首页 > 其他分享 >问题解决:TNS-12543: TNS:destination host unreachable

问题解决:TNS-12543: TNS:destination host unreachable

时间:2023-05-13 09:45:11浏览次数:49  
标签:TNS destination 1.18 host 192.168 ms oracle bogon 1521

环境:
11.2.0.3 ADG (db11g\db11gadg\db11gcas)

在自己先前克隆后的环境互相tnsping报错。

tnsping 本机ok,tnsping其他机器均报错:

[oracle@db11g ~]$ tnsping jingyu

TNS Ping Utility for Linux: Version 11.2.0.3.0 - Production on 13-MAY-2023 08:09:11

Copyright (c) 1997, 2011, Oracle.  All rights reserved.

Used parameter files:
/u01/app/oracle/product/11.2.0/dbhome_1/network/admin/sqlnet.ora


Used TNSNAMES adapter to resolve the alias
Attempting to contact (DESCRIPTION = (ADDRESS = (PROTOCOL = TCP)(HOST = 192.168.1.18)(PORT = 1521)) (CONNECT_DATA = (SERVER = DEDICATED) (SERVICE_NAME = jingyu)))
OK (0 msec)
[oracle@db11g ~]$ tnsping jyadg

TNS Ping Utility for Linux: Version 11.2.0.3.0 - Production on 13-MAY-2023 08:09:14

Copyright (c) 1997, 2011, Oracle.  All rights reserved.

Used parameter files:
/u01/app/oracle/product/11.2.0/dbhome_1/network/admin/sqlnet.ora


Used TNSNAMES adapter to resolve the alias
Attempting to contact (DESCRIPTION = (ADDRESS = (PROTOCOL = TCP)(HOST = 192.168.1.19)(PORT = 1521)) (CONNECT_DATA = (SERVER = DEDICATED) (SERVICE_NAME = jyadg)))
TNS-12543: TNS:destination host unreachable
[oracle@db11g ~]$ tnsping jycas

TNS Ping Utility for Linux: Version 11.2.0.3.0 - Production on 13-MAY-2023 08:09:17

Copyright (c) 1997, 2011, Oracle.  All rights reserved.

Used parameter files:
/u01/app/oracle/product/11.2.0/dbhome_1/network/admin/sqlnet.ora


Used TNSNAMES adapter to resolve the alias
Attempting to contact (DESCRIPTION = (ADDRESS = (PROTOCOL = TCP)(HOST = 192.168.1.20)(PORT = 1521)) (CONNECT_DATA = (SERVER = DEDICATED) (SERVICE_NAME = jycas)))
TNS-12543: TNS:destination host unreachable

1.检查防火墙和SElinux状态

第一反应就是防火墙或SELinux导致,初步检查发现:防火墙未运行,SELinux也禁用掉。
[root@db11g ~]# service iptables status
Redirecting to /bin/systemctl status iptables.service
Unit iptables.service could not be found.

[root@db11g ~]# getenforce
Permissive
[root@db11g ~]# cat /etc/sysconfig/selinux 

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of three values:
#     targeted - Targeted processes are protected,
#     minimum - Modification of targeted policy. Only selected processes are protected. 
#     mls - Multi Level Security protection.
SELINUXTYPE=targeted 

配置文件tnsnames.ora同步到3个环境,保持一致:

# tnsnames.ora Network Configuration File: /u01/app/oracle/product/11.2.0/dbhome_1/network/admin/tnsnames.ora
# Generated by Oracle configuration tools.

JINGYU =
  (DESCRIPTION =
    (ADDRESS = (PROTOCOL = TCP)(HOST = 192.168.1.18)(PORT = 1521))
    (CONNECT_DATA =
      (SERVER = DEDICATED)
      (SERVICE_NAME = jingyu)
    )
  )

JYADG =
  (DESCRIPTION =
    (ADDRESS = (PROTOCOL = TCP)(HOST = 192.168.1.19)(PORT = 1521))
    (CONNECT_DATA =
      (SERVER = DEDICATED)
      (SERVICE_NAME = jyadg)
    )
  )

JYCAS =
  (DESCRIPTION =
    (ADDRESS = (PROTOCOL = TCP)(HOST = 192.168.1.20)(PORT = 1521))
    (CONNECT_DATA =
      (SERVER = DEDICATED)
      (SERVICE_NAME = jycas)
    )
  )

2.确认克隆的网卡是否正常

主要怀疑克隆是否MAC地址之类做了变化,期望是不一样的MAC,实际也是,在宿主机看arp记录的和目前的都匹配:

[oracle@bogon ~]$ arp -a|grep 1.18
bogon (192.168.1.18) at 52:54:00:6f:92:54 [ether] on br0
[oracle@bogon ~]$ arp -a|grep 1.19
localhost (192.168.1.19) at 52:54:00:d0:49:1b [ether] on br0
[oracle@bogon ~]$ arp -a|grep 1.20
localhost (192.168.1.20) at 52:54:00:71:f1:9a [ether] on br0

可现在就是网络IP可以ping通,但是tnsping说啥不通:

[oracle@bogon ~]$ ping 192.168.1.18
PING 192.168.1.18 (192.168.1.18) 56(84) bytes of data.
64 bytes from 192.168.1.18: icmp_seq=1 ttl=64 time=0.525 ms
64 bytes from 192.168.1.18: icmp_seq=2 ttl=64 time=0.312 ms
^C
--- 192.168.1.18 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1024ms
rtt min/avg/max/mdev = 0.312/0.418/0.525/0.108 ms
[oracle@bogon ~]$ tnsping 192.168.1.18

TNS Ping Utility for Linux: Version 19.0.0.0.0 - Production on 13-MAY-2023 08:39:50

Copyright (c) 1997, 2022, Oracle.  All rights reserved.

Used parameter files:
/u01/app/oracle/product/19.3.0/db_1/network/admin/sqlnet.ora

Used HOSTNAME adapter to resolve the alias
Attempting to contact (DESCRIPTION=(CONNECT_DATA=(SERVICE_NAME=))(ADDRESS=(PROTOCOL=tcp)(HOST=192.168.1.18)(PORT=1521)))
TNS-12543: TNS:destination host unreachable

3.网络层面排查1521端口

以db11g环境为例说明:

[oracle@db11g ~]$ netstat -ano|grep 1521
tcp6       0      0 :::1521                 :::*                    LISTEN      off (0.00/0/0)
unix  2      [ ACC ]     STREAM     LISTENING     26303    /var/tmp/.oracle/sEXTPROC1521

使用telnet工具定位:

[root@bogon ~]# telnet 192.168.1.18 1521
Trying 192.168.1.18...
telnet: connect to address 192.168.1.18: No route to host

而正常的环境(其他可以tnsping的正常虚机)应该类似这样:

[root@bogon ~]# telnet 192.168.1.11 1521
Trying 192.168.1.11...
Connected to 192.168.1.11.
Escape character is '^]'.

看来的确是网络问题了。
说没有路由可达主机,直接traceroute对比看下有何区别:

# 正常的虚机:
[root@bogon ~]# traceroute 192.168.1.11
traceroute to 192.168.1.11 (192.168.1.11), 30 hops max, 60 byte packets
 1  bogon (192.168.1.11)  0.556 ms  0.507 ms  0.486 ms

# 不正常的虚机:
[root@bogon ~]# traceroute 192.168.1.18
traceroute to 192.168.1.18 (192.168.1.18), 30 hops max, 60 byte packets
 1  bogon (192.168.1.18)  0.516 ms !X  0.450 ms !X  0.404 ms !X

[root@bogon ~]# traceroute 192.168.1.19
traceroute to 192.168.1.19 (192.168.1.19), 30 hops max, 60 byte packets
 1  bogon (192.168.1.19)  0.546 ms !X  0.491 ms !X  0.455 ms !X

[root@bogon ~]# traceroute 192.168.1.20
traceroute to 192.168.1.20 (192.168.1.20), 30 hops max, 60 byte packets
 1  localhost (192.168.1.20)  0.730 ms !X  0.680 ms !X  0.648 ms !X

又回到防火墙。。之前检查命令搞错了,来吧,赶紧正常关闭防火墙:

[root@db11g ~]# systemctl status firewalld
● firewalld.service - firewalld - dynamic firewall daemon
   Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled)
   Active: active (running) since Sat 2023-05-13 08:38:13 CST; 23min ago
     Docs: man:firewalld(1)
 Main PID: 850 (firewalld)
   CGroup: /system.slice/firewalld.service
           └─850 /usr/bin/python2 -Es /usr/sbin/firewalld --nofork --nopid

May 13 08:38:12 db11g systemd[1]: Starting firewalld - dynamic firewall dae.....
May 13 08:38:13 db11g systemd[1]: Started firewalld - dynamic firewall daemon.
May 13 08:38:13 db11g firewalld[850]: WARNING: AllowZoneDrifting is enabled...w.
Hint: Some lines were ellipsized, use -l to show in full.
[root@db11g ~]# systemctl stop firewalld

一切恢复正常:

[root@bogon ~]# traceroute 192.168.1.18
traceroute to 192.168.1.18 (192.168.1.18), 30 hops max, 60 byte packets
 1  bogon (192.168.1.18)  0.559 ms  0.497 ms  0.445 ms
[root@bogon ~]# telnet 192.168.1.18 1521
Trying 192.168.1.18...
Connected to 192.168.1.18.
Escape character is '^]'.

[oracle@bogon ~]$ tnsping 192.168.1.18

TNS Ping Utility for Linux: Version 19.0.0.0.0 - Production on 13-MAY-2023 08:59:56

Copyright (c) 1997, 2022, Oracle.  All rights reserved.

Used parameter files:
/u01/app/oracle/product/19.3.0/db_1/network/admin/sqlnet.ora

Used HOSTNAME adapter to resolve the alias
Attempting to contact (DESCRIPTION=(CONNECT_DATA=(SERVICE_NAME=))(ADDRESS=(PROTOCOL=tcp)(HOST=192.168.1.18)(PORT=1521)))
OK (0 msec)

克隆的环境全部都关闭下防火墙,并禁用:

systemctl status firewalld
systemctl stop firewalld
systemctl disable firewalld

一切正常!

