Oracle Connection Manager

Oracle Connection Manager is a proxy server that forwards connection requests to databases or other proxy servers. It operates on the session level. It usually resides on a computer separate from the database server and client computers. Oracle Connection Manager is available for installation with Oracle Database 12c Enterprise Edition. It is a custom installation option on the Client disk.

Oracle connection manager主要有功能：

1. session multiplexing feature: 需要同时开启数据库的share模式

several client processes can connect to one dispatcher by way of a single connection from Oracle Connection Manager. Session multiplexing is beneficial because it maximizes use of the dispatcher process connections.

1. 网络防火墙
2. protocol conversion features: 如ipv4与ipv6转换

Oracle Connection Manager, an Oracle Net Services component, enables multiple client network sessions to be multiplexed, or funneled, through a single network connection to a database.

The session multiplexing feature reduces the demand on resources needed to maintain multiple network sessions between two processes by enabling the server to use fewer network connection endpoints for incoming requests. In this way, the total number of network sessions that a server can handle is increased. One Oracle Connection Manager with multiple gateways enables thousands of concurrent users to connect to a server.

The following are the advantages and disadvantages of session multiplexing. Session multiplexing is recommended for networks where continuous connectivity is required.

Advantages of Session Multiplexing

1. Limits the number of network resources used for each process
2. Supports large client populations
3. Maximizes the number of client/server sessions over a limited number of process connections
4. Optimizes resource utilization
5. Enables identification and monitoring of real users
6. Enables mid-tier applications to support additional services
7. Requires only a single transport for clients with multiple applications
8. Requires only a single network connection for database links

Disadvantage of Session Multiplexing

Clients must connect to Oracle Connection Manager.

Oracle Connection Manager can be configured to grant or deny client access to a particular database service or a computer. By specifying filtering rules, you can allow or restrict specific client access to a server, based on the following criteria:

1. Source host names or IP addresses for clients
2. Destination host names or IP addresses for servers
3. Destination database service names
4. Client use of Oracle Net Services security features

（一）Oracle Connection Manager Architecture

Oracle Connection Manager consists of three components:

1. Oracle connection manager listener(CMON)

The listener receives client connections and evaluates against a set of rules whether to deny or allow access. If it allows access, then the listener forwards a request to a gateway process, selecting the one with the fewest connections.

CMON, the Oracle Connection Manager monitoring process, uses this address to register information about gateway processes with the listener.

1. CMGW (Oracle Connection Manager Gateway)

The CMGW process, in turn, forwards the request to another Oracle Connection Manager or directly to the database server, relaying data until the connection terminates. If a connection to the server already exists, then the gateway multiplexes, or funnels(漏斗), its connections through the existing connection.

1. CMADMIN (Oracle Connection Manager Administration)

CMADMIN monitors the state of the gateway processes and the listener, shutting down or starting up processes as needed. In addition, it registers the location and load of the gateway processes with the listener, and it answers requests from the Oracle Connection Manager Control utility.

In Figure 5-6, the listener screens connection requests. A gateway process registers with the CMADMIN process., and the CMADMIN process registers with the listener. Finally, the listener forwards the connection requests to the gateway process. After receiving the three valid client connections, the gateway process multiplexes them through a single network protocol connection to the database. The fourth connection is denied when it is evaluated against the set of rules.

Complete Architecture用于解决大量连接场景：

Figure 5-7 shows how multiple connections to an Oracle database server are made more scalable with Oracle Connection Manager and a shared server architecture. Oracle Connection Manager is used to offload some of the network I/O of the application web servers, and a shared server is used to serve more concurrent users.

（二）About the cman.ora File

Oracle Connection Manager will not start if the cman.ora file does not exist.

Each Oracle Connection Manager configuration is encapsulated within a single name-value (NV) string, which consists of the preceding components.

One computer can host any number of Oracle Connection Managers, each with its own entry in the cman.ora file. When defining more than one Oracle Connection Manager in the file, you can assign a default by giving only one a fully qualified host name.

