXX:16443: connect: no route to host
1037 0
|
网络协议 Linux 网络安全
使用frp时遇到的问题connect: connection refuseddial tcp xxxx:7000: connect: connection refused
最近在做的项目需要用到frp来做代理连接本地内网机,卡在最后启动客户端的时候,提示报错:login to server failed: dial tcp xxxx:7000: connect: connection refuseddial tcp xxxx:7000: connect: connection refused!!找了很多尝试的办法,现在给大家列一下希望对大家有帮助。
3476 0
|
运维 网络协议 网络安全
Closed socket connection for client /39.103.162.230:56100 (no session established for client)
Closed socket connection for client /39.103.162.230:56100 (no session established for client)
517 0
Closed socket connection for client /39.103.162.230:56100 (no session established for client)
The connection to the server ip:6443 was refused - did you specify the right host or port
The connection to the server ip:6443 was refused - did you specify the right host or port
|
网络协议
OGG-01232 Receive TCP params error: TCP/IP error 104 (Connection reset by peer), endpoint:
源端: 2015-02-05 17:45:49 INFO OGG-01815 Virtual Memory Facilities for: COM anon alloc: mmap(MAP_ANON) anon free: munmap file alloc: mmap(MAP_SH...
3123 0