Dataguard Configuration under Juniper Firewall

Dear Friends ,
We are using Oracle database 11g with Oracle Ent Linux 5.8. We are using active dataguard in this system . Recently we are deployed firewall both on PRIMARY and STANDBY end . we are using juniper firewall device . After deployment of Juniper Firewall on STANDBY end , we observe that Dataguard replication is not performed , i mean log of the PRIMARY server does not transmitted to the STANDBY end .
Does is there any recommendation using firewall device with DATAGUARD ?
How can I resolve this Dataguard replication problem under the Firewall  ?

The firewall simply placed on  top of  STANDBY database  . nothing is configured in firewall . I mean all ports are open and no rules are applied yet .
Before firewall , redo transmitted successfully but after placing the firewall , it is not working .
It means you agree the firewall is blocking the transmission and it also means that ports are blocked.
On top of what have been said -
Check the connectivity to Standby from Primary as SYSDBA ?
Check the Primary database & Standby database alert log ?
Pradeep

Similar Messages

  • Switch to a juniper firewall

    Hi,
    We have a 3750 as core switch with critical oracle servers ( production & development ) connected to this. The goal is to have these servers behind a firewall, which is to be done by logically routing the traffic towards the device.
    Now, we need to connect the 3750 with two juniper srx firewall physically. The oracle server VLAN will be removed from 3750 and same layer 3 vlan will be created in the juniper firewall. How do i connect the 3750 to the two junipers.
    what configurations will be involved, on a logical basis. I understand this is a cisco forum, but any logical ideas will be helpful.
    Thanks.

    Bleh Juniper lol, any ways I'm assuming you already have the firewalls connected to the 3750.  So in that case why remove the Orcale Server VLAN from 3750 and add it to Juniper? 
    Leave it on the core, add an interface on the Juniper firewall for that VLAN.  Connect that interface to the same VLAN on the 3750 and make the firewall interface IP default gateway on your Oracle servers.
    Note:  I would first test this scenario out like you can pick a completely separate IP scheme and setup a VLAN on 3750 and then setup the interface on the firewall, connect it to the switch and have a test server or computer connect to the same VLAN on the switch with the firewall interface as a gateway.

  • Error: Datasource Configuration under planning

    After Successful configuration of
    1) Foundation Services (Hyperion Shared Services)
    2) Essbase administration services
    3) Essbase Server
    4) Hyperion reporting and analysis
    5) Planning -----> Product options, Register with shared services, configure database, deploy to application server (Appache), Product Instance registration.
    I stuck with Datasource Configuration under planning-
    Steps in details---
    cheked on data source configuration and click next
    check create datasource and click next
    datasource name : essdb (my choice)
    datasource Discription : essbase DB (my choice) click next
    select my instance name : plan (from drop down menu) click next
    Select Database : MS SQL server click next
    Database type: SQL
    Port: 1433 (Default)
    Database Details:
    Product: planning
    database : p2DB (new DB, SQL)
    user: p2user (new user, SQL)
    password: ***
    click next
    Essbase server information:
    Sever : my machine name (neeraj-pc)
    user : planning (created new essbase user, external)
    password : ******
    Click next
    Error:
    at java.awt.Component.processMouseEvent(Unknown Source)
    at javax.swing.JComponent.processMouseEvent(Unknown Source)
    at java.awt.Component.processEvent(Unknown Source)
    at java.awt.Container.processEvent(Unknown Source)
    at java.awt.Component.dispatchEventImpl(Unknown Source)
    at java.awt.Container.dispatchEventImpl(Unknown Source)
    at java.awt.Component.dispatchEvent(Unknown Source)
    at java.awt.LightweightDispatcher.retargetMouseEvent(Unknown Source)
    at java.awt.LightweightDispatcher.processMouseEvent(Unknown Source)
    at java.awt.LightweightDispatcher.dispatchEvent(Unknown Source)
    at java.awt.Container.dispatchEventImpl(Unknown Source)
    at java.awt.Window.dispatchEventImpl(Unknown Source)
    at java.awt.Component.dispatchEvent(Unknown Source)
    at java.awt.EventQueue.dispatchEvent(Unknown Source)
    at java.awt.EventDispatchThread.pumpOneEventForHierarchy(Unknown Source)
    at java.awt.EventDispatchThread.pumpEventsForHierarchy(Unknown Source)
    at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
    at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
    at java.awt.EventDispatchThread.run(Unknown Source)
    Kindly suggest steps to cofg correctly