这个根因找到后着实有点丢人了,折腾半天居然就是最开始怀疑的防火墙问题,但却因为命令搞错误判了。
记得早些时候这个Linux6查看防火墙的命令在Linux7中执行,重定向是可以变成正确命令的。
再就是应该多查下,如果是类似下面的输出才是没有防火墙运行:

[root@db11g ~]# /sbin/iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         

不过troubleshooting的有意思之处也就在于此,你总不能每次都可以快速解决问题,哪怕是相对简单的问题,也可能因为一个疏忽而走不少弯路,但这个过程是有意思的!

标签:TNS,destination,1.18,host,192.168,ms,oracle,bogon,1521
From: https://www.cnblogs.com/jyzhao/p/17396779.html

相关文章

  • SwitchHosts 一款管理本地 host 文件配置的工具,支持一键切换不同环境配置的 host 文件
    简介Hosts相关的小工具着实不少,大家需求最多的肯定是hosts切换工具了。SwitchHosts!是一款可以方便你管理和一键切换多个hosts方案的免费开源工具,跨平台支持Windows、macOS和Linux系统。软件获取➤https://www.hereitis.cn/articleDetails/1269功能介绍SwitchHos......
  • 自用nginx配置(常见安全配置,http转https,http和https混合请求,解决http host头攻击漏洞)
    自用nginx配置(常见安全配置,http转https,http和https混合请求,解决httphost头攻击漏洞)#usernobody;worker_processes1;#error_loglogs/error.log;#error_loglogs/error.lognotice;#error_loglogs/error.loginfo;#pidlogs/nginx.pid;events{w......
  • 运行Study.Trade模块的Web.Unified.Host
    1、把Web.Host的项目设置为启动项目上一篇文章报错,因为npm功能没有安装,导致Web.Unified.Host的wwwroot下没有libs目录。2、默认是在IISExpress中承载4、修改一下,5、直接点击上面的红框6、浏览器打开了一个网址7、点“高级”8、点“接受风险并继续”控制台程序报错如下VisualStud......
  • oracle 开启tnsping trace、sqlnet trace 、event10257
    在sqlnet.ora文件中加入以下参数:TNSPING.TRACE_LEVEL=SUPPORTTNSPING.TRACE_DIRECTORY=d:\oracle\trace“tnsping”工具的预期用途仅仅是测试OracleNet别名中指定的数据库侦听器是up还是down。“tnsping”工具不打算用作OracleNet性能测量工具B.Sql*nettraceSE......
  • chipyard——DUT/testbench/host
    一,简介chipyard中有两类DUT,一类是无法自启动,必须由主机将测试程序加载到DUT的内存中,并向DUT发信号,表示程序已准备好运行。还有一类可以自启动的DUT,具有bootrom,可自行加载程序。chipyard主机(hostcomputer/outsideworld)与DUT的两种通信方式:使用TetheredSerialInterface(TSI......
  • fatal: unable to access 'https://gitee.com/...': Could not resolve host: gitee.c
    把https模式换成ssh用gitremote-v查看使用的是https还是ssh等$gitremote-v>originhttps://github.com/USERNAME/REPOSITORY.git(fetch)>originhttps://github.com/USERNAME/REPOSITORY.git(push)使用gitremoteset-url命令将远程URL从HTTPS更改为SSH$gitremote......
  • rocky linux:修改hostname(Rocky Linux 9.1)
    一,修改hostname:1,通过hostnamectl命令修改hostname[root@blog~]#more/etc/hostnameblog[root@blog~]#hostnamectlset-hostnameimg[root@blog~]#more/etc/hostnameimg可以看到原本保存在/etc/hostname中的值在用hostnamectl命令处理后发生了变化所以我们也可以......
  • flink Connecting to remote task manager 'localhost/127.0.0.1:44489
    问题:启动集群后,执行任务时失败:Causedby:org.apache.flink.runtime.io.network.partition.consumer.PartitionConnectionException:Connectionforpartition47d4a412246bdbbc3447e1968e07c821#1@04049d45261135a1a8bae9c8f62a1ba4_0a448493b4782967b150582570326227_1_0not......
  • The connection to the server localhost:8080 was refused - did you specify the ri
    遇到如下问题:[root@k8s-node1~]#kubectlgetpodTheconnectiontotheserverlocalhost:8080wasrefused-didyouspecifytherighthostorport?解决方式:cd/etc/kubernetes/查看到有个文件:kubelet.conf(你们的有可能是admin.conf)执行命令echo"exportKUBECONFIG......
  • Git--no matching host key type found. Their offer: ssh-rsa
     解决方法:在用户目录下的.ssh文件夹下新建一个config文件Host*HostKeyAlgorithms+ssh-rsaPubKeyAcceptedKeyTypes +ssh-rsa......