DNS configuration For Oracle 11gR2 RAC
I have planned for two node RAC configuration so…
FOR MASTER NODE (in my case it is rac-1)
step 1)Edit vi /var/named/chroot/etc/named.conf
// Enterprise Linux BIND Configuration Tool
//
// Default initial "Caching Only" name server configuration
//// Enterprise Linux BIND Configuration Tool
//
// Default initial "Caching Only" name server configuration
//options {
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
/*
* If there is a firewall between you and nameservers you want
* to talk to, you might need to uncomment the query-source
* directive below. Previous versions of BIND always asked
* questions using port 53, but BIND 8.1 uses an unprivileged
* port by default.
*/
// query-source address * port 53;
//directory "/var/named";
listen-on-v6 { none; };
// allow-query { sayantan-; };
//forwarders { 218.248.240.208 ; 218.248.240.135 ; }; #IP of upstream ISP nameserver(s)
//forward only; #rely completely on our upstream nameservers
//notify no;
max-cache-size unlimited;
recursive-clients 1000;};
logging {
# Log queries to a file limited to a size of 100 MB.
channel query_logging {
file "/var/named/named_querylog"
versions 3 size 100M;
print-time yes; // timestamp log entries
};
category queries {
query_logging;
};# Or log this kind alternatively to syslog.
channel syslog_queries {
syslog user;
severity info;
};
category queries { syslog_queries; };# Log general name server errors to syslog.
channel syslog_errors {
syslog user;
severity error;
};
category default { syslog_errors; };# Don't log lame server messages.
category lame-servers { null; };
};#zone "." IN {
# type hint;
# file "named.root";
#};zone "localdomain." IN {
type master;
file "localdomain.zone";
allow-update { none; };
};zone "localhost." IN {
type master;
file "localhost.zone";
allow-update { none; };
};zone "0.0.127.in-addr.arpa" in {
type master;
file "127.0.0.zone";
};zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa." IN {
type master;
file "named.ip6.local";
allow-update { none; };
};zone "255.in-addr.arpa." IN {
type master;
file "named.broadcast";
allow-update { none; };
};zone "0.in-addr.arpa." IN {
type master;
file "named.zero";
allow-update { none; };
};include "/etc/rndc.key";
# Forward Zone for sayantan-chakraborty domain
zone "sayantan-chakraborty.de" IN {
type master;
file "db.sayantan-chakraborty.de";
allow-transfer { acl_transf; };
};# Reverse Zone for sayantan-chakraborty domain
#zone "1.168.192.in-addr.arpa" IN {
# type master;
# file "192.168.1.zone";
# };acl acl_transf { 192.168.1.3/24; };
acl acl_name { any; };
//acl sayantan-chakraborty { 192.168.1.3/24; 127.0/8; };
//options {//};
step 2)# vi /var/named/chroot/var/named/db.sayantan-chakraborty.de
$ORIGIN .
sayantan-chakraborty.de SOA rac-1.sayantan-chakraborty.de. rac-1.sayantan-chakraborty.de. (
22 ; serial
900 ; refresh (15 minutes)
600 ; retry (10 minutes)
86400 ; expire (1 day)
3600 ; minimum (1 hour)
)
NS rac-1.sayantan-chakraborty.de.
NS rac-2.sayantan-chakraborty.de.
$ORIGIN sayantan-chakraborty.de.
router A 192.168.1.1
rac-1 A 192.168.1.2
rac-2 A 192.168.1.3
rac-1-vip A 192.168.1.25
rac-2-vip A 192.168.1.35
rac-1-priv A 192.168.181.10
rac-2-priv A 192.168.181.20
rac-scan A 192.168.1.31
rac-scan A 192.168.1.23
rac-scan A 192.168.1.45
www IN CNAME rac-1.sayantan-chakraborty.de.
virtual IN CNAME rac-1
mail IN CNAME rac-1@ IN MX 10 mail.sayantan-chakraborty.de.
~
step 3) #vi /var/named/chroot/var/named/127.0.0.zone
$TTL 1W
@ IN SOA localhost. root.localhost. (
42 ; serial (d. adams)
2D ; refresh
4H ; retry
6W ; expiry
1W ) ; minimumIN NS localhost.
1 IN PTR localhost.
step 4) #vi /var/named/chroot/var/named/localhost.zone
$TTL 86400
@ IN SOA @ root (
42 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimumIN NS @
IN A 127.0.0.1
IN AAAA ::1
I did not used reverse lookup to avoid some complexity.
step 5) editing /etc/hosts file
MOS note 264847.1 specifically indicates that the VIP address must be in /etc/hosts and also in DNS.