    details of configtool_err (Hyperion-> Logs--> Config)
    (Dec 05, 2008, 06:03:22 AM), com.hyperion.planning.HspDSRdbPanelManager, ERROR, Relational Database Connection Failed:= :[Hyperion][SQLServer JDBC Driver][SQLServer]Login failed for user 'p2user'.
    (Dec 05, 2008, 06:15:12 AM), com.hyperion.planning.HspDSRdbPanelManager, ERROR, Relational Database Connection Failed:= :[Hyperion][SQLServer JDBC Driver]Error establishing socket to host and port: 220.226.46.164:1433. Reason: Network is unreachable: connect
    (Dec 05, 2008, 10:10:06 AM), com.hyperion.planning.HspDSRdbPanelManager, ERROR, Relational Database Connection Failed:= :[Hyperion][SQLServer JDBC Driver][SQLServer]Login failed for user 'p2user'.
    Regards
    Kumar N

  • Database upgrade in a Dataguard Configuration - Help !

    Hello Everyone,
    I am upgrading our test Oracle 11G RAC/Dataguard Configuration from 11.1.0.6 to patchset 11.1.0.7 and have run into an issue when trying to apply the patchset to one of our standby databases.
    I have upgraded our primary database to 11.1.0.7 with no problems, however when this was done the Dataguard Broker configuration was disabled and redo log apply to our standby databases (all physical) was stopped. I next attempted to upgrade one of our standby databases to 11.1.0.7, whilst DG Broker was disabled. The clusterware (all our databases are part of RAC clusters) and DB Software upgrades were OK, but I was unable to run DBUA successfully (or at all) as it wont run against the standby DB.
    Looking at the process for applying upgrades with Physical Standby databases in place in the Dataguard Concepts manual, it seems as though the recommended process is that I should have upgraded the standby database(s) first rather than the primary database. The two Oracle Consultants that were on site when I upgraded the primary DB, did not seem to be aware of this !
    What now is the easiest (and quickest) way of upgrading the standby db to 11.1.0.7 (preferably without reenabling the DG Broker Configuration). Is it possible to re-instanitate the standby DB from the primary DB?
    Any advice would be much appreciated.
    Thanks,
    Shaun.

    Hi!
    Updating a standby DB must be so easy, but I suppose now you are in troubble because your primary DB is ...0.7 and standby are ...0.6, but in this situaction there isn't any problem. You only need to have same version at Oracle DBs (...0.7) and initiate the recovery process or start DataGuard Broker process (if you have all redo logs since the beggining of update process).
    Chiao!

  • Upgrade of database in Dataguard Configuration

    Hi,
    I have few doubts regarding upgrading of database in in a dataguard configuration. Could someone please help me out.
    - How does upgrade happen in dataguard configuration?
    - Is that we have to install only different OH in both? And once the catupgrade script is run on primary, it will automatically upgrade standby as well?
    - Or is that we have to upgrade both separately? i.e, standby first and then primary or vice versa
    - Can we reduce downtime by breaking the dataguard config. Do a switchover and make secondary as primary and upgrade primary first?
    And once the upgrade is completed in primary, bring it up and later upgrade the standby. And later once the upgrade is completed on standby, synch both primary and standby.
    Please share your ideas and thoughts!
    Thanks!

    First of all, -steps may differ regarding the upgrade versions but- my post with the following link would help you clarify the concept.
    http://emrebaransel.blogspot.com/2009/02/10204-upgrade-with-dataguard.html
    user1982050 wrote:
    Hi,
    I have few doubts regarding upgrading of database in in a dataguard configuration. Could someone please help me out.
    - How does upgrade happen in dataguard configuration?First you patch the Oracle binaries on both primary and standby. Then open dataguard services and upgrade the primary database, standby will update itself already.

