Use the socket_test utility to debug networking and firewall issues for the Compare/Repair feature. If the socket_test utility is successful, there are no network or firewall issues to prevent the source and target from communicating.
This section explains how to use this utility in an environment configured with Network Address Translation (NAT). NAT enables a local-area network (LAN) to use one set of IP addresses for private internal traffic and another set of addresses for public external traffic. NAT acts as a bridge and an interpreter between the two networks, for example a private LAN and the public Internet, or a secure network and an insecure network.
To determine whether your system is using NAT, execute nslookup from the source machine, and then again from the target machines. Use the same host name for all tests. If the results reflect different values, then it is likely that the systems are working in a NAT configured environment.
The socket_test utility is in the util sub-directory of the SharePlex product directory. There are two components: a server component and a client component.
All databases supported on UNIX and Linux
On the source machine, use the following syntax to execute socket_test with the server option to run the server component.
$ proddir/util/socket_test server
The utility displays platform information, the host name, the host IP address and the port number as shown in the following example. The server remains in a waiting state until the socket_test client component (step 2) connects to it.
On the target machine, use the following syntax to execute socket_test with the client option to run the client component. Provide the NAT IP address of the source machine and the port number issued by the socket_test server test in the previous step.
$ proddir/util/socket_test client IP_address
If the test is successful, two things happen:
Connected to client WB(512):ReadWriteCnt = 0, readCnt=0, readBytes=0, writeCnt=0, writeBytes=0 WE:ReadWriteCnt = 1, readCnt=0, totalRBytes=0, writeCnt=1, totalWBytes=512 SE:ReadWriteCnt = 1, readCnt=0, totalRBytes=0, writeCnt=1, totalWBytes=512 Server completed successfully, Thu Mar 9 20:00:07 2006 Program exiting..., Thu Mar 9 20:00:07 2006
If the test is not successful, the utility displays error messages as in the following example, and the socket_test server remains in a waiting state.
socket_test - version: 1.2 SunOS irvlabu01 5.9 Generic_112233-12 sun4u sparc SUNW,Sun-Fire-880 Program executing as client..., Thu Mar 9 20:02:26 2006 SP_SYS_HOST_NAME was not set. client host name: irvlabu01 client IP: 10.1.0.36 Client is try to connect to..... Server Host: 10.1.0.146 Server Port: 57370 Error calling connect in connect_to_server Error 146: Connection refused Error 146 calling connect_to_server CE:ReadWriteCnt = 0, readCnt=0, totalRBytes=0, writeCnt=0, totalWBytes=0 Error in client, Thu Mar 9 20:02:26 2006
If the socket test fails, execute the Ctrl-C command on the source machine to exit out of the socket_test server.
Use the sp-bininfo utility to verify that a new release of SharePlex includes past one-off builds of SharePlex that you received from Support between GA releases.
The output shows the following for each one-off that is installed for your current version of SharePlex:
Figure 2: Sample sp-bininfo output
(6) sp_ocap:
build 171 of SharePlex_Oracle (ONEOFF-CR123456-CR654321-CR789102-oracle110) 8.6.3 for rh-40-amd64 by jdoe
Shareplex shared lib(s):
libspwildcard.so.8.6.3.47
libsporacle.so.8.6.3.47
libsporalog.so.8.6.3.47
libspshareplex.so.8.6.3.47
libspspo.uname.so.8.6.3.47
libspdb.so.8.6.3.47
libspodb.so.8.6.3.47
libspspo.typecheck.so.8.6.3.47
libspcore.so.8.6.3.47
libspext.so.8.6.3.47
libspspo.memory.impl.so.8.6.3.47
libspspo.memory.stub.so.8.6.3.47
libspspo.shim.so.8.6.3.47
libspspymdb.so.8.6.3.47
Not applicable
Linux and Unix
Run the sp-bininfo utility from the util subdirectory of the product directory of your current SharePlex installation.
$ cd path_to_SharePlex_proddir/util
$ ./sp-bininfo
Use the sp_wallet utility to provide the Oracle Wallet password to SharePlex. SharePlex uses the wallet password to access the TDE Master Encryption Key. SharePlex uses the TDE Master Encryption Key to decrypt TDE-protected data in the redo log that must be replicated.
