| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
 |
 | |||
| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
|
| |||
Home -> Community -> Mailing Lists -> Oracle-L -> Re: physical standby database managed/non-managed
Okay, so there's a host that you can use as a relay between your firewalls.
Could that server be an NFS server? That would provide an easy way to pass logfiles through the firewalls.
If your security people are happy with relaying SSH through this intermediary server, you might also have a chance of using (something like) "stunnel" to relay other traffic such as SQL*Net...
Of course, if you point this out they might just realise that they may as well allow a VPN path between your firewall "islands" -- or worse, decide the "ban" the relay host in the middle because it allows to much latitude to bypass their "security".
Is there anything that you can "suggest to network your security folks
that will let you connect from primary to standby without opening any
security risk"? Sure. It's called a "VPN", a "virtual private
network". Of course,
this subverts the restriction that you cannot pass TCP packets between
servers, but then I can't think of many good "security" reasons for
prohibiting that. (Okay, I *can* think of a few, but they are mostly
weird.)
Sandeep Dubey wrote:
>Hi,
>
>We need to implement physical standby database. Primary and standby
>will be in two separate networks behind their own firewalls. Security
>guys dont allow to ping from one server to other server. I can not
>create sqlnet connection either.
>
>So from primary I ssh to a hop server and from there I ssh to standby.
>Under given situation I assume that I can not set up data guard. Or is
>there any way I can implement data guard? Is any suggestion to network
>security folks that will let me connect from primary to standby
>without opening any security risk?
>
>I have started looking into alternative solution using non-managed
>standby. I created a standby database. I am copying the archived logs
>from primary manually and applying on standby. Standby running behind
>the primary acceptable here. Moving the archived logs will be
>implemented through a perl script that will be called from cronjob.
>In this script I have command "Recover standby database;" After that
>if I do AUTO it applies all archived logs and give ORA-00308 for next
>(not yet there) archived log.
>This is the way it is supposed to be.
>
>Is there any way that standby recover to the last available archived
>log and comes out cleanly? How can I query the last archived log file
>applied on the standby database?
>
>Thanks
>
>Sandeep
>--
>http://www.freelists.org/webpage/oracle-l
>
>
>
>
>
>
-- http://www.freelists.org/webpage/oracle-lReceived on Wed Jan 25 2006 - 20:35:35 CST
 |
 |