Friday, 20 June 2014

ORA-12543 due to iptables server firewall.

How to diag  ORA-12543
++ Check is ever one is getting the same error if so.

++ then try to connect to the database using sqlplus,We will getting ORA-12543

C:\>sqlplus

SQL*Plus: Release 11.2.0.1.0 Production on Fri Jun 20 09:09:47 2014

Copyright (c) 1982, 2010, Oracle.  All rights reserved.

Enter user-name: Username@
<TNS_Aliase>
 Enter password:
ERROR:
ORA-12543: TNS:destination host unreachable

++ Check tnsping of the tns alias


C:\>tnsping <TNS_Aliase>

TNS Ping Utility for 32-bit Windows: Version 11.2.0.1.0 - Production on 20-JUN-2
014 09:09:36

Copyright (c) 1997, 2010, Oracle.  All rights reserved.

Used parameter files:
c:\app\administrator\product\11.2.0\client_1\network\admin\sqlnet.ora


Used TNSNAMES adapter to resolve the alias
Attempting to contact (DESCRIPTION = (ADDRESS = (PROTOCOL = TCP)(HOST = HOST_NAME_IP)(PORT = PORT)) (CONNECT_DATA = (SERVER = DEDICATED) (SERVICE_NAME = Servicename)))
TNS-12543: TNS:destination host unreachable

C:\>

++ Ping the server ip or host

C:\>ping HOST_NAME_IP

Pinging HOST_NAME_IP with 32 bytes of data:

Reply from HOST_NAME_IP: bytes=32 time<1ms TTL=63
Reply from HOST_NAME_IP: bytes=32 time<1ms TTL=63
Reply from HOST_NAME_IP: bytes=32 time<1ms TTL=63
Reply from HOST_NAME_IP: bytes=32 time<1ms TTL=63

Ping statistics for HOST_NAME_IP:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms

C:\>

++ If ping is working check port is open.

C:\>telnet HOST_NAME_IP PORT
Connecting To HOST_NAME_IP...

So telnet with port of database is not working from the client.
But the same working from database server
 

[root@za-recon-prd-01 ~]# telnet HOST_NAME_IP PORT
Trying HOST_NAME_IP...
Connected to HOST_NAME_IP.
Escape character is '^]'.

 
When checking the server firewall iptables was running.

[root@za-recon-prd-01 ~]# service iptables status
Table: filter
Chain INPUT (policy ACCEPT)
num  target     prot opt source               destination
1    ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED
2    ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0
3    ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0
4    ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0           state NEW udp dpt:137
5    ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0           state NEW udp dpt:138
6    ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:139
7    ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:445
8    ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:22
9    REJECT     all  --  0.0.0.0/0            0.0.0.0/0           reject-with icmp-host-prohibited

Chain FORWARD (policy ACCEPT)
num  target     prot opt source               destination
1    REJECT     all  --  0.0.0.0/0            0.0.0.0/0           reject-with icmp-host-prohibited

Chain OUTPUT (policy ACCEPT)
num  target     prot opt source               destination

[root@za-recon-prd-01 ~]#


Solution:


Stop the iptables

[root@za-recon-prd-01 ~]# service iptables stop
iptables: Flushing firewall rules:                         [  OK  ]
iptables: Setting chains to policy ACCEPT: filter          [  OK  ]
iptables: Unloading modules:                               [  OK  ]
[root@za-recon-prd-01 ~]#

 

++ Now try to connect from the client machine
 

C:\>Telnet <IP> <Port>C:\>Tnsping <TNS Aliase>
C:\>tnsping Accurate_live

TNS Ping Utility for 32-bit Windows: Version 11.2.0.1.0 - Production on 20-JUN-2
014 09:15:42

Copyright (c) 1997, 2010, Oracle.  All rights reserved.

Used parameter files:app\administrator\product\11.2.0\client_1\network\admin\sqlnet.ora


Used TNSNAMES adapter to resolve the alias
Attempting to contact (DESCRIPTION = (ADDRESS = (PROTOCOL = TCP)(HOST = HOST_NAME_IP)(PORT = PORT)) (CONNECT_DATA = (SERVER = DEDICATED) (SERVICE_NAME = ServiceName)))
OK (20 msec)

C:\>
Enter user-name: Username@TNS_Aliase
Enter password:

Connected to:
Oracle Database 11g Enterprise Edition Release 11.2.0.2.0 - 64bit Production
With the Partitioning, OLAP, Data Mining and Real Application Testing options

SQL>  


By now the client can connect to the database server. 

No comments: