Oracle9i Net Services Administrator's Guide Release 2 (9.2) Part Number A96580-02 |
|
|
View PDF |
Oracle Net Services provide a variety of options to help you design and manage networks that are both flexible and easy to use. With Oracle Net Services enhanced scalability and manageability features, you can develop a network to support a wide range of environments, whether they be simple workgroups or large mission critical enterprises.
This chapter describes considerations for planning a network using Oracle Net Services. It explains the relationships of the network products, and options for expanding and better managing your future network.
This chapter contains these topics:
As Figure 7-1 shows, an internal network often has a diverse client makeup. Besides traditional clients that need access to the database servers, Web clients also need access. The type and number of clients, as well as other networking issues, affect the types of features to consider deploying.
This section addresses deployment considerations for an internal network in terms of the following categories:
For an organization with hundreds or thousands of clients, scalability is of the utmost importance. Oracle Net Services offers a number of features that can improve database server scalability, including shared server, connection pooling, and session multiplexing.
With a shared server architecture, a small pool of server processes can serve a large number of clients. This reduces the server's memory requirements. Connection pooling and session multiplexing features are enabled through shared server.
Connection pooling enables the database server to time-out protocol connections and to use those connections to service an active session.
Session multiplexing, available with Oracle Connection Manager, enables multiple client sessions to funneled through a single protocol connection.
When session multiplexing is used with connection pooling, you can increase the total number of client sessions the server can handle.
Table 7-1 summarizes the relative advantages of using connection pooling and session multiplexing and provides recommendations for using them in the network.
Availability to the database is crucial for any internal network. You can configure multiple listeners to handle client connection requests for the same database service. This is especially ideal in an Oracle9i Real Application Clusters configuration, where each instance has a listener associated with it. Multiple listener configurations enable you to utilize connect-time failover and connection load balancing features.
Connect-time failover enables clients to request a different listener (usually on a different node) if the first listener fails.
Client load balancing enables clients to randomize requests to the multiple listeners (usually on different nodes).
These features can be used together or separately. Together, they ensure access to the database and distribute the load so as not to overburden a single listener.
Selecting the appropriate naming method for mapping names to connect descriptors depends upon the size of the organization.
For a small organization with only a few databases, use host naming to store names in an existing names resolution service, or local naming to store names in tnsnames.ora
file on the clients.
For large organizations with several databases, use directory naming to store names in a centralized LDAP-compliant directory server.
See Also:
"Naming Considerations" for further information about selecting a naming method |
Java client applications access an Oracle database through a Java Database Connectivity (JDBC) Driver--a standard Java interface for connecting from Java to a relational database. Oracle Corporation offers the following drivers:
Ensure that Internal networks are deployed inside a firewall.
See Also:
Oracle Advanced Security Administrator's Guide for further information about providing security for the internal network |
Oracle Net Services offers a number of features that can help reduce round-trip time across the network, increase listener performance, and reduce the number of protocols used.
Before sending data across the network, Oracle Net buffers and encapsulates data into the session data unit (SDU). Oracle Net sends the data stored in this buffer when the buffer is full, flushed, or when database server tries to read data. When large amounts of data are being transmitted or when the message size is consistent, adjusting the size of the SDU buffers can improve performance, network utilization, or memory consumption. You can deploy SDU at the client, the application Web server, and the database server.
If you anticipate receiving a large number of connection requests for a listening process, you can increase the size of the listener queue.
The database only needs to be configured to listen on one protocol address, even though clients may use other protocols. Oracle Connection Manager provides a protocol conversion feature that enables a client and database server configured with different networking protocols to communicate with one another.
As Figure 7-2 shows, an Internet network is usually consists of Web clients that access firewall-protected application Web servers, that then connect to a database. An Internet network has many of the same requirements as an internal network, but it also has its own unique set of requirements. This section examines both requirements.
Like an internal network, scalability can be improved in an Internet network with shared server, connection pooling, and session multiplexing features configured on the database server. Session multiplexing can also be configured on the application Web server tier. This can help offload some of the network I/O of the application Web servers, increasing throughput.
Availability to the database is crucial for any Internet network with a firewall. It is important to deploy at least two Oracle Connection Manager firewalls or Oracle Net Firewall Proxies in the event that one firewall goes down.
For an Internet network, configure the application Web servers needed to connect to the databases with the local naming method.