  • Third party backup software support for dataguard configurations

    Any Oracle document about the subject?
    I would be interested in an answer about backupexec 2010 r2 in particular, because reading the manual for its oracle agent there is information about Oracle/RMAN and RAC support, but nothing about Dataguard integration, that could be a value added.
    Anyone using third party backup agents in a Dataguard configuration?
    Interested in version 11gR2 on Linux.
    Thanks,
    Gianluca

    yes, you should be able to use the full backup taken in middle and use the rest of the log backups taken afterwards to restore the database.while I do not use TSM, we use QUEST(DELL) LITESPEED, that takes full backup once a day and log backups
    every 15mins.
    if someone accidentally takes full backup in the middle of day with out 'copy only',
    log sequence will break and successive log backups depend on this full back up.
    while this should be prevented from happening in first place, you can still restore from native full backup and then apply log backups taken from third party taken after the  native Full backup.
    if this happens, I would restore the FULLBACKP with NORECOVERY using NATIVE SQL and then use  lite speed syntax to restore the log backups.Remember, native sql cannot read third party formatted backups(atleast litespeed), thats why I restore the full backup
    using native sql, since it was taken with native sql backup and log backups using litespeed syntax.
    Hope it Helps!!
    Thanks, well it was just a theory discussion we had about the issue. But none of us could find info on the internet easy to prove our point :) Thanks.

  • SATA Drives - Opposite Configuration under Windows XP

    I have 2 HDDs - 160GB and 80GB.
    I plug 160GB into SATA 1 and 80GB into SATA 2 on motherboard (MSI 865PE Neo2-PLS).
    In BIOS, 160GB is "Primary IDE" and 80GB is "Secondary IDE".
    I installed Windows XP SP2 in 160GB. 80GB remains plugged in SATA 2.
    In Windows under "Disk Management" (in Control Panel), my 80GB was configured as Disk 0 (marked "Acitve") and 160GB was Disk 1 (even though 160GB contains the XP System files).
    (Q1) How do I re-configure this to 160GB as Disk 0 and 80GB as Disk 1 under Windows?
    (Q2) Are my BIOS settings wrong?
    Thanks!

    Quote
    Originally posted by NovJoe
    Re-install windows with only the 160GB in to force it to be the main system drive.
    I did re-install Windows XP this afternoon with only 160GB plugged in.
    After that, I re-booted with 80GB plugged in.
    Strange, the same problem remains - 80GB still configured under Disk 0 and 160GB under Disk 1.
    Is something wrong with my CMOS settings? I was thinking of resetting my BIOS to standard default settings. Would this harm my Windows XP booting, functioning, etc in any way after Windows installation?
    Thanks NovJoe!!

  • STARTING STANDBY IN DATAGUARD CONFIGURATION

    Hi,
    IN DATAGUARD CONFIGURATION, should we start STANDBY database by :
    1-STARTUP MOUNT
    or
    2-STARTUP
    or
    3-STARTUP MOUNT
    ALTER DATABASE RECOVER MANAGED STANDBY DATABASE DISCONNECT;
    Many thanks before.

    Thank you sybrandb.
    Please always include your version (four digits) and the O/SPROD 10.2.0. on WIN 2003 SERVER
    STANDBY 10.2.0. on WIN XP PRO.
    The correct procedure is (documented)Thank to give the name or number or URL of document. I have already seen :
    Oracle® Data Guard
    Concepts and Administration
    10g Release 2 (10.2)
    B14239-04
    note 374069.1
    note 248382.1
    Regards

  • Multiple Standby Dataguard Configuration

    Hi,
    Sorry if this has been posted before, but I could not find the answer.
    I have a Primary site (PRIM) and one Standby site(STBY1). The standby receives archive log changes from the primary. Also using dataguard to manage the Standby.
    I would like to create another standby (STBY2) and use the current standby (STBY1) to send changes to the other standby (STBY2).
    I've read the section on Cascade Redo Log Destinations in Section D of the Dataguard doc, but it really doesnt show how this is configured.
    I assume that my standby (STBY1) would need a the log_archive_dest_2 set to the service that points to the second standby (STBY2).
    My question is.. Do I need to be using Maximum Availibilty and send redo logs vice archive logs? How do I configure dataguard? Is the second standby (STBY2) another site in the dataguard configuration?
    Thanks,
    Roland

