I've several clients that have implemented several security layers. As I just learned from Jared through another information source SQL*Net is not particularly the safest protocol on earth. If it weren't the network boys, probably the DBA should take care of not opening a SQL*Net port.
I agree that port forwarding makes the system more dependent from more stuff that can fail. Alas, these days one has to take care of security. I do not know the exact topography of Sandeeps network. Maybe he has to go through a network that is more public than one would like to have for sending over database stuff. Of course there is the argument that damagement should allow for a dedicated connection. At least, if one wants to protect the data, one should invest some money in a proper configuration. What's the standby database worth when it cannot be reached when it needs to become the primary database? What's the cost of a serious outage or data loss? What is the insurance premium they pay for the building? How does that correlate to the potential damage data-loss incurs to the company? Investing in redundancy is paying an insurance premium.
But now I'm getting way off-topic. The question is: how to connect to systems through a couple of hops and firewalls? Answer: create a tunnel, using ssh or whatever VPN technology available. Proper monitoring, redundant firewalls an proper setup can take care of most problems when a connection disappears and restore it automagically. I wouldn't advocate a MAXIMUM PROTECTION setup in these circumstances. Using the LGWR ASYNC or ARCH option in the log_acrhive_dest parameter value is the best you can get. It seems not to be a problem, because Sandeep is already in the phase of considering unmanaged standby by rsync'ing the archives to the standby.
Sandeep, go to the business or manager or whoevers concern the data availbility is and ask: how much data-loss is acceptable? How much recovery time is acceptable? These questions guide you to the proper requirements for the network connection. It's the business' responsibility to give you the budget for dark fiber between your database servers if needed, or whatever infrastructure you need. You're databases serve data needs for applications and users, and the network guys provide the infrastructure for your database (and applications and users). The 'raison d'etre' of the network is it's plain existence self. There are some guys around who need to learn that when the phone rings, their food is calling. Respect their concern about network security. Do not ask for a solution, but call them on their pride: they are the guys that can solve network problems. You have a network problem, a challenge. Ask them to cooperate in finding a solution for the challenge you are facing. (apologies, ending off-topic again)
Best regards,
Carel-Jan Engel
=== If you think education is expensive, try ignorance. (Derek Bok) ===
On Wed, 2006-01-25 at 15:46 +0000, David Sharples wrote: > the trouble with that is that you are then reliant on middle servers > being up and working all the time. > > I still don't see the reason for this doing in this case apart from > 'network guy said no sqlnet' which is hardly a good reason > > > On 1/25/06, Carel-Jan Engel <cjpengel.dbalert@(protected)> wrote: > > Sandeep, > > ssh allows for port-forwarding, if your network guys didn't > diable this. > I it is possible to create a so-called tunnel through > portforwarding, even > when several hops are involved.
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 TRANSITIONAL//EN"> <HTML> <HEAD> <META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=UTF-8"> <META NAME="GENERATOR" CONTENT="GtkHTML/3.6.1"> </HEAD> <BODY> David, Sandeep,<BR> <BR> I've several clients that have implemented several security layers. <BR> As I just learned from Jared through another information source SQL*Net is not particularly the safest protocol on earth. If it weren't the network boys, probably the DBA should take care of not opening a SQL*Net port.<BR> <BR> I agree that port forwarding makes the system more dependent from more stuff that can fail. Alas, these days one has to take care of security. I do not know the exact topography of Sandeeps network. Maybe he has to go through a network that is more public than one would like to have for sending over database stuff . <BR> Of course there is the argument that damagement should allow for a dedicated connection. At least, if one wants to protect the data, one should invest some money in a proper configuration. What's the standby database worth when it cannot be reached when it needs to become the primary database? What's the cost of a serious outage or data loss? What is the insurance premium they pay for the building? How does that correlate to the potential damage data-loss incurs to the company? Investing in redundancy is paying an insurance premium.<BR> <BR> But now I'm getting way off-topic. The question is: how to connect to systems through a couple of hops and firewalls? Answer: create a tunnel, using ssh or whatever VPN technology available. Proper monitoring, redundant firewalls an proper setup can take care of most problems when a connection disappears and restore it automagically. I wouldn't advocate a MAXIMUM PROTECTION setup in these circumstances. Using the LGWR ASYNC or ARCH option in the log_acrhive _dest parameter value is the best you can get. It seems not to be a problem, because Sandeep is already in the phase of considering unmanaged standby by rsync'ing the archives to the standby. <BR> <BR> Sandeep, go to the business or manager or whoevers concern the data availbility is and ask: how much data-loss is acceptable? How much recovery time is acceptable? These questions guide you to the proper requirements for the network connection. It's the business' responsibility to give you the budget for dark fiber between your database servers if needed, or whatever infrastructure you need. You're databases serve data needs for applications and users, and the network guys provide the infrastructure for your database (and applications and users). The 'raison d'etre' of the network is it's plain existence self. There are some guys around who need to learn that when the phone rings, their food is calling. Respect their concern about network security. Do not ask for a solution, but call them on their pride: they are the guys that can solve network problems. You have a network problem, a challenge. Ask them to cooperate in finding a solution for the challenge you are facing. <BR> (apologies, ending off-topic again)<BR> <BR> <TABLE CELLSPACING="0" CELLPADDING="0" WIDTH="100%"> <TR> <TD> Best regards,<BR> <BR> Carel-Jan Engel<BR> <BR> ===<BR> If you think education is expensive, try ignorance. (Derek Bok)<BR> === </TD> </TR> </TABLE> <BR> On Wed, 2006-01-25 at 15:46 +0000, David Sharples wrote: <BLOCKQUOTE TYPE=CITE> <FONT COLOR="#000000">the trouble with that is that you are then reliant on middle servers being up and working all the time.</FONT> </BLOCKQUOTE> <BLOCKQUOTE TYPE=CITE> <FONT COLOR="#000000"> </FONT> </BLOCKQUOTE> <BLOCKQUOTE TYPE=CITE> <FONT COLOR="#000000">I still don't see the reason for this doing in this case apart from 'network guy said no sqlnet' which is hardly a good reason< /FONT><BR> <BR> <FONT COLOR="#000000"> </FONT> </BLOCKQUOTE> <BLOCKQUOTE TYPE=CITE> <FONT COLOR="#000000">On 1/25/06, </FONT><FONT COLOR="#000000"><B>Carel-Jan Engel</B></FONT><FONT COLOR="#000000"> <<A HREF="mailto:cjpengel.dbalert @(protected)">cjpengel.dbalert@(protected)</A>> wrote: </FONT><BR> <BLOCKQUOTE> <FONT COLOR="#000000">Sandeep,</FONT><BR> <BR> <FONT COLOR="#000000">ssh allows for port-forwarding, if your network guys didn't diable this.</FONT><BR> <FONT COLOR="#000000">I it is possible to create a so-called tunnel through portforwarding, even </FONT><BR> <FONT COLOR="#000000">when several hops are involved.</FONT><BR> </BLOCKQUOTE> </BLOCKQUOTE> <TABLE CELLSPACING="0" CELLPADDING="0" WIDTH="100%"> <TR> <TD> <BR> </TD> </TR> </TABLE> </BODY> </HTML>
