实现Oracle非1521标准端口动态注册

动态注册dynamic registry和静态注册是Oracle实例和监听器之间建立联系的重要方式。从现在趋势看，默认监听器+动态注册已经成为默

动态注册dynamic registry和静态注册是Oracle实例和监听器之间建立联系的重要方式。从现在趋势看，默认监听器+动态注册已经成为默认Oracle标准配置。在一些场景下，处于安全的原因可能需要修改标准监听配置和注册方式。本篇主要介绍如何实现非1521端口进行动态注册方法。

1、默认监听与1521端口

Oracle Net Service核心三个配置文件：listener.ora、tnsnames.ora和sqlnet.ora。其中，listener.ora文件为监听器相关信息的配置文件。关于监听器个性化参数内容，均在该文件中设置。

在默认安装情况下，我们一般在$ORACLE_HOME/network/admin目录中是可以没有listener.ora文件的。

[oracle@aaalife admin]$ ls -l

-rw-r-----. 1 oracle oinstall 332 Aug 7 01:44 tnsnames.ora

此时，Oracle会在1521默认端口，支持一个默认配置文件的监听器程序。并且，该程序支持动态注册功能。

[oracle@aaalife admin]$ lsnrctl start

LSNRCTL for Linux: Version 11.2.0.4.0 - Production on 07-SEP-2015 01:08:10

Copyright (c) 1991, 2013, Oracle. All rights reserved.

Starting /u01/app/oracle/product/11.2.0/dbhome_1/bin/tnslsnr: please wait...

TNSLSNR for Linux: Version 11.2.0.4.0 - Production

Log messages written to /u01/app/oracle/diag/tnslsnr/aaalife/listener/alert/log.xml

Listening on: (DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=localhost)(PORT=1521)))

Connecting to (ADDRESS=(PROTOCOL=tcp)(HOST=)(PORT=1521))

STATUS of the LISTENER

------------------------

Alias LISTENER

Version TNSLSNR for Linux: Version 11.2.0.4.0 - Production

Start Date 07-SEP-2015 01:08:10

Uptime 0 days 0 hr. 0 min. 0 sec

Trace Level off

Security ON: Local OS Authentication

SNMP OFF

--此处没有说明监听器配置文件路径。

Listener Log File /u01/app/oracle/diag/tnslsnr/aaalife/listener/alert/log.xml

Listening Endpoints Summary...

(DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=localhost)(PORT=1521)))

The listener supports no services

The command completed successfully

对注册行为另一端的Oracle实例而言，默认情况下Oracle实例会进行动态注册动作，会向1521端口监听的监听程序进行注册动作。

[oracle@aaalife admin]$ lsnrctl status

LSNRCTL for Linux: Version 11.2.0.4.0 - Production on 07-SEP-2015 01:14:54

Copyright (c) 1991, 2013, Oracle. All rights reserved.

Connecting to (ADDRESS=(PROTOCOL=tcp)(HOST=)(PORT=1521))

STATUS of the LISTENER

------------------------

Alias LISTENER

Version TNSLSNR for Linux: Version 11.2.0.4.0 - Production

Start Date 07-SEP-2015 01:08:10

Uptime 0 days 0 hr. 6 min. 43 sec

Trace Level off

Security ON: Local OS Authentication

SNMP OFF

Listener Log File /u01/app/oracle/diag/tnslsnr/aaalife/listener/alert/log.xml

Listening Endpoints Summary...

(DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=localhost)(PORT=1521)))

Services Summary...

Service "aaadb" has 1 instance(s).

Instance "aaadb", status READY, has 1 handler(s) for this service...

Service "aaadbXDB" has 1 instance(s).

Instance "aaadb", status READY, has 1 handler(s) for this service...

The command completed successfully

2、非默认端口监听器

在一些安全需求场景下，我们会被要求修改监听端口到非1521端口，从而避免被扫描入侵。其实，这对于攻击扫描程序来讲，意义不大，因为一般黑客攻击都会扫描所有端口。

如果我们需要修改端口号，就必须创建专门的listener.ora文件内容来进行配置。下面内容可以配置一个非标准监听器程序。

[oracle@aaalife admin]$ cat listener.ora

# listener.ora Network Configuration File: /u01/app/oracle/product/11.2.0/dbhome_1/network/admin/listener.ora

# Generated by Oracle configuration tools.

MY_LISTENER =

(DESCRIPTION_LIST =

(DESCRIPTION =

(ADDRESS = (PROTOCOL = TCP)(HOST = localhost)(PORT = 1531))

(ADDRESS = (PROTOCOL = IPC)(KEY = EXTPROC1531))

)

)

ADR_BASE_LISTENER = /u01/app/oracle

配置文件中，包括一个1531端口的监听程序。下面查看监听器情况。

[oracle@aaalife admin]$ lsnrctl start

LSNRCTL for Linux: Version 11.2.0.4.0 - Production on 07-SEP-2015 01:27:53

Copyright (c) 1991, 2013, Oracle. All rights reserved.