    I'm curious, is there a reason that you wouldn't want PRIM to supply the changes to both STBY1 and STBY2? In the configuration you're describing, if there was a failure on STBY1, you couldn't fail over from PRIM to STBY2...
    Justin
    Distributed Database Consulting, Inc.
    http://www.ddbcinc.com/askDDBC

  • Breaking DataGuard Configuration

    Hi
    We are in process of doing database upgrade in dataguard configuration and we are planning to break the dataguard configuration and we will do the upgrade in standby database then we will do it in primary. My questions here is
    1)I am going to break the Dg configuration like disabling the DGBROKER,unset the archivelog dest,dg_broker_start=false.....so onnn
    2)How to open the standby database in readwrite mode.
    DB VERSION IS 9.2.0.6
    os is WINDOWS-2000
    kk

    Hi Ogan,
    Can i do the following steps to break primary and standby.
    1)DISABLE DATAGUARD BROKER CONFIGURATION
    2)STOP MRP PROCESS ON STANDBY --->ALTER DATABASE RECOVER MANAGED STANDBY DATABASE CANCEL;---->
    3) On the primary disable any archive destinations that are archiving to the standby:
    SQL> select dest_id,destination,status from v$archive_dest where target=’STANDBY’;
    SQL> alter system set log_archive_dest_state_2=defer scope=both;
    4)on standby database mount standby database and issues the below command
    ALTER DATABASE COMMIT TO SWITCHOVER TO PRIMARY;
    if i do like this is it going to work as primary???
    KK

  • Qestion about clear configuration under IOS XR

    Hi, All
    I am currently having issue with clearing configuration under IOS XR. There is no command like write erase or delete start-up configuration.
    I have read some documents for IOS XR, the CFS seems to be the place where the configuration store. So I tried to delete files under disk0:/configure/running and disk0:/configure/lr/running/absref1. But after reboot, the configuration still exists.
    Could anybody help me by telling me the way to clear all the configuration under IOS XR? It is too painful to put no before all the sentences.
    Thank you very much
    Yuyang

    Yuyang,
    In the XR world if you wanted to do the equivalent "write erase" is to do a "commit replace" with a blank config.
    For example, that would erase the config of the router.
    RP/0/RP0/CPU0:crs-c#conf t
    Thu Dec  9 16:41:11.349 EST
    RP/0/RP0/CPU0:crs-c(config)#commit replace
    Thanks,
    Bryan

  • Convert configuration of Juniper to Cisco Firewall

    Can somebody help me to convert the following config of Juniper router to cisco ASA
    set interfaces ge-0/0/0 description xxxxxxxxxxx
    set interfaces ge-0/0/0 vlan-tagging
    set interfaces ge-0/0/0 mtu 4000
    set interfaces ge-0/0/0 no-gratuitous-arp-request
    set interfaces ge-0/0/0 unit 1 arp-resp unrestricted
    set interfaces ge-0/0/0 unit 1 proxy-arp
    set interfaces ge-0/0/0 unit 1 vlan-id 1
    set interfaces ge-0/0/0 unit 1 family inet address X.X.X.X/25
    set interfaces ge-0/0/0 unit 255 vlan-id 255
    set interfaces ge-0/0/0 unit 255 family inet address X.X.X.X/30
    set interfaces ge-0/0/1 description TUNNEL
    set interfaces ge-0/0/1 vlan-tagging
    set interfaces ge-0/0/1 mtu 4000
    set interfaces ge-0/0/1 no-gratuitous-arp-request
    set interfaces ge-0/0/1 unit 1 arp-resp restricted
    set interfaces ge-0/0/1 unit 1 proxy-arp unrestricted
    set interfaces ge-0/0/1 unit 1 vlan-id 1
    set interfaces ge-0/0/1 unit 1 family inet address X.X.X.X/25
    set interfaces ge-0/0/2 description to-xxxxxxxxxx
    set interfaces ge-0/0/2 vlan-tagging
    set interfaces ge-0/0/2 mtu 4000
    set interfaces ge-0/0/2 unit 556 vlan-id 556
    set interfaces ge-0/0/2 unit 556 family inet address X.X.X.X/30
    set interfaces ge-0/0/2 unit 558 vlan-id 558
    set interfaces ge-0/0/2 unit 558 family inet address X.X.X.X/30
    set interfaces vlan unit 1 proxy-arp unrestricted
    set routing-options static route X.X.X.X/32 next-hop X.X.X.X
    set routing-options static route X.X.X.X/32 next-hop X.X.X.X
    set routing-options static route X.X.X.X/32 next-hop X.X.X.X
    set routing-options static route X.X.X.X/32 next-hop X.X.X.X
    set routing-options static route X.X.X.X/32 next-hop X.X.X.X
    set routing-options static route X.X.X.X/30 next-hop X.X.X.X
    set routing-options static route 0.0.0.0/0 next-hop X.X.X.X
    set protocols rip receive both
    set protocols rip group xxxxxx neighbor ge-0/0/0.1
    set policy-options policy-statement RIP-export term a from protocol direct
    set policy-options policy-statement RIP-export term a from protocol rip
    set policy-options policy-statement RIP-export term a then accept

