cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Shadow Process TCP Ports.

alembertmauricio_cardozom
Explorer

on ‎06-12-2006 11:54 PM

0 Kudos

Good Afternoon,

Currently we have a firewall between Application Server and Database Server, the TCP PORT 1527 (listener) and 1521 were opened in order to permit connection from Application Server to Database Server.

In the DATABASE INSTANCE only asked for LISTENER PORT no more TCP PORTS and It was set 1527.

Database Server has installed the following software:

Windows Server 2003 EnterPrise Edition.

Oracle9i Enterprise Edition Release 9.2.0.7.0

When I try to load Dispatcher service in CRM Application Server it generates an error: ORA-12535: TNS:operation timed out and the dispatcher is stopped.

The same situation happens when WAS Java 6.40 installed in Application Server tries to connect to Database Server with the Oracle9i Enterprise Edition Release 9.2.0.7.0.

In the firewall we opened the TCP PORTS range from 1024 to 9999 and as a result in CRM server the Dispatcher Service works fine and in the WAS JAVA 6.40 the Jcontrol service works without problems.

I know that listener creates a Shadow Process (Database Server) for every WORK PROCESS (Application Server) in order to coordinate the connection setup between the work process and the shadow process.

Do you know exactly the scope of TCP ports used by Shadow processes ? in order to open in the firewall only this RANGE ?

I looked for TCP Ports in Sap Guides, Oracle Guides, and so on but unfortunately there is no more information about it only listener Ports.

If you have experience about it, I appreciate so much for your help.

Thanks for you for your help.

Mauricio.

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (2)

Answers (2)

Former Member
‎06-27-2006 8:58 PM
0 Kudos

Your issue maybe Windows 2003 related.

Read this and it may shine light on you next step.

http://www.microsoft.com/technet/community/columns/cableguy/cg1205.mspx

Show replies
Show replies
Former Member
‎06-29-2006 8:45 AM
0 Kudos

Hi David,

I do not think that your suggestion does realy fit.

as ALEMBERT MAURICIO CARDOZO MARTINEZ already describes in his entry: <i>Standard Oracle port 1521 is used only for initial negotiation between client an server: client says via that port to server 'I want to talk with you' and server answers 'OK, talk to me on port XXXX'.</i>

well, the port range for XXXX the server is answering might depend on the mechanism described in the microsoft article you are refering to. But I think the background of his question was how to use exactly one port for the Client/Server communication and not a complete port range.

regards

Peter

Message was edited by: Peter Simon

Message was edited by: Peter Simon

Former Member
‎06-29-2006 12:22 PM
0 Kudos

This is the part that I was referring to:

<snip>

Port Reservation

Port reservation allows an application to prevent a range of ports from being assigned during a wildcard bind. However, reserving a port range does not prevent an application from performing a specific bind (a request for the use of a specific port) within a reserved range. When reserving a port range, you must choose a contiguous range of port numbers from 1025 to the value of the MaxUserPort setting (5000 by default) or from 49152 to 65535. Multiple client applications can reserve the same range. When unreserving (removing the reservation), Windows Sockets removes the first entry it finds that is completely encompassed by the unreserve request.

You can also specify a range of reserved ports with the registry by doing the following:

1.

Click Start, click Run, type regedit.exe, and then click OK.

2.

Locate and then click the following registry subkey:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters

3.

On the Edit menu, point to New, and then click Multi-string Value.

4.

Type ReservedPorts and then press ENTER.

5.

Double-click the ReservedPorts value, type the range of ports using the syntax: x-y

To specify a single port, use the same value for x and y. For example, to specify port 4000, type 4000-4000.

6.

Click OK.

7.

Quit Registry Editor.

</snip>

Peter,

You don't think that this would be an option?

Former Member
‎06-13-2006 8:11 PM
0 Kudos

Hi Mauricio,

I would recommend you to search Oracle Metalink for this issue.

There are a lot of articles in metalink discussing this issue.

If you or your company did not have an account there please refere to SAP Note 758563 how to access Metalink information.

Just search for "listener firewall" in the knowledgebase.

regards

Peter

Show replies
Show replies
alembertmauricio_cardozom
Explorer
‎06-18-2006 7:03 AM
0 Kudos

Hi Peter,

I appreciate so much your help, I will check this Sap Note, however SAP OSS give me the following steps to solve the problem:

Dear

Please USE_SHARED_SOCKET parameter thsi will work. see metalink note Note:66382.1

attached. this parameter is also supported by sap.

Standard Oracle port 1521 is used only for initial negotiation

between client an server: client says via that port to server 'I want

to talk with you' and server answers 'OK, talk to me on port XXXX'.

And it is random port for every session. And of coursem, we can not

open all ports through firewall.

There is a way to tell the Oracle server to use allways the same port

for all clients and session: that is an registry value:

HKEY_LOCAL_MACHINE:Software:Oracle

Name: USE_SHARED_SOCKET

Type: REG_EXPAND_SZ

Value: TRUE

And then server restart.

see the metalink note attached for more details.

Kind Regards,

Sicco Lansu

Senior Support Consultant

SAP GSC Ireland

SAP Active Global Support - Netweaver Web Application Server

Former Member
‎06-20-2006 1:21 PM
0 Kudos

well, as far as I understood the above mentioned Registry Path is not quite correct for Oracle with version > 8.0.

you have to set this parameter in the right registry key.

To find out the right Oracle Registry Key see to contents of file %oracle_home%\oracle.key (do not change the contents of the file!!)

it is something like HKLM\Software\Oracle\HomeX for 8.1 and 9.2 and

HKLM\Software\Oracle\KEY_<ORACLE_HOME_NAME> for Oracle 10.

regards

Peter

Ask a Question