|Oracle® Database Net Services Administrator's Guide
10g Release 1 (10.1)
Part Number B10775-01
Oracle Net Services provide a variety of options to help you design and manage networks that are both flexible and easy to use. With Oracle Net Services enhanced scalability and manageability features, you can develop a network to support a wide range of environments, whether they be simple workgroups or large mission critical enterprises.
This chapter describes considerations for planning a network using Oracle Net Services. It explains the relationships of the network products, and options for expanding and better managing your future network.
This chapter contains these topics:
As Figure 7-1 shows, an internal network often has a diverse client makeup. Besides traditional clients that need access to the database servers, Web clients also need access. The type and number of clients, as well as other networking issues, affect the types of features to consider deploying.
This section addresses deployment considerations for an internal network in terms of the following categories:
For an organization with hundreds or thousands of clients, scalability is of the utmost importance. Oracle Net Services offers a number of features that can improve database server scalability, including shared server, connection pooling, and session multiplexing.
With a shared server architecture, a small pool of server processes can serve a large number of clients. This reduces the server's memory requirements. Connection pooling and session multiplexing features are enabled through shared server.
Connection pooling enables the database server to time out protocol connections and to use those connections to service an active session.
Session multiplexing, available with Oracle Connection Manager, enables multiple client sessions to funnel through a single protocol connection.
When session multiplexing is used with connection pooling, you can increase the total number of client sessions the server can handle.
Table 7-1 summarizes the relative advantages of using connection pooling and session multiplexing and provides recommendations for using them in the network.
||Database sessions should use the
||Networks where many clients run interactive "high think/search time" applications such as messaging and OLAP|
||Clients must connect to Oracle Connection Manager.||Networks where continuous connectivity is required.|
Availability to the database is crucial for any internal network. You can configure multiple listeners to handle client connection requests for the same database service. This is especially ideal in an Oracle9i Real Application Clusters configuration, where each instance has a listener associated with it. Multiple listener configurations enable you to utilize connect-time failover and connection load balancing features.
Connect-time failover enables clients to request a different listener (usually on a different node) if the first listener fails.
Client load balancing enables clients to randomize requests to the multiple listeners (usually on different nodes).
These features can be used together or separately. Together, they ensure access to the database and distribute the load so as not to overburden a single listener.
For a small organization with only a few databases, use easy connect naming to make TCP/IP connections with the host name of the database server or local naming to store names in
tnsnames.ora file on the clients.
For large organizations with several databases, use directory naming to store names in a centralized directory server.
Java client applications access an Oracle database through a Java Database Connectivity (JDBC) Driver—a standard Java interface for connecting from Java to a relational database. Oracle Corporation offers the following drivers:
OCI driver for clientside and application Web server use with an Oracle client installation
Thin driver for clientside use without an Oracle installation, particularly with applets
Ensure that Internal networks are deployed inside a firewall.
See Also:Oracle Advanced Security Administrator's Guide for further information about providing security for the internal network
Oracle Net Services offers a number of features that can help reduce round-trip time across the network, increase listener performance, and reduce the number of protocols used.
Before sending data across the network, Oracle Net buffers and encapsulates data into the session data unit (SDU). Oracle Net sends the data stored in this buffer when the buffer is full, flushed, or when database server tries to read data. When large amounts of data are being transmitted or when the message size is consistent, adjusting the size of the SDU buffers can improve performance, network utilization, or memory consumption. You can deploy SDU at the client, the application Web server, and the database server.
The database only needs to be configured to listen on one protocol address, even though clients may use other protocols. Oracle Connection Manager provides a protocol conversion feature that enables a client and database server configured with different networking protocols to communicate with one another.
As Figure 7-2 shows, an Internet network is usually consists of Web clients that access firewall-protected application Web servers, that then connect to a database. An Internet network has many of the same requirements as an internal network, but it also has its own unique set of requirements. This section examines both requirements.
Like an internal network, scalability can be improved in an Internet network with shared server, connection pooling, and session multiplexing features configured on the database server. Session multiplexing can also be configured on the application Web server tier. This can help offload some of the network I/O of the application Web servers, increasing throughput.
Availability to the database is crucial for any Internet network with a firewall. It is important to deploy at least two Oracle Connection Manager firewalls or Oracle Net Firewall Proxies in the event that one firewall goes down.
