rac环境ip地址说明
[root@db1 ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
172.16.100.19 db1
172.16.100.30 db2
172.16.100.119 db1-vip
172.16.100.130 db2-vip
172.16.100.100 db-scan
100.100.100.19 db1-priv
100.100.100.30 db2-priv
##firewalld配置如下
编辑文件/opt/firewalld.sh
##配置自启动firewalld并启动
systemctl enable firewalld && systemctl start firewalld
##两个主机间全互通(含心跳169.254网段)
firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source address="172.16.100.19" accept'
firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source address="172.16.100.30" accept'
firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source address="172.16.100.119" accept'
firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source address="172.16.100.130" accept'
firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source address="100.100.100.19" accept'
firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source address="100.100.100.30" accept'
firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source address="169.254.20.162" accept'
firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source address="169.254.22.178" accept'
##堡垒机ssh登录数据库主机配置(22端口放行)
firewall-cmd --permanent --add-ric