Most notes on the Oracle MOS support site suggest disabling the firewall supplied in most Linux distros as managed by the iptables program. I think this is a bit drastic, and results in lazy thinking at best, and an exposed database server subject to all sorts of hacker invasion at worst.<\/p>\n
If you don’t want to understand every nuance of Linux firewalls, but do want to at least not completely disable it, the easiest fix is to add a simple rule to your iptables configuration on each server in the cluster.<\/p>\n
As root:<\/p>\n
\r\nvi \/etc\/sysconfig\/iptables\r\n<\/pre>\nadd the following line before any REJECT rules, changing eth1 to whatever your private interface is<\/p>\n
\r\n-A RH-Firewall-1-INPUT -p udp -i eth1 -j ACCEPT\r\n<\/pre>\nRestart the firewall<\/p>\n
\r\nservice iptables restart\r\niptables -nvL\r\n<\/pre>\nYou should see a line with increasing packet activity for the UDP protocol on your private network interface.<\/p>\n
This leaves all other firewall rules in place, and allows only UDP traffic on the private interface.<\/p>\n","protected":false},"excerpt":{"rendered":"
Most notes on the Oracle MOS support site suggest disabling the firewall supplied in most Linux distros as managed by the iptables program. I think this is a bit drastic, and results in lazy thinking at best, and an exposed…<\/p>\n