11gR2 clients connect to the database using SCANs
If you’ve extended your RAC cluster on a set of new nodes you already know how painful it can be to have to go through the list of your clients and make sure their SQL*Net configuration is up to date. 11gR2 solves this problem using Single Client Access Name (SCAN).
The single client access name (SCAN) is a hostname used to provide service access for clients to the cluster. Because the SCAN is associated with the cluster as a whole, rather than to a particular node, the SCAN makes it possible to add or remove nodes from the cluster without needing to reconfigure clients. It also adds location independence for the databases, so that client configuration does not have to depend on which nodes are running a particular database. Clients can continue to access the cluster in the same way as with previous releases, but Oracle recommends that clients accessing the cluster use the SCAN.
Reference: 1.3.2.2 IP Address Requirements
How is SCAN implemented?
For high availability purposes the SCAN name should be associated with at least three IP addresses using DNS round-robin resolution. If you opt to use Grid Naming Service then GNS can also be used to manage the SCAN name.
SCAN is configured at a cluster level not at the node level, that’s what makes it so flexible — no mater how many nodes your clusters consists of, your clients can continue to use SCAN to access the services of your cluster utilizing all nodes even if you add or delete them:
The SCAN is a virtual IP name, similar to the names used for virtual IP addresses, such as node1-vip. However, unlike a virtual IP, the SCAN is associated with the entire cluster, rather than an individual node, and associated with multiple IP addresses, not just one address.
SCAN works as an independent handler for the entire cluster — it acts on client’s behalf during connection request since it knows all cluster services and it’s available, least loaded nodes:
The SCAN works by being able to resolve to multiple IP addresses reflecting multiple listeners in the cluster handling public client connections. When a client submits a request, the SCAN listener listening on a SCAN IP address and the SCAN port is contracted on a client’s behalf. Because all services on the cluster are registered with the SCAN listener, the SCAN listener replies with the address of the local listener on the least-loaded node where the service is currently being offered. Finally, the client establishes connection to the service through the listener on the node where service is offered. All of these actions take place transparently to the client without any explicit configuration required in the client.
Bottom line – use SCAN – it simplifies cluster management:
Because the SCAN addresses resolve to the cluster, rather than to a node address in the cluster, nodes can be added to or removed from the cluster without affecting the SCAN address configuration.
Reference: D.1.3.5 About the SCAN
Related posts:
October 2nd, 2009 at 4:33 am
Hi,
Is it possible to implement SCAN functionality with using DNS or GNS, I mean over entries in /etc/hosts file ?
If yes, how can we do this ?
Regards
Shine
October 2nd, 2009 at 4:37 am
Sorry for the typo, I mean WITHOUT using DNS or GNS in my last response
October 2nd, 2009 at 10:32 am
For production you will have to use DNS/GNS. If you are just trying to setup a test install then you could simply put ONE scan address into /etc/hosts and make sure your /etc/nsswitch.conf reads “hosts: files dns”. Not sure if it will work but you could try …
November 7th, 2009 at 7:22 pm
If you do not specify the SCAN in DNS, the OUI for grid infrastructure will fail at the end of the installation with:
———————————————-
ERROR:
PRVF-4657 : Name resolution setup check for “vmlinux-cluster-scan” (IP address: 192.168.1.184) failed
ERROR:
PRVF-4664 : Found inconsistent name resolution entries for SCAN name “vmlinux-cluster-scan”
———————————————-
The OUI uses nslookup to validate the SCAN – remember that nslookup is a DNS utility and does not read /etc/hosts so making the change in /etc/nsswitch.conf will have no affect.
As per Metalink Doc ID: 887471.1, you can safely ignore this error and continue with the installation, however, Oracle strongly suggests you configure the SCAN in DNS.
If you want to make it through the grid infrastructure install without receiving the PRVF-4657 / PRVF-4664 failure, perform the following hack before running the OUI on all nodes in the cluster. Note that I am simply defining a single IP address (192.168.1.184) for a scan named vmlinux-cluster-scan and where my DNS server is 24.154.1.34:
———————————————————
mv /usr/bin/nslookup /usr/bin/nslookup.original
cat < /usr/bin/nslookup
#!/bin/bash
HOSTNAME=\${1}
if [[ \$HOSTNAME = "vmlinux-cluster-scan" ]]; then
echo “Server: 24.154.1.34″
echo “Address: 24.154.1.34#53″
echo “Non-authoritative answer:”
echo “Name: vmlinux-cluster-scan”
echo “Address: 192.168.1.184″
else
nslookup.original \$HOSTNAME
fi
EOF
chmod 755 /usr/bin/nslookup
———————————————————
+—————————————————————+
| RUN CLUSTER VERIFICATION UTILITY – PASSED |
+—————————————————————+
[grid@vmlinux1 ~]$ cluvfy comp scan -verbose
Verifying scan
Checking Single Client Access Name (SCAN)…
SCAN VIP name Node Running? ListenerName Port Running?
—————- ———— ———— ———— ———— ————
vmlinux-cluster-scan vmlinux1 true LISTENER 1521 true
Checking name resolution setup for “vmlinux-cluster-scan”…
SCAN Name IP Address Status Comment
———— ———————— ———————— ———-
vmlinux-cluster-scan 192.168.1.184 passed
Verification of SCAN VIP and Listener setup passed
Verification of scan was successful.