    hello
    what's the mean of the following command and what's the equivalent on cisco 
    unit 1 arp-resp unrestricted
    no-gratuitous-arp-request
    unit 1 proxy-arp
    set interfaces vlan unit 1 proxy-arp unrestricted
    the problem if we activate the proxy arp on asa cisco 5525 X didnt work and i note that the proxy arp is enabled by default
    below all juniper configuration
    set interfaces ge-0/0/0 description Test
    set interfaces ge-0/0/0 vlan-tagging
    set interfaces ge-0/0/0 mtu 4000
    set interfaces ge-0/0/0 no-gratuitous-arp-request
    set interfaces ge-0/0/0 unit 1 arp-resp unrestricted
    set interfaces ge-0/0/0 unit 1 proxy-arp
    set interfaces ge-0/0/0 unit 1 vlan-id 1
    set interfaces ge-0/0/0 unit 1 family inet address 10.10.132.1/25
    set interfaces ge-0/0/0 unit 255 vlan-id 255
    set interfaces ge-0/0/0 unit 255 family inet address 192.168.2.2/30
    set interfaces ge-0/0/1 description Test2
    set interfaces ge-0/0/1 vlan-tagging
    set interfaces ge-0/0/1 mtu 4000
    set interfaces ge-0/0/1 no-gratuitous-arp-request
    set interfaces ge-0/0/1 unit 1 arp-resp restricted
    set interfaces ge-0/0/1 unit 1 proxy-arp unrestricted
    set interfaces ge-0/0/1 unit 1 vlan-id 1
    set interfaces ge-0/0/1 unit 1 family inet address 10.10.132.129/25
    set interfaces ge-0/0/2 description to-BB
    set interfaces ge-0/0/2 vlan-tagging
    set interfaces ge-0/0/2 mtu 4000
    set interfaces ge-0/0/2 unit 556 vlan-id 556
    set interfaces ge-0/0/2 unit 556 family inet address 10.1.6.90/30
    set interfaces ge-0/0/2 unit 558 vlan-id 558
    set interfaces ge-0/0/2 unit 558 family inet address 10.1.6.134/30
    set interfaces vlan unit 1 proxy-arp unrestricted
    set routing-options static route 208.226.76.25/32 next-hop 10.10.132.101
    set routing-options static route 24.201.44.122/32 next-hop 10.10.132.101
    set routing-options static route 216.150.170.90/32 next-hop 10.10.132.101
    set routing-options static route 42.220.13.162/32 next-hop 10.10.132.101
    set routing-options static route 81.247.181.14/32 next-hop 10.10.132.101
    set routing-options static route 10.1.6.128/30 next-hop 10.1.6.89
    set routing-options static route 0.0.0.0/0 next-hop 10.1.6.133
    set protocols rip receive both
    set protocols rip group Group1 neighbor ge-0/0/0.1
    set policy-options policy-statement RIP-export term a from protocol direct
    set policy-options policy-statement RIP-export term a from protocol rip
    set policy-options policy-statement RIP-export term a then accept

  • Not finding IP in Assign Services configuration under ID

    Hi,
    Creating new BPM Scenarion ( BPM Merge -  Merging 2 messages )
    Succesfully created the IP in the IR.
    Now in the ID part.
    1. Assigned the Business Systems.
        Imported/new  Itegration Process (BPM)
    2. Created the Communication Channels for the 3 business systems.
    3. Now selected Tools--> Transfer Integration Scenario from Integration Repository.
    4. Selected the IS and given CS name to create.
    5. Click on Close.  Integration Scenario Configurator window opened.
    6. When Selected " Assign Services" I am not finding the Integration Process assigned to the roles: Senders, IP and Receivers.
    Please help me to find the step how to replicate the IP in the configurator window of Assign Services to Applocation Components.
    Regards,
    Venkat Ramana K.

