Hot!oracle database connection timed out

Author
kinmun
Gold Member
  • Total Posts : 222
  • Scores: 4
  • Reward points: 0
  • Joined: 2015/03/04 17:56:59
  • Status: offline
2017/03/07 17:42:49 (permalink)
0

oracle database connection timed out

recently we installed a FG300D as 2nd tier firewall.
FortiOS version is 5.4.3.
users start experiencing database connection timed out after leaving their connection idle for some time.
we suspect it could be due to the FG300D.
2nd tier firewall is internal facing.
the error message from Toad is end-of-file on communication channel.
 

Attached Image(s)

#1

3 Replies Related Threads

    Toshi Esumi
    Expert Member
    • Total Posts : 2284
    • Scores: 219
    • Reward points: 0
    • Joined: 2014/11/06 09:56:42
    • Status: offline
    Re: oracle database connection timed out 2017/03/07 19:37:58 (permalink)
    0
    session-ttl (3600sec by default) is likely affecting to oracle connections when users are not generating traffic. I'm not oracle expert but recently dealt with POS system disconnection after we put multiple FGs in place at one of customer networks. You could change the default value which affects to all types of traffic but better adjusting ttl only to the impacted traffic, your case oracle connection(port 1521? You should know better than me). Because the longer FW keeps the sessions, the more memory it would take up. There are multiple ways to do this adjustment. Below KB is one of them and I used for the POS system situation(the second one for 4.0MR1-or-later. Still works with 5.4).
    http://kb.fortinet.com/kb....do?externalId=FD30171
    #2
    Kenundrum
    Gold Member
    • Total Posts : 160
    • Scores: 21
    • Reward points: 0
    • Joined: 2008/05/15 10:25:50
    • Location: Rhode Island, US
    • Status: online
    Re: oracle database connection timed out 2017/03/08 06:17:45 (permalink)
    0
    The answer by Toshi is one part of it- there is also a config change on the oracle side. You need to add the line SQLNET.EXPIRE_TIME to your sqlnet.ora. That parameter sets a time in minutes for the server to check if a client is still connected. this causes a small amount of traffic on port 1521 and keeps the connection alive for the firewall to reset the session TTL. In general, most people set the SQLNET.EXPIRE_TIME = 10 which would do a keepalive (in effect) every 10 minutes. As long as the session-ttl setting on the fortigate is greater than that, you should not have any more oracle timeouts. The oracle setting also has the side effect of purging stale connections that didn't terminate properly which helps when you need to change the online or mount status of the oracle system.

    NSE4
    Some FGT500Es, 500Ds, 60Ds at work
    FWF60E, FWF80CM at home
    #3
    Sunil Panchal_NSE7
    Bronze Member
    • Total Posts : 37
    • Scores: 1
    • Reward points: 0
    • Joined: 2016/03/19 22:18:58
    • Status: offline
    Re: oracle database connection timed out 2020/09/24 06:04:05 (permalink)
    0
    Dear Kenundrum ,
     
    did this issue is revolved by doing these changes
    #4
    Jump to:
    © 2020 APG vNext Commercial Version 5.5