Grant read permission on the Oracle Wallet file to the dba group before using sp_wallet.
Oracle on Unix, Linux, and Windows
To run sp_wallet and manually supply the password
On the source system, start SharePlex from the SharePlex product directory. You are prompted to run sp_wallet.
*** To enable TDE replication, run sp_wallet and provide the wallet password ***
Run sp_wallet.
./sp_wallet [-r port_number]
Important! On Windows, if you installed SharePlex on any port other than the default of 2100, use the -r option to specify the port number. For example, in the following command the port number is 9400:
./sp_wallet -r 9400
wallet password: walletpw
Wallet loaded into SharePlex
To run sp_wallet in auto-open mode
If you are using an auto-open wallet, you can configure SharePlex to open the TDE wallet automatically. This eliminates the need to run sp_wallet manually at SharePlex startup. The syntax is:
./sp_wallet --auto-open [-r port_number]
Important! Using the auto-open wallet feature has additional security considerations. See the Oracle documentation for more information. In addition, do not back up the SharePlex variable-data directory together with the Oracle wallet and the Oracle data files.
To cancel auto-open mode
./sp_wallet --no-auto-open [-r port_number]
To change the TDE master encryption key
If you need to change the TDE Master Encryption Key while a SharePlex configuration is active, take the following steps to ensure that SharePlex continues to replicate the TDE-protected data after the changes.
Run the sp_wallet utility to provide SharePlex with the new TDE Master Encryption Key.
./sp_wallet [-r port_number]
Use the sp_security utility to enable, disable or view the SSL/TLS settings for SharePlex network communication.
IMPORTANT! SSL/TLS must be either enabled with a common network password or disabled on all SharePlex installations.
To enable SSL/TLS
Run “sp_security --setup”, select the SSL/TLS option, and then enter a network password.
% sp_security --setup Security Setup Wizard --------------------- This wizard will walk you through setting up the SharePlex network security. Setup configuration for '/home/shareplex/var110/' and Port 2100 [N]: Y Choose your network security model. Please note the following: * Cop must be down when the security model is changed, or when the network password is changed * The same model must be used among all SharePlex nodes replicating to each other * For security model [1], the same network password must be set on all SharePlex nodes replicating to each other [1] Use basic SSL/TLS connections [2] Use non-SSL/TLS connections (default prior to SharePlex 9.1.3) Security model: 1 Please enter a network password that will be used for authentication among the SharePlex nodes. All SharePlex nodes that replicate data to each other must have the same network password. Network password: Please re-enter the network password Network password: Security settings: Configuration for '/home/shareplex/var110/' and Port 2100: Security model : SSL/TLS Network password : stored for unattended startup SSL key file password : stored for unattended startup SSL key file : key.pem SSL cert file : cert.pem Setup complete!
IMPORTANT! SSL/TLS must be either enabled with a common network password or disabled on all SharePlex installations.
To disable SSL/TLS
Run “sp_security --setup” and select non-SSL/TLS connections.
% sp_security --setup Security Setup Wizard --------------------- This wizard will walk you through setting up the SharePlex network security. Setup configuration for '/home/shareplex/var110/' and Port 2100 [N]: Y Choose your network security model. Please note the following: * Cop must be down when the security model is changed, or when the network password is changed * The same model must be used among all SharePlex nodes replicating to each other * For security model [1], the same network password must be set on all SharePlex nodes replicating to each other [1] Use basic SSL/TLS connections [2] Use non-SSL/TLS connections (default prior to SharePlex 9.1.3) Security model: 2 Security settings: Configuration for '/home/shareplex/var110/' and Port 2100: Security model : Un-encrypted Setup complete!
To view the current SSL/TLS configuration
Run “sp_security --show”.
% sp_security --show Security settings: Configuration for '/home/shareplex/var110/' and Port 210: Security model : Un-encrypted
© 2020 Quest Software Inc. ALL RIGHTS RESERVED. Feedback Terms of Use Privacy