你要最少要配置一条rule否则会全部拒绝连接，详细配置方法见《Oracle Connection Manager Parameters》

Example 10-1 Sample cman.ora File

CMAN1=

  (CONFIGURATION=

    (ADDRESS=(PROTOCOL=tcp)(HOST=proxysvr)(PORT=1521))

    (RULE_LIST=

      (RULE=(SRC=192.0.2.32/24)(DST=sales-server)(SRV=*)(ACT=accept)

        (ACTION_LIST=(AUT=on)(MCT=120)(MIT=30)))

      (RULE=(SRC=192.0.2.32)(DST=proxysvr)(SRV=cmon)(ACT=accept)))

    (PARAMETER_LIST=

      (MAX_GATEWAY_PROCESSES=8)

      (MIN_GATEWAY_PROCESSSES=3)))

In the first rule in the example, the following parameters are set:

SRC=192.0.2.32/24 is for client connections. It designates the IP address of the client, or source.

DST=sales-server designates the destination host name. The ACT parameter specifies the action, that is, accept, reject, or drop. The ACTION_LIST parameter sets attributes for a connection if it is accepted, enabling you to override default parameter settings on a connection-by-connection basis.

In the second rule, the following parameters are set:

SRC=192.0.2.32 and DST=proxysvr represent the same server, indicating that Oracle Connection Manager and CMCTL must reside on the same computer.

（三）Configuring Oracle Connection Manager

1. Configure the cman.ora file on the Oracle Connection Manager computer.

The cman.ora file specifies the listening endpoint for the server, access control rules, and Oracle Connection Manager performance parameters.

1. Configuring Clients for Oracle Connection Manager

配置tnsnames.ora指向connection manager

sales=

  (DESCRIPTION=

    (ADDRESS=

      (PROTOCOL=tcp)(HOST=cman-pc)(PORT=1521))

    (CONNECT_DATA=

      (SERVICE_NAME=example.com)))

另外客户端也可以指定路由

sample2=

 (DESCRIPTION=

   (ADDRESS_LIST=

     (SOURCE_ROUTE=yes)        ---用CM时设置为yes

     (ADDRESS=(PROTOCOL=tcp)(HOST=host1)(PORT=1630))      ----CM

     (ADDRESS=(PROTOCOL=tcp)(HOST=host2)(PORT=1521)))     ----LSNR

   (CONNECT_DATA=(SERVICE_NAME=sales.us.example.com)))

1. Configuring the Oracle Database Server for Oracle Connection Manager

配置数据库动态注册到connection manager listener

配置tnsnames.ora

listener_cman=

 (DESCRIPTION=

  (ADDRESS_LIST=

   (ADDRESS=(PROTOCOL=tcp)(HOST=proxyserver1)(PORT=1521))))

配置remote_listener

SQL> Alter system set REMOTE_LISTENER=listener_cman;

SQL> ALTER SYSTEM REGISTER;

1. Enabling Session Multiplexing for Oracle Connection Manager（option）

To enable Oracle Connection Manager to take advantage of session multiplexing, set the DISPATCHERS parameter in the initialization parameter file (init.ora) with the attributes PROTOCOL and MULTIPLEX, similar to the following:

Alter system set DISPATCHERS="(PROTOCOL=tcp)(MULTIPLEX=on)";

这里MULTIPLEX值可为：

If 1, on, yes, true, or both is specified, then multiplexing is enabled for both incoming and outgoing network sessions.

If in is specified, then multiplexing is enabled for incoming network sessions from the client.

If out is specified, then multiplexing is enabled for outgoing network sessions.

If 0, off, no, or false is specified, then multiplexing is disabled for both incoming and outgoing network sessions.

（四）Using Oracle Connection Manager as a Bridge for IPv4 and IPv6

In some database connection environments, a client and database may use different versions of the IP protocol so that complete connectivity does not exist.

需要connection manager同时包含ipv4及ipv6网卡

You can use Oracle Connection Manager as a network bridge between IPv4 and IPv6. To serve as a bridge, Oracle Connection Manager must run on a dual-stack host configured with at least one IPv4 interface and at least one IPv6 interface.

配置cman.ora

(RULE = (SRC = 2001:0db8::203:BAFF:FE0F:C74B/64)

  (DST = SALESL1593)

  (SRV = SALES)

  (ACT = ACCEPT)

  (ACTION_LIST = (AUT=ON)(MOCT=10)(MIT=30)(CONN_STATE=YES))

（五）Using the Oracle Connection Manager Control Utility

见《Oracle Connection Manager Utilitiy cmctl》