#vi /etc/hosts
# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1 rac-1.sayantan-chakraborty.de rac-1 localhost.localdomain localhost
::1 localhost6.localdomain6 localhost6192.168.1.1 router.sayantan-chakraborty.de router
192.168.1.2 rac-1.sayantan-chakraborty.de rac-1
192.168.1.3 rac-2.sayantan-chakraborty.de rac-2
192.168.1.25 rac-1-vip.sayantan-chakraborty.de rac-1-vip
192.168.1.35 rac-2-vip.sayantan-chakraborty.de rac-2-vip
192.168.181.10 rac-1-priv.sayantan-chakraborty.de rac-1-priv
192.168.181.20 rac-2-priv.sayantan-chakraborty.de rac-2-priv
192.168.1.31 rac-scan.sayantan-chakraborty.de rac-scan
192.168.1.23 rac-scan.sayantan-chakraborty.de rac-scan
192.168.1.45 rac-scan.sayantan-chakraborty.de rac-scan~
step 6)#vi /etc/resolv.conf
options timeout: 1
options timeout: 1serach rec-1.sayantan-chakraborty.de sayantan-chakraborty.de
search sayantan-chakraborty.de
nameserver 192.168.1.2
nameserver 192.168.1.3
nameserver 192.168.1.1
~
(OPTIONAL iff you have an DHCP enabled router) step 7) # # vi /etc/sysconfig/network-scripts/ifcfg-eth0
# ADMtek NC100 Network Everywhere Fast Ethernet 10/100
DEVICE=eth0
BOOTPROTO=none
HWADDR=00:00:e8:f7:02:b0
ONBOOT=yes
TYPE=Ethernet
USERCTL=no
IPV6INIT=no
PEERDNS=no
NETMASK=255.255.255.0
IPADDR=192.168.1.2
GATEWAY=192.168.1.1
IN 2nd node (in my case it is rac-2):
step 1)Edit #vi /var/named/chroot/etc/named.conf
options {
# The directory statement defines the name server's working directory
directory "/var/named";
# Write dump and statistics file to the log subdirectory. The
# pathenames are relative to the chroot jail.dump-file "/var/log/named_dump.db";
statistics-file "/var/log/named.stats";# The forwarders record contains a list of servers to which queries
# should be forwarded. Enable this line and modify the IP address to
# your provider's name server. Up to three servers may be listed.#forwarders { 192.0.2.1; 192.0.2.2; };
# Enable the next entry to prefer usage of the name server declared in
# the forwarders section.#forward first;
# The listen-on record contains a list of local network interfaces to
# listen on. Optionally the port can be specified. Default is to
# listen on all interfaces found on your system. The default port is
# 53.#listen-on port 53 { 127.0.0.1; };
# The listen-on-v6 record enables or disables listening on IPv6
# interfaces. Allowed values are 'any' and 'none' or a list of
# addresses.listen-on-v6 { none; };
# The next three statements may be needed if a firewall stands between
# the local server and the internet.#query-source address * port 53;
#transfer-source * port 53;
#notify-source * port 53;# The allow-query record contains a list of networks or IP addresses
# to accept and deny queries from. The default is to allow queries
# from all hosts.#allow-query { 127.0.0.1; };
# If notify is set to yes (default), notify messages are sent to other
# name servers when the the zone data is changed. Instead of setting
# a global 'notify' statement in the 'options' section, a separate
# 'notify' can be added to each zone definition.notify no;
};logging {
# Log queries to a file limited to a size of 100 MB.
channel query_logging {
file "/var/named/named_querylog"
versions 3 size 100M;
print-time yes; // timestamp log entries
};
category queries {
query_logging;
};# Or log this kind alternatively to syslog.
channel syslog_queries {
syslog user;
severity info;
};
category queries { syslog_queries; };# Log general name server errors to syslog.
channel syslog_errors {
syslog user;
severity error;
};
category default { syslog_errors; };# Don't log lame server messages.
category lame-servers { null; };
};# The following zone definitions don't need any modification. The first one
# is the definition of the root name servers. The second one defines
# localhost while the third defines the reverse lookup for localhost.#zone "." in {
# type hint;
# file "root.hint";
#};zone "localhost" in {
type master;
file "localhost.zone";
};zone "0.0.127.in-addr.arpa" in {
type master;
file "127.0.0.zone";
};zone "sayantan-chakraborty.de" in {
type slave;
file "db.sayantan-chakraborty.de";
masters { 192.168.1.2; };
};
both zone files should be as same as master node. and db.sayantan-chakraborty must not be created.