March 19th, 2010 at 10:05 pm
Hi,
Our product support 11gR2 DB or higher.in my installation of the product my product installer need DB configuration parameter. i have a 11gR2 RAC setup. when my prod ask for db, i choose the RAC config and next screen it ask “provide RAC db in host1:port1:sid1,host2:port2:sid2″.
Is it the right behavior of the installer or it should as the SCAN parameter ?
plz suggest
March 19th, 2010 at 11:43 pm
@Patra
My suggestion would be to design your installation to use TNS Alias and let the DBA define how your product connects to the database. It will simplify your and DBA’s life. I come across too many products that try to be too clever during installation which results in horrible experience. Let the person doing the installation make these decisions.
-HTH
March 20th, 2010 at 10:01 pm
Thanks MVE,
Our product is a brand new one and its not in Market.its on still development. And as in its document says that it support only 11gR2 or higher DB not less versions.
I need a recommendation , as the product doesn’t support even 11gR1 DB then why should we go the traditional type “host1:port1:sid1,host2:port2:sid2″ for RAC input. Simple we can put in the screen the SCAN name and let the RAC DB handle all. i.e, a single connect string.
March 20th, 2010 at 11:39 pm
@Patra
There’s nothing traditional in what you are trying to do with “host1:port1:sid1,host2:port2:sid2″. It’s just too basic of an approach and will not fit a real production shop setup. I know it would not have a chance in my shop.
Again, let the guy managing the database make the decision of how your product connects to his database. The way you do that is by accepting a TNS alias from him during installation process instead of trying to be too clever and figuring it out on your own.
Not all 11gR2 databases will have SCAN addresses, not all 11gR2 databases will be RAC. The only thing you can pretty much count on 100% is that every production, serious database will have a TNS alias defined for it’s connection and even if it didn’t it’s not too difficult for a DBA to define one.
-HTH
March 21st, 2010 at 1:44 am
Thanks MVE,
i was going “http://www.dbatoolz.com/page/2″. so thought that implementing SCAN will be a good. I will consult with the DBA that whats the production configuration they have ?
Just for my knowledge, i face anther prob that i cant connect the db using SID . but i can connect the db user through service name.
when i connect a user using SID getting an error ora-12514.
I have a 11gr2 grid infrastructure/ RAC db setup. I have done all the required as the installation procedure done. could you please reply where and which entries to be need to modify so that i can access through SID.
As it a basic configuration prob .
March 21st, 2010 at 1:55 am
@Patra
Scan addresses are an optional configuration — you cannot rely on it being available in every shop/database.
The reason you cannot connect using SID but can using SERVICE NAME is because ORACLE will automatically register SERVICE NAME of the database with the LOCAL listener but it doesn’t do that with the SID.
To connect via SID it needs to be defined in the listener.ora file on the database server (look up SID_LIST_LISTENER in the documentation). Here’s an example:
SID_LIST_LISTENER = (SID_LIST = (SID_DESC = (GLOBAL_DBNAME = MYDB.MYDOMAIN.COM) (ORACLE_HOME = /path/to/oracle/home) (SID_NAME = MYSID) ) )-HTH
June 5th, 2010 at 2:57 pm
I want to configure only scan with dns. I do not want to use gns. How many files should i modify for DNS? How many Physical and Public IPs do i need for two nodes cluster? Please help me with the number of IPs to be used and what should I tell my unix administrator about scan setup? I am really confused in this and I wasted my two days in the setup with no success..Please help me..any help is greatly appreciated.
June 29th, 2010 at 1:13 pm
Hi
I am not clear about SCAN IP ADDRESS. I have two node RAC under 10g. I have
Node A: public IP address
Private IP address
vip IP address
Node B Public Ip address
Private ip address
vip ip address
For scan IP address: What three IP addresses I need, because I have to tell my network Admin to create three round robin ip address of what node.Please be specific for the answer.
Thanks
MMC
June 29th, 2010 at 7:52 pm
@Chaudhry M
SCAN name should be associated with at least three IP addresses using DNS round-robin resolution.
So to answer your question — even for a TWO node cluster you should have your NETWORK ADMIN create a round-robin DNS entry for a SCAN name such as “mycluster-scan.domain.com” pointing to 3 unassociated IP addresses. Once you complete 11gR2 CLUSTER install it will auto-magically bind on these IP’s similarly to the way it binds to VIP addresses.
NOTE the following:
-HTH
July 6th, 2010 at 1:28 pm
Hi
Thank You for your response.
Will it be three IP addresses on each node on the same subnet as public network, because I have one b public network on each node. So total 6 ip address for two nodes.
thanks
MMC
July 6th, 2010 at 2:18 pm
@Chaudhry
Think of SCAN addresses this way — they are per CLUSTER not per NODE, so it’s best to forget about the number of nodes you have and instead think of “I have a cluster and it needs 3 SCAN addresses and they should be on the same subnet as my public IPs”.
-HTH
- Vitaliy
July 7th, 2010 at 10:30 am
Hi
Thank You so mush. Now, it is clear to me.
Thanks
MMC