13883183259 023-68037655 咨询热线:
当前位置: 主页 > 关于思庄 > 技术分享 >

CMAN: ORA-12529: TNS:connect Request Rejected Based On Curre

CMAN: ORA-12529: TNS:connect Request Rejected Based On Current Filtering Rules (Doc ID 2001767.1)       

In this Document





Oracle Net Services - Version to [Release 11.2 to 12.1]

Information in this document applies to any platform.


Attempting to use a CMAN proxy in an environment with a NAT (Network Address Translator)

Remote client connections are failing with this message:

C:\Users\admn1715>sqlplus system/xxxxxx@MYORCL

SQL*Plus: Release Production on Tue Apr 14 18:26:41 2015

Copyright (c) 1982, 2013, Oracle. All rights reserved.


ORA-12564: TNS:connection refused

Might also return:

TNS-12529: TNS:connect request rejected based on current filtering rules

The CMGW trace shows:

[15-APR-2015 17:56:21:922] nspsend: transport write error

[15-APR-2015 17:56:21:922] nspsend: error exit

[15-APR-2015 17:56:21:922] nscon: error sending NSPTCN packet

[15-APR-2015 17:56:21:922] nserror: entry

[15-APR-2015 17:56:21:922] nserror: nsres: id=3, op=67, ns=12571, ns2=12560; nt[0]=505, nt[1]=110, nt[2]=0; ora[0]=0, ora[1]=0, ora[2]=0

[15-APR-2015 17:56:21:922] nscon: exit (-1)

[15-APR-2015 17:56:21:922] nsdo: nsctxrnk=0

[15-APR-2015 17:56:21:922] nsdo: error exit

[15-APR-2015 17:56:21:922] nsclose: entry


The database server's hostname is not resolvable to the CMAN server.

Tested the following from the CMAN server to the Database server: (FQDN is ok, shortname is not resolvable)

tnsping "(address=(host=DB Hostname here)(port=1521)(protocol=tcp))".

Attempting to contact (address=(host=DB Hostname here)(port=1521)(protocol=tcp))

TNS-12535: TNS:operation timed out

Tnsping issued from CMAN server shows no route to db server using shortname.

Customer reports that FQDN is ok:

This works

tnsping "(address=(host=DB Hostname here.example.com)(port=1521)(protocol=tcp))"<===Fully qualified name is resolvable at CMAN host.

TNS Ping Utility for Linux: Version - Production on 16-APR-2015 19:36:07

Copyright (c) 1997, 2013, Oracle. All rights reserved.

Attempting to contact (address=(host=DB Hostname here.example.com)(port=1521)(protocol=tcp))

OK (0 msec)

Note the previous result.   A timeout is thrown when the tnsping is issued from the CMAN server to the database listener address.

Confirmed that the DB server listener is returning the shortname in the redirect packet:

[15-APR-2015 17:55:18:921] nsc2addr: (DESCRIPTION=(CONNECT_DATA=(SERVICE_NAME=MYORCL.COM)(SERVER=DEDICATED)(CID=(PROGRAM=C:\oracle_local\instantclient-basic-windows.x64-\instantclient_11_2\sqlplus.exe)(HOST=client host)(USER=admin))(INSTANCE_NAME=MYORCL))(address= (host=DB Hostname here) (port=1521)(protocol=tcp))(SOURCE_ROUTE=YES)(HOP_COUNT=1))

[15-APR-2015 17:55:18:921] nttbnd2addr: entry

Note this portion:

(address=(host=DB Hostname here)(port=1521)(protocol=tcp))(SOURCE_ROUTE=YES)(HOP_COUNT=1))


Make the following change to the LOCAL_LISTENER setting so that the HOST field is populated with the FQDN.

Log in to the instance and issue the following so that the HOST field is populated with the FQDN:

alter system set LOCAL_LISTENER="(address=(host=hostname.example.com)(port=1521)(protocol=tcp))" scope=both sid='MYORCL';

Once this is done, issue the CMCTL show services again and confirm that the FQDN is showing up here:

Service "MYORCL.COM" has 1 instance(s).

Instance "MYORCL", status READY, has 1 handler(s) for this service...


  "DEDICATED" established:0 refused:0 state:ready


  (address=(host=hostname.example.com)(port=1521)(protocol=tcp)) <===Now we see FQDN in CMCTL services output.

联系我们 香港奖现场直播结果
香港奖现场直播结果 版权所有© 备案号:渝ICP备12004239号-4

渝公网安备 50010702502184号
