Oracle 12cR1 RAC Installation Part II - Pre-Requisite steps
Overview
Oracle Real Application Clusters (RAC) is a high-availability solution that allows multiple instances of Oracle Database to run on different servers, accessing a single database. This setup ensures that if one server fails, the database remains accessible through other servers, thus providing both high availability and scalability. Oracle RAC provides a robust solution for enterprises needing high availability and scalability. Proper setup and configuration are crucial for maximizing the benefits of a RAC environment.
Configure Virtual and private IP address
Change IP address for enp0s8 as shown in the screenshot:
Change IP address for enp0s9 as shown in the screenshot:
[root@rac1 ~]# ifconfig enp0s3: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 192.168.29.175 netmask 255.255.255.0 broadcast 192.168.29.255 inet6 fe80::47d0:55a9:8a35:da47 prefixlen 64 scopeid 0x20<link> inet6 2405:201:e005:2105:a643:f37d:e07a:b2e2 prefixlen 64 scopeid 0x0<global> ether 08:00:27:87:4d:a3 txqueuelen 1000 (Ethernet) RX packets 114393 bytes 171006011 (163.0 MiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 26276 bytes 2285734 (2.1 MiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 enp0s8: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 192.168.29.71 netmask 255.255.255.0 broadcast 192.168.29.255 inet6 fe80::c65c:1143:f8c3:2d64 prefixlen 64 scopeid 0x20<link> ether 08:00:27:5f:b8:06 txqueuelen 1000 (Ethernet) RX packets 3 bytes 1240 (1.2 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 83 bytes 12387 (12.0 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 enp0s9: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 192.168.10.1 netmask 255.255.255.0 broadcast 192.168.10.255 inet6 fe80::a4a1:56e5:6ed:76de prefixlen 64 scopeid 0x20<link> ether 08:00:27:5f:c5:3a txqueuelen 1000 (Ethernet) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 119 bytes 18594 (18.1 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536 inet 127.0.0.1 netmask 255.0.0.0 inet6 ::1 prefixlen 128 scopeid 0x10<host> loop txqueuelen 1000 (Local Loopback) RX packets 64 bytes 5088 (4.9 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 64 bytes 5088 (4.9 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 virbr0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500 inet 192.168.122.1 netmask 255.255.255.0 broadcast 192.168.122.255 ether 52:54:00:a4:99:a4 txqueuelen 1000 (Ethernet) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 [root@rac1 ~]#
Edit the /etc/hosts file as shown below:
public (enp0s3 (Auto generated)) - 192.168.29.175 virtual (enp0s8) - 192.168.29.71 virtual (enp0s9) - 192.168.10.1
cat /etc/hosts # Public 192.168.29.175 rac1.bracecoder rac1 192.168.29.176 rac2.bracecoder rac2 # Private 192.168.10.1 rac1-priv.bracecoder rac1-priv 192.168.10.2 rac2-priv.bracecoder rac2-priv # Virtual 192.168.29.71 rac1-vip.bracecoder rac1-vip 192.168.29.72 rac2-vip.bracecoder rac2-vip # SCAN (in production this should be configured in DNS) 192.168.29.91 rac-scan.bracecoder rac-scan 192.168.29.92 rac-scan.bracecoder rac-scan 192.168.29.93 rac-scan.bracecoder rac-scan
Installing dependent packages:
[root@rac1 ~]# yum install -y oracle-database-preinstall-19c
[root@rac1 ~]# yum install gcc*
[root@rac1 ~]# yum install binutils*
[root@rac1 ~]# yum install -y compat-libst*
[root@rac1 ~]# yum install -y oracleasm*
[root@rac1 ~]# cd /tmp
[root@rac1 tmp]# wget https://bracecoder.in/files/packages/oracleasmlib-2.0.17-1.el8.x86_64.rpm
[root@rac1 tmp]# wget https://bracecoder.in/files/packages/oracleasm-support-2.1.12-1.el8.x86_64.rpm
[root@rac1 tmp]# yum localinstall ./oracleasm-support-2.1.12-1.el8.x86_64.rpm ./oracleasmlib-2.0.17-1.el8.x86_64.rpm
[root@rac1 ~]# groupadd asmadmin
[root@rac1 ~]# groupadd asmdba
[root@rac1 ~]# useradd -u 54323 -g oinstall -G asmadmin,asmdba grid
[root@rac1 ~]# passwd oracle
Changing password for user oracle.