Troubleshooting And Checking the configuration
-
For Network configuration:
[root@rac-1 ~]# ifconfig eth1
eth1 Link encap:Ethernet HWaddr 00:26:18:59:EE:49
inet addr:192.168.181.10 Bcast:192.168.181.63 Mask:255.255.255.192
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:3
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
Memory:fe9c0000-fea00000[root@rac-1 ~]# ifconfig eth0
eth0 Link encap:Ethernet HWaddr 00:00:E8:F7:02:B0
inet addr:192.168.1.2 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::200:e8ff:fef7:2b0/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1186 errors:0 dropped:0 overruns:0 frame:0
TX packets:1677 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:660330 (644.8 KiB) TX bytes:287157 (280.4 KiB)
Interrupt:177 Base address:0x8400
Checking DNS configuration
[oracle@rac-1 ~]$ su root
Password:
[root@rac-1 oracle]# nslookup rac1vip
;; connection timed out; no servers could be reached[root@rac-1 oracle]# /sbin/service named restart
Stopping named: [ OK ]
Starting named: [ OK ]
[root@rac-1 oracle]# nslookup rac1vip
Server: 192.168.1.2
Address: 192.168.1.2#53Name: rac1vip.sayantan-chakraborty.de
Address: 192.168.1.25[root@rac-1 oracle]# ls /var/named/chroot/var/named
127.0.0.zone localdomain.zone named.root
127.0.0.zone~ localhost.zone named.zero
192.168.1.zone localhost.zone~ sayantan.chakraborty.zone~
192.168.1.zone~ named.broadcast slave
data named.ip6.local slaves
db.sayantan-chakraborty.de named.local
db.sayantan-chakraborty.de~ named_querylog
[root@rac-1 oracle]# vi /var/named/chroot/var/named/db.sayantan-chakraborty.de
[root@rac-1 oracle]# /sbin/service named restart
Stopping named: . [ OK ]
Starting named: [ OK ]
[root@rac-1 oracle]# vi /etc/hosts
[root@rac-1 oracle]# /sbin/service named stop
Stopping named: [ OK ]
[root@rac-1 oracle]# /sbin/service network stop
Shutting down interface eth0: [ OK ]
Shutting down interface eth1: [ OK ]
Shutting down loopback interface: [ OK ]
Disabling IPv4 packet forwarding: net.ipv4.ip_forward = 0
[ OK ]
[root@rac-1 oracle]# vi /etc/hosts
[root@rac-1 oracle]# vim -r /etc/hosts
[root@rac-1 oracle]# vi /var/named/chroot/var/named/db.sayantan-chakraborty.de
[root@rac-1 oracle]# vi /var/named/chroot/var/named/db.sayantan-chakraborty.de
[root@rac-1 oracle]# vi /etc/hosts
[root@rac-1 oracle]# rm /etc/.hosts.swp
rm: remove regular file `/etc/.hosts.swp'? y
[root@rac-1 oracle]# vi /etc/hosts
[root@rac-1 oracle]# vi /etc/hosts
[root@rac-1 oracle]# /sbin/service network start
Bringing up loopback interface: [ OK ]
Bringing up interface eth0: [ OK ]
Bringing up interface eth1: [ OK ]
[root@rac-1 oracle]# /sbin/service named start
Starting named: [ OK ]
[root@rac-1 oracle]# vi /var/named/chroot/etc/named.conf
[root@rac-1 oracle]# vi /var/named/chroot/etc/named.conf
[root@rac-1 oracle]# vi /var/named/chroot/var/named/db.sayantan-chakraborty.de
[root@rac-1 oracle]# ls /var/named/chroot/var/named/
127.0.0.zone 192.168.1.zone~ db.sayantan-chakraborty.de~ localhost.zone~ named.local named.zero slaves
127.0.0.zone~ data localdomain.zone named.broadcast named_querylog sayantan.chakraborty.zone~
192.168.1.zone db.sayantan-chakraborty.de localhost.zone named.ip6.local named.root slave
[root@rac-1 oracle]#
[root@rac-1 oracle]# nslookup rac-1-vip
Server: 192.168.1.2
Address: 192.168.1.2#53Name: rac-1-vip.sayantan-chakraborty.de
Address: 192.168.1.25[root@rac-1 oracle]# nslookup rac-2-vip
Server: 192.168.1.2
Address: 192.168.1.2#53Name: rac-2-vip.sayantan-chakraborty.de
Address: 192.168.1.35[root@rac-1 oracle]# nslookup rac-scan
Server: 192.168.1.2
Address: 192.168.1.2#53Name: rac-scan.sayantan-chakraborty.de
Address: 192.168.1.23
Name: rac-scan.sayantan-chakraborty.de
Address: 192.168.1.31
Name: rac-scan.sayantan-chakraborty.de
Address: 192.168.1.45[root@rac-1 oracle]# dig rac-1 ns
; <> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5 <> rac-1 ns
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 40000
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0;; QUESTION SECTION:
;rac-1. IN NS;; AUTHORITY SECTION:
. 10800 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2010020800 1800 900 604800 86400;; Query time: 342 msec
;; SERVER: 192.168.1.2#53(192.168.1.2)
;; WHEN: Mon Feb 8 19:53:36 2010
;; MSG SIZE rcvd: 98[root@rac-1 oracle]# dig @rac-1 rac-1.sayantan-chakraborty.de.