For an Internet network, configure the application Web servers needed to connect to the databases with the local naming method.
Java applications that reside on the application Web server require the JDBC OCI driver.
Security in an Internet network is crucial to control access to the database.
Granting and denying access to the a database is crucial for a secure network environment. You can configure access control through a firewall or on the database. For firewall support, you can configure Oracle Connection Manager to function as a firewall, whereby it grants or denies clients access to a particular database service or a computer based on a set of filtering rules. For the database, you can configure access control parameters in the
sqlnet.ora file to specify that clients using a particular protocol are allowed or denied access.
To prevent unauthorized clients from attempting denial-of-service attacks on the listener or database server, you can configure limits that constrain the time in which resources can be held prior to authentication. Client attempts to exceed the configured limits will result in connection terminations and an audit trail containing the IP address of the client being logged.
The performance and tuning features described in "Tuning and Performance" can also be deployed for an Internet network.
Table 7-2 summarizes the relative advantages and disadvantages of each naming method and provides recommendations for using them in the network.
Table 7-2 Naming Methods: Advantages and Disadvantages
|Naming Method||Advantages/Disadvantages||Recommended for:|
Disadvantage: Requires local configuration of all net service name and address changes
|Simple distributed networks with a small number of services that change infrequently.|
Disadvantage: Requires access to a directory server
|Large, complex networks (over 20 databases) that change on a frequent basis.|
|Easy Connect Naming||Advantages:
Disadvantage: Available only in a limited environment, as indicated in the Recommended for column
|Simple TCP/IP networks that meet the criteria listed:
|External Naming||Advantage: Enables administrators to load Oracle net service name into their native name service using tools and utilities with which they are already familiar
Disadvantage: Requires a third-party naming services that cannot be administered using Oracle Net products
|Networks with existing name services.|
This section covers performance considerations. It includes the following topics:
If you anticipate receiving a large number of connection requests for a listening process (such as a listener or Oracle Connection Manager) over TCP/IP, Oracle Net enables you to configure the listening queue to be higher than the system default.
Tuning your application to reduce the number of round trips across the network is the best way to improve your network performance. If this is done, it is also possible to optimize data transfer by adjusting the size of the session data unit (SDU).
The SDU is a buffer that Oracle Net uses to place data into before transmitting it across the network. Oracle Net sends the data in the buffer either when requested or when it is full.
Table 7-3 outlines considerations for modifying the size of the SDU.
Table 7-3 SDU Considerations
|Modify SDU size when:||Do not modify SDU size when:|
Under certain conditions for some applications using TCP/IP, Oracle Net packets may not get flushed immediately to the network. Most often, this behavior occurs when large amounts of data are streamed. The implementation of TCP/IP itself is the reason for the lack of flushing, causing unacceptable delays. To remedy this problem, specify no delays in the buffer flushing process.
See Also:Oracle Net Services Reference Guide for further information about the
Table 7-4 summarizes the features you can deploy.
Table 7-4 Oracle Net Feature Summary
|Connection Pooling||"Enabling Connection Pooling "|
|Session Multiplexing||"Enabling Session Multiplexing"|
|Shared Server||"Configuring Dispatchers "|
|Client Load Balancing||"Configuring Address List Parameters"|
|Connect-Time Failover||"Configuring Address List Parameters"|
|Naming Method Features|
|Directory Naming||"Configuring the Directory Naming Method "|
|Easy Connect Naming||"Using the Easy Connect Naming Method"|
|Local Naming||"Configuring the Local Naming Method"|
|JDBC Drivers||Oracle9i JDBC Developer's Guide and Reference|
|Access Control||"Enabling Access Control" to configure Oracle Connection Manager
"Configuring Database Access Control" to configure access control parameters in sqlnet.ora
|Listener and Database Server Connection Limits||"Configuring the Listener and the Oracle Database To Limit Resource Consumption By Unauthorized Users"|
|Tuning and Performance Features|
|Listener Queue Size||"Starting and Stopping a Listener"|
|SDU Size||"Configuring Session Data Unit"|
|Protocol Conversion||Chapter 11, " Configuring and Administering Oracle Connection Manager"|