New password:
BAD PASSWORD: The password is shorter than 8 characters
Retype new password:
passwd: all authentication tokens updated successfully.
[root@rac1 ~]# passwd grid
Changing password for user grid.
New password:
BAD PASSWORD: The password is shorter than 8 characters
Retype new password:
passwd: all authentication tokens updated successfully.
[root@rac1 ~]# usermod -a -G asmdba oracle
[root@rac1 tmp]# oracleasm configure -i
Configuring the Oracle ASM library driver.
This will configure the on-boot properties of the Oracle ASM library
driver. The following questions will determine whether the driver is
loaded on boot and what permissions it will have. The current values
will be shown in brackets ('[]'). Hitting <ENTER> without typing an
answer will keep that current value. Ctrl-C will abort.
Default user to own the driver interface []: grid
Default group to own the driver interface []: oinstall
Start Oracle ASM library driver on boot (y/n) [n]: y
Scan for Oracle ASM disks on boot (y/n) [y]: y
Writing Oracle ASM library driver configuration: done
[root@rac1 tmp]# oracleasm init
Creating /dev/oracleasm mount point: /dev/oracleasm
Loading module "oracleasm": oracleasm
Configuring "oracleasm" to use device physical block size
Mounting ASMlib driver filesystem: /dev/oracleasm
[root@rac1 tmp]#
[root@rac1 tmp]# oracleasm status
Checking if ASM is loaded: yes
Checking if /dev/oracleasm is mounted: yes
[root@rac1 tmp]#
[root@rac1 ~]# systemctl stop firewalld
[root@rac1 ~]# systemctl disable firewalld
Removed symlink /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@rac1 ~]#
[root@rac2 ~]# systemctl status avahi-daemon
[root@rac2 ~]# systemctl stop avahi-daemon
[root@rac2 ~]# systemctl disable avahi-daemon
[root@rac1 ~]# sestatus
SELinux status: enabled
SELinuxfs mount: /sys/fs/selinux
SELinux root directory: /etc/selinux
Loaded policy name: targeted
Current mode: enforcing
Mode from config file: enforcing
Policy MLS status: enabled
Policy deny_unknown status: allowed
Max kernel policy version: 31
[root@rac1 ~]# vi /etc/sysconfig/selinux
[root@rac1 ~]# vi /etc/sysconfig/selinux
SELINUX=disabled
[root@rac1 ~]# init 6
[root@rac1 ~]# sestatus
SELinux status: disabled
[root@rac1 ~]#
mkdir -p /u01/app/oracle/product
chown -R oracle:oinstall /u01
chmod -R 775 /u01
mkdir -p /u01/app/grid
mkdir -p /u01/app/12.1.0/grid
chown -R grid:oinstall /u01/app/grid
chown -R grid:oinstall /u01/app/12.1.0/grid
chmod -R 775 /u01
Shut down machine
create 3 disks for ASM
Disk Size Used for which ASM Disk Group? DISK1 10 GB OCR DISK2 15 GB DATA DISK3 15 GB FRA
Follow steps for create disks:
Create remaining 2 disks as same procedure. Makesure 3 disk are shareable:
Now clone the machine. Follow below screenshots:
Add newly created 3 disks to each machine.
Start rac2 machine and change the Private and virtual IP addresses.