    Yes,
    Created Integration Scenario with Integration Process assigned in IR.
    ALso created the actions for Senders, IP and Receiver.
    Configured the Integration Scenario with Senders, Integration Process and Receiver.
    Now in ID,
    Assigned Business Sytems, created the CCs
    and imported the IS....by creating CS.
    After inporting IS... The window comes with the Senders, IP and Receivers Actions to configure.
    There I am not finding the IP component under IP...which is supposed to display automatically.
    Regards,
    VEnkat.

  • Oracle Streams - Dataguard Configuration

    Dataguard<------Streams<----Production------> Dataguard
    I'm planning to implement a 4-way System where My Production Database with its own Physical Standby will be streaming(Streams database) to A reporting Database with its own Physical Standby.So,Effectively My production database,Especially it's redo logs will be put under severe load.I would like get some light on the feasibility of such a Setup.What parameters can i Take care of so as to make it a profitable High Availability-High Preformance System?
    Any suggestions and advice will be highly appreciated..

    Remember that Streams check the source DB name of the LCR. Thus the db_name of each standby must be the same as the of the open DB of the remote DB will reject the LCR of the standby when it is activated.
    Also streams, dataguard and crash don't fit so well in respect of streams consistency. At the crach time, some transaction will be lost that would have already been sent by streams, since streams react beneath the second. Thus when you activate the dataguard with its loss of some data, you are going to miss some source transaction, that would have already been replicated. You may end with errors on target site, either being dup val on transaction or OLD value in target do not match new value in LCR.
    You can't avoid 100% this but you can decrease its extend. Use as method the 'LGW asynct' as dataguard destination.
    LOG_ARCHIVE_DEST_2='SERVICE=boston LGWR ASYNC'
    http://download.oracle.com/docs/cd/B19306_01/server.102/b14239/log_transport.htm#i1265762
    This requires to create the standby redo logs on the dataguard DB (and also on the source DB, since it may becomes itself the standby) so that LGWR updates the remote redo as soon as it can ('async' otherwise 'sync' means that the commit on source is done AFTER the commit into the dataguard and you don't want that).
    From my own observation the 'LGWR async nowait' lag usually under 1 sec behind production, which is very good.

  • Resources are not configurable under RMCM and User

    Hi
    I am using UCCX 8 with CUCM. Whatevere Agnet / end user I am making in CUCM its coming to UCCX. But I can not getting them onder RMCM. When I am going uder tools>viewuser and clicking one user and Configuring resources its gives error "Error Occured while reading the resources".
    i have checked my RMCM, Axl, CTI user and seems like every thing is fine. Please give me update on this how can I enable all user under RMCM.
    BR
    Saa

    What is the exact version of UCCX you are running. You could be running into this bug:
    http://cdetsweb-prd.cisco.com/apps/dumpcr?identifier=CSCti26255&parentprogram=QDDTS
    hen creating a new agent on the system, within the User configuration screen, an error is seen when clicking on "configure resource". The message is "Error occured while reading the Resource"
    MADM logs show the following:
    3591: Jul 09 17:29:32.796 EDT %MADM-ADM_CFG-3-ADM_EXCEPTION:Unknown ADM Exception: Exception=com.cisco.app.ApplicationException: Unable to acquire cluster mutex
    3592: Jul 09 17:29:32.796 EDT %MADM-ADM_CFG-3-EXCEPTION:com.cisco.app.ApplicationException: Unable to acquire cluster mutex
    Looking at the Directory Access Synch logs, I see this message repeatedly:
    2010-07-09 17:25:54.111 INFO LRM_1000 CLrmcApiBase::GetActiveLRM: Failed to connect to ldap.
    the permanent fix is to upgrade to 8.0(2) SU3.

Maybe you are looking for