; <> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5 <> @rac-1 rac-1.sayantan-chakraborty.de.
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 49181
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 1;; QUESTION SECTION:
;rac-1.sayantan-chakraborty.de. IN A;; ANSWER SECTION:
rac-1.sayantan-chakraborty.de. 3600 IN A 192.168.1.2;; AUTHORITY SECTION:
sayantan-chakraborty.de. 3600 IN NS rac-1.sayantan-chakraborty.de.
sayantan-chakraborty.de. 3600 IN NS rac-2.sayantan-chakraborty.de.;; ADDITIONAL SECTION:
rac-2.sayantan-chakraborty.de. 3600 IN A 192.168.1.3;; Query time: 1 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Mon Feb 8 19:57:02 2010
;; MSG SIZE rcvd: 113[root@rac-1 oracle]#
[root@rac-1 oracle]# ping rac-1
PING rac-1.sayantan-chakraborty.de (127.0.0.1) 56(84) bytes of data.
64 bytes from rac-1.sayantan-chakraborty.de (127.0.0.1): icmp_seq=1 ttl=64 time=0.045 ms
64 bytes from rac-1.sayantan-chakraborty.de (127.0.0.1): icmp_seq=2 ttl=64 time=0.050 ms
64 bytes from rac-1.sayantan-chakraborty.de (127.0.0.1): icmp_seq=3 ttl=64 time=0.047 ms
64 bytes from rac-1.sayantan-chakraborty.de (127.0.0.1): icmp_seq=4 ttl=64 time=0.049 ms
64 bytes from rac-1.sayantan-chakraborty.de (127.0.0.1): icmp_seq=5 ttl=64 time=0.048 ms
64 bytes from rac-1.sayantan-chakraborty.de (127.0.0.1): icmp_seq=6 ttl=64 time=0.048 ms
64 bytes from rac-1.sayantan-chakraborty.de (127.0.0.1): icmp_seq=7 ttl=64 time=0.049 ms[1]+ Stopped ping rac-1
[root@rac-1 oracle]#
But ping to your Virtual ip must fail because OUI will bring up by its own.
[root@rac-1 oracle]# ping rac-1-vip
PING rac-1-vip.sayantan-chakraborty.de (192.168.1.35) 56(84) bytes of data.
From rac-1.sayantan-chakraborty.de (192.168.1.2) icmp_seq=2 Destination Host Unreachable
From rac-1.sayantan-chakraborty.de (192.168.1.2) icmp_seq=3 Destination Host Unreachable
From rac-1.sayantan-chakraborty.de (192.168.1.2) icmp_seq=4 Destination Host Unreachable[2]+ Stopped ping rac-1-vip
[root@rac-1 oracle]#
Most Basic Rule For This Approach :
Assuming you have 2 or more network cards:
1) Be sure Network card is to be used for Public IP
2) Be Sure the IP address assigned to that card (ifconfig eth0)
3) Since VIP must be reserved but not assigned, what is the /etc/hosts entry for the VIP
(cat /etc/hosts)
4) Make sure the VIP is not assigned (ping vip's address MUST fail)5)
for every RAC node, you need to have two ip addresses setup, one is called the public interface, one is called the private interface.
both ip addresses must have a separate ip address and separate subnet.
if you use hostnames instead of ip addresses, the hostnames must be resolvable.6)you also need to setup a third hostname/ip address, which needs to be in the subnet mask of the public ip address.
this ip address may not be the public or private ip address, because the clusterware brings it up itself.
7)You need two ip addresses set in a different subnet mask,
Related Error I Encountered And resolved in My Case:
1)
Cause - None of the locally defined network interfaces has a subnet matching the SCAN VIP subnet. Action - Define a public interface with a subnet matching the SCAN VIP or choose a SCAN VIP with a subnet matching the public interface.
2)
INS:-40910:
INS-40910: Virtual IP: string entered is invalid.
Cause: The Virtual IP did not resolve to an IP address.
Action: Enter a valid VIP that resolves to an IP address.
Reference Links :
RHEL 5 / OEL 5
This DNS configuration has become old.These days its better to use power DNS.
Sayantan Chakraborty'S Blog 
Pingback: Escorts London
Pingback: Cna Certification Exam