INBOUND_CONNECT_TIMEOUT与SQLNET.INBOUND_CONNECT_TIMEOUT小结

   关于sqlnet.ora的参数SQLNET.INBOUND_CONNECT_TIMEOUT，它表示等待用户认证超时的时间，单位是秒，缺省值是60 秒，如果用户认证超时了，服务器日志alert.log显示出错信息"WARNING: inbound connection timed out (ORA-3136)"，sqlnet.log里面出现TNS-12535: TNS:operation timed out错误信息。

   关于listener.ora的参数inbound_connect_timeout_监听器名，它表示等待用户连接请求超时的时间，单位是秒，缺省值是 60秒，如果连接请求超时了，监听器日志listener.log显示出错信息"TNS-12525: TNS:listener has not received client's request in time allowed"。

   其中sqlnet.ora里面的参数为SQLNET.INBOUND_CONNECT_TIMEOUT， listener.ora里面的参数设置为INBOUND_CONNECT_TIMEOUT_listener_name ，其中根据监听名字来替换listener_name。官方文档关于两者的介绍如下所示：

SQLNET.INBOUND_CONNECT_TIMEOUT parameter in sqlnet.ora on the database server

Specify the time, in seconds, for a client to connect with the database server and provide the necessary authentication information. If the client fails to establish a connection and complete authentication in the time specified, then the database server terminates the connection. In addition, the database server logs the IP address of the client and an ORA-12170: TNS:Connect timeout occurred error message to the sqlnet.log file. The client receives either an ORA-12547: TNS:lost contact or an ORA-12637: Packet receive failed error message.

INBOUND_CONNECT_TIMEOUT_listener_name in listener.ora

Specify the time, in seconds, for the client to complete its connect request to the listener after the network connection had been established.

If the listener does not receive the client request in the time specified, then it terminates the connection. In addition, the listener logs the IP address of the client and an ORA-12525: TNS:listener has not received client’s request in time allowed error message to the listener.log file

查看inbound_connect_timeout值

1：查看SQLNET.INBOUND_CONNECT_TIMEOUT的设置值，一般进入$ORACLE_HOME/network/admin下，查看sqlnet.ora参数文件即可。

2： 查看监听INBOUND_CONNECT_TIMEOUT参数，可以查看listener.ora参数文件。但是有时候，例如默认情况，参数文件里面没有 设置这个参数，或是有些动态监听没有配置listener.ora，那么可以使用lsnrctl命令查看，如下所示：

LSNRCTL> show

The following operations are available after show

An asterisk (*) denotes a modifier or extended command:

rawmode                     displaymode                 

rules                       trc_file                    

trc_directory               trc_level                   

log_file                    log_directory               

log_status                  current_listener            

inbound_connect_timeout     startup_waittime            

snmp_visible                save_config_on_stop         

dynamic_registration        

LSNRCTL> show inbound_connect_timeout

Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=IPC)(KEY=EXTPROC1)))

LISTENER parameter "inbound_connect_timeout" set to 60

The command completed successfully

LSNRCTL> 

设置SQLNET.INBOUND_CONNECT_TIMEOUT值

我们首先设置SQLNET.INBOUND_CONNECT_TIMEOUT为30秒，这个参数修改后立即生效，不需要做任何其它操作。

[oracle@DB-Server admin]$ vi sqlnet.ora

# sqlnet.ora Network Configuration File: /u01/app/oracle/product/10.2.0/db_1/network/admin/sqlnet.ora

# Generated by Oracle configuration tools.

NAMES.DIRECTORY_PATH= (TNSNAMES, EZCONNECT)

SQLNET.INBOUND_CONNECT_TIMEOUT=30

C:\Users>sqlplus /@mytest

SQL*Plus: Release 11.2.0.1.0 Production on 星期日 2月 28 10:57:09 2016

Copyright (c) 1982, 2010, Oracle.  All rights reserved.

ERROR:

ORA-01017: invalid username/password; logon denied

请输入用户名:

当30秒后，此时，在sqlnet.log里面就能看到新增了一条关于TNS-12535的错误记录，其中10.20.34.14是我客户端的IP地址。

告警日志里面你会看到WARNING: inbound connection timed out (ORA-3136)错误。有意思的是，监听日志里面你不会看到任何错误信息。（可以用了对比这两个参数的区别）

设置INBOUND_CONNECT_TIMEOUT_listener_name的值

这个参数可以通过lsnrctl命令设置，如下所示，当然最简单的还是设置listener.ora参数文件。这个参数也是立即生效，不需要重启监听。

LSNRCTL> show inbound_connect_timeout

NL-00853: undefined show command "inbound_connect—meout".  Try "help show"

LSNRCTL> show inbound_connect_timeout

Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=IPC)(KEY=EXTPROC1)))

LISTENER parameter "inbound_connect_timeout" set to 60

The command completed successfully

LSNRCTL> set inbound_connect_timeout 20

Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=IPC)(KEY=EXTPROC1)))

LISTENER parameter "inbound_connect_timeout" set to 20

The command completed successfully

LSNRCTL> show inbound_connect_timeout

Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=IPC)(KEY=EXTPROC1)))

LISTENER parameter "inbound_connect_timeout" set to 20

The command completed successfully

LSNRCTL> 

此时我们用telnet来模拟用户连接请求超时的时间，如下所示，当超过20秒，就会自动退出

[root@test ~]# time telnet 192.168.9.124 1521

Trying 192.168.9.124...

Connected to 192.168.9.124 (192.168.9.124).

Escape character is '^]'.

Connection closed by foreign host.

real    0m20.019s

user    0m0.001s

sys     0m0.003s

此时在listener.log里面，你就能看到TNS-12525的错误，如下所示

28-FEB-2016 11:32:20 * <unknown connect data> * (ADDRESS=(PROTOCOL=tcp)(HOST=10.20.34.14)(PORT=38051)) * establish * <unknown sid> * 12525

TNS-12525: TNS:listener has not received client's request in time allowed

TNS-12535: TNS:operation timed out

TNS-12606: TNS: Application timeout occurred

注意：set inbound_connect_timeout只对当前环境生效，如果重启监听服务，则会失效，如下所示

LSNRCTL> set inbound_connect_timeout 18

Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=IPC)(KEY=EXTPROC1)))

LISTENER parameter "inbound_connect_timeout" set to 18

The command completed successfully

LSNRCTL> reload

Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=IPC)(KEY=EXTPROC1)))

The command completed successfully

LSNRCTL> show inbound_connect_timeout

Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=IPC)(KEY=EXTPROC1)))

LISTENER parameter "inbound_connect_timeout" set to 60

The command completed successfully

此时需要使用命令set save_config_on_stop on保存配置信息，使其永远生效。但是我测试发现，动态监听也无法使用set save_config_on_stop on保存配置信息，需要修改配置文件（注意，修改listener.ora，需要重启监听使之生效）。如下所示

关于两者之间的关系，一般INBOUND_CONNECT_TIMEOUT_listener_name的值应该低于SQLNET.INBOUND_CONNECT_TIMEOUT的值，官方文档介绍如下，

When specifying values for these parameters, consider the following

recommendations:

Set both parameters to an initial low value.

Set the value of the INBOUND_CONNECT_TIMEOUT_listener_name parameter to a lower value than the SQLNET.INBOUND_CONNECT_TIMEOUT parameter.

For example, you can set INBOUND_CONNECT_TIMEOUT_listener_name to 2 seconds and INBOUND_CONNECT_TIMEOUT parameter to 3 seconds. If clients are unable to complete connections within the specified time due to system or network delays that are normal for the particular environment, then increment the time as needed.