Starting /u01/app/oracle/product/11.2.0/dbhome_1/bin/tnslsnr: please wait...

TNSLSNR for Linux: Version 11.2.0.4.0 - Production

System parameter file is /u01/app/oracle/product/11.2.0/dbhome_1/network/admin/listener.ora

Log messages written to /u01/app/oracle/diag/tnslsnr/aaalife/listener/alert/log.xml

Listening on: (DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=localhost)(PORT=1521)))

Connecting to (ADDRESS=(PROTOCOL=tcp)(HOST=)(PORT=1521))

STATUS of the LISTENER

------------------------

Alias LISTENER

Version TNSLSNR for Linux: Version 11.2.0.4.0 - Production

Start Date 07-SEP-2015 01:27:53

Uptime 0 days 0 hr. 0 min. 0 sec

Trace Level off

Security ON: Local OS Authentication

SNMP OFF

Listener Parameter File /u01/app/oracle/product/11.2.0/dbhome_1/network/admin/listener.ora

Listener Log File /u01/app/oracle/diag/tnslsnr/aaalife/listener/alert/log.xml

Listening Endpoints Summary...

(DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=localhost)(PORT=1521)))

The listener supports no services

The command completed successfully

默认显示的还有1521端口监听程序。同时，发现其实当前服务器上是由两个监听器运行的。

[oracle@aaalife admin]$ lsnrctl status listener

LSNRCTL for Linux: Version 11.2.0.4.0 - Production on 07-SEP-2015 01:30:13

Copyright (c) 1991, 2013, Oracle. All rights reserved.

Connecting to (ADDRESS=(PROTOCOL=tcp)(HOST=)(PORT=1521))

STATUS of the LISTENER

------------------------

Alias LISTENER

Version TNSLSNR for Linux: Version 11.2.0.4.0 - Production

Start Date 07-SEP-2015 01:27:53

Uptime 0 days 0 hr. 2 min. 19 sec

Trace Level off

Security ON: Local OS Authentication

SNMP OFF

Listener Parameter File /u01/app/oracle/product/11.2.0/dbhome_1/network/admin/listener.ora

Listener Log File /u01/app/oracle/diag/tnslsnr/aaalife/listener/alert/log.xml

Listening Endpoints Summary...

(DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=localhost)(PORT=1521)))

Services Summary...

Service "aaadb" has 1 instance(s).

Instance "aaadb", status READY, has 1 handler(s) for this service...

Service "aaadbXDB" has 1 instance(s).

Instance "aaadb", status READY, has 1 handler(s) for this service...

The command completed successfully

[oracle@aaalife admin]$

[oracle@aaalife admin]$ lsnrctl status my_listener

LSNRCTL for Linux: Version 11.2.0.4.0 - Production on 07-SEP-2015 01:30:29

Copyright (c) 1991, 2013, Oracle. All rights reserved.

Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=localhost)(PORT=1531)))

STATUS of the LISTENER

------------------------

Alias LISTENER

Version TNSLSNR for Linux: Version 11.2.0.4.0 - Production

Start Date 07-SEP-2015 01:17:52

Uptime 0 days 0 hr. 12 min. 37 sec

Trace Level off

Security ON: Local OS Authentication

SNMP OFF

Listener Parameter File /u01/app/oracle/product/11.2.0/dbhome_1/network/admin/listener.ora

Listener Log File /u01/app/oracle/diag/tnslsnr/aaalife/listener/alert/log.xml

Listening Endpoints Summary...

(DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=localhost)(PORT=1531)))

(DESCRIPTION=(ADDRESS=(PROTOCOL=ipc)(KEY=EXTPROC1531)))

The listener supports no services

The command completed successfully

上面信息显示出几个细节：

ü 我们在listener.ora文件中配置了一个自定义监听器my_listener，监听1531端口。但是系统当前默认监听器依然存在，并且可运行，在1521端口。my_listener监听器运行在1531端口；

ü Oracle实例动态注册动作是在1521端口的监听程序上进行的，1531端口并没有被注册；

默认监听器的问题好解决，只要我们只保留一个监听即可。那么，如何让Oracle实例在1531端口进行注册，不在1521端口进行注册呢？

解决的方法就是使用local_listener配置参数。默认情况下，该参数为空。

SQL> show parameter listener;

NAME TYPE VALUE

------------------------------------ ----------- ------------------------------

listener_networks string

local_listener string

remote_listener string

该参数用于明确指定Oracle实例向哪一个监听器上进行注册动作。通常对于非标准端口注册，都需要将注册监听信息修改参数。

SQL> show parameter local

NAME TYPE VALUE

------------------------------------ ----------- ------------------------------