See Also:
"Naming Considerations" for further information about selecting a naming method |
Java applications that reside on the application Web server require the JDBC OCI driver.
Security in an Internet network is crucial to control access to the database.
Granting and denying access to the a database is crucial for a secure network environment. You can configure access control through a firewall or on the database. For firewall support, you can configure Oracle Connection Manager to function as a firewall, whereby it grants or denies clients access to a particular database service or a computer based on a set of filtering rules. For the database, you can configure access control parameters in the sqlnet.ora
file to specify that clients using a particular protocol are allowed or denied access.
To prevent unauthorized clients from attempting denial-of-service attacks on the listener or database server, you can configure limits that constrain the time in which resources can be held prior to authentication. Client attempts to exceed the configured limits will result in connection terminations and an audit trail containing the IP address of the client being logged.
The performance and tuning features described in "Tuning and Performance" can also be deployed for an Internet network.
Table 7-2 summarizes the relative advantages and disadvantages of each naming method and provides recommendations for using them in the network.
Naming Method | Advantages/Disadvantages | Recommended for: |
---|---|---|
Local Naming |
Advantages:
Disadvantage: Requires local configuration of all net service name and address changes |
Simple distributed networks with a small number of services that change infrequently. |
Directory Naming |
Advantages:
Disadvantage: Requires access to a directory server |
Large, complex networks (over 20 databases) that change on a frequent basis. |
Oracle Names |
Advantage: Centralizes network names and addresses in a single place, facilitating administration of name changes and updates. For example, whenever a change is made to an existing server or a new server is added to the network, the change is made only once on one Oracle Names server. This eliminates the need for an administrator to make changes to what potentially could be hundreds or even thousands of clients. Disadvantages:
Note: In future releases, Oracle Names will not be supported as a centralized naming method. Instead, consider using directory naming or migrating an existing Oracle Names configuration to directory naming, as described in Chapter 10, "Exporting Naming Data to a Directory Server". |
Large, complex networks (over 20 databases) that change on a frequent basis. |
Host Naming |
Advantages:
Disadvantage: Available only in a limited environment, as indicated in the Recommended for column |
Simple TCP/IP networks that meet the criteria listed: |
External Naming |
Advantage: Enables administrators to load Oracle net service name into their native name service using tools and utilities with which they are already familiar Disadvantage: Requires a third-party naming services that cannot be administered using Oracle Net products |
Networks with existing name services. |
This section covers performance considerations. It includes the following topics:
If you anticipate receiving a large number of connection requests for a listening process (such as a listener, Oracle Connection Manager, or Oracle Names server) over TCP/IP, Oracle Net enables you to configure the listening queue to be higher than the system default.
Tuning your application to reduce the number of round trips across the network is the best way to improve your network performance. If this is done, it is also possible to optimize data transfer by adjusting the size of the session data unit (SDU).
The SDU is a buffer that Oracle Net uses to place data into before transmitting it across the network. Oracle Net sends the data in the buffer either when requested or when it is full.
Table 7-3 outlines considerations for modifying the size of the SDU.
Modify SDU size when: | Do not modify SDU size when: |
---|---|
Under certain conditions for some applications using TCP/IP, Oracle Net packets may not get flushed immediately to the network. Most often, this behavior occurs when large amounts of data are streamed. The implementation of TCP/IP itself is the reason for the lack of flushing, causing unacceptable delays. To remedy this problem, specify no delays in the buffer flushing process.
See Also:
Oracle9i Net Services Reference Guide for further information about the |
Table 7-4 summarizes the features you can deploy.
Feature | See Also |
---|---|
Scalability Features |
|
Connection Pooling |
|
Session Multiplexing |
|
Shared Server |
|
Availability Features |
|
Client Load Balancing |
|
Connect-Time Failover |
|
Naming Method Features |
|
Directory Naming |
|
Host Naming |
|
Local Naming |
|
Oracle Names |
|
JDBC Drivers |
|
Security Features |
|
Access Control |
"Enabling Access Control" to configure Oracle Connection Manager "Configuring Database Access Control" to configure access control parameters in |
Listener and Database Server Connection Limits |
"Configuring the Listener and the Oracle Database To Limit Resource Consumption By Unauthorized Users" |
Tuning and Performance Features |
|
Listener Queue Size |
|
Protocol Conversion |
|
SDU Size |