public (enp0s3 (Auto generated)) - 192.168.29.180 virtual (enp0s8) - 192.168.1.72 virtual (enp0s9) - 192.168.10.2
[root@rac1 ~]# ifconfig
enp0s3: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.29.180 netmask 255.255.255.0 broadcast 192.168.29.255
inet6 fe80::47d0:55a9:8a35:da47 prefixlen 64 scopeid 0x20<link>
inet6 2405:201:e005:2105:a643:f37d:e07a:b2e2 prefixlen 64 scopeid 0x0<global>
ether 08:00:27:69:68:45 txqueuelen 1000 (Ethernet)
RX packets 748 bytes 282727 (276.1 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 559 bytes 66231 (64.6 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
enp0s8: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.29.72 netmask 255.255.255.0 broadcast 192.168.29.255
inet6 fe80::c65c:1143:f8c3:2d64 prefixlen 64 scopeid 0x20<link>
ether 08:00:27:06:9d:28 txqueuelen 1000 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 108 bytes 15983 (15.6 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
enp0s9: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.10.2 netmask 255.255.255.0 broadcast 192.168.10.255
inet6 fe80::a4a1:56e5:6ed:76de prefixlen 64 scopeid 0x20<link>
ether 08:00:27:4c:66:92 txqueuelen 1000 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 105 bytes 15725 (15.3 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 192 bytes 15264 (14.9 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 192 bytes 15264 (14.9 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
virbr0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 192.168.122.1 netmask 255.255.255.0 broadcast 192.168.122.255
ether 52:54:00:a4:99:a4 txqueuelen 1000 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root@rac1 ~]#
[root@rac1 ~]# cat /etc/hosts 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 # Public 192.168.29.175 rac1.bracecoder rac1 192.168.29.179 rac2.bracecoder rac2 # Private 192.168.10.1 rac1-priv.bracecoder rac1-priv 192.168.10.2 rac2-priv.bracecoder rac2-priv # Virtual 192.168.29.71 rac1-vip.bracecoder rac1-vip 192.168.29.72 rac2-vip.bracecoder rac2-vip # SCAN (in production this should be configured in DNS) 192.168.29.91 rac-scan.bracecoder rac-scan 192.168.29.92 rac-scan.bracecoder rac-scan 192.168.29.93 rac-scan.bracecoder rac-scan [root@rac1 ~]# [root@rac1 ~]# hostnamectl set-hostname rac2.bracecoder [root@rac1 ~]# cat /etc/hostname rac2.bracecoder [root@rac1 ~]# init 0
Start both machine. Mount ASM disks on machine 1 as below steps. It will sync automatically on machine 2
[root@rac1 ~]# ls /dev/sd* /dev/sda /dev/sda1 /dev/sda2 /dev/sdb /dev/sdc /dev/sdd [root@rac1 ~]# fdisk /dev/sdb Welcome to fdisk (util-linux 2.23.2). Changes will remain in memory only, until you decide to write them. Be careful before using the write command. Device does not contain a recognized partition table Building a new DOS disklabel with disk identifier 0x268cd046. Command (m for help): n Partition type: p primary (0 primary, 0 extended, 4 free) e extended Select (default p): Using default response p Partition number (1-4, default 1): First sector (2048-20971519, default 2048): Using default value 2048 Last sector, +sectors or +size{K,M,G} (2048-20971519, default 20971519): Using default value 20971519 Partition 1 of type Linux and of size 10 GiB is set Command (m for help): w The partition table has been altered! Calling ioctl() to re-read partition table. Syncing disks. [root@rac1 ~]# fdisk /dev/sdc Welcome to fdisk (util-linux 2.23.2). Changes will remain in memory only, until you decide to write them. Be careful before using the write command. Device does not contain a recognized partition table Building a new DOS disklabel with disk identifier 0x89013279. Command (m for help): n Partition type: p primary (0 primary, 0 extended, 4 free) e extended Select (default p): Using default response p Partition number (1-4, default 1): First sector (2048-31457279, default 2048): Using default value 2048 Last sector, +sectors or +size{K,M,G} (2048-31457279, default 31457279): Using default value 31457279 Partition 1 of type Linux and of size 15 GiB is set Command (m for help): w The partition table has been altered! Calling ioctl() to re-read partition table. Syncing disks. [root@rac1 ~]# fdisk /dev/sdd Welcome to fdisk (util-linux 2.23.2). Changes will remain in memory only, until you decide to write them. Be careful before using the write command. Device does not contain a recognized partition table Building a new DOS disklabel with disk identifier 0x39375d5d. Command (m for help): n Partition type: p primary (0 primary, 0 extended, 4 free) e extended Select (default p): Using default response p Partition number (1-4, default 1): First sector (2048-31457279, default 2048): Using default value 2048 Last sector, +sectors or +size{K,M,G} (2048-31457279, default 31457279): Using default value 31457279 Partition 1 of type Linux and of size 15 GiB is set Command (m for help): w The partition table has been altered! Calling ioctl() to re-read partition table. Syncing disks. [root@rac1 ~]# lsblk NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT sdd 8:48 0 15G 0 disk └─sdd1 8:49 0 15G 0 part sdb 8:16 0 10G 0 disk └─sdb1 8:17 0 10G 0 part sr0 11:0 1 1024M 0 rom sdc 8:32 0 15G 0 disk └─sdc1 8:33 0 15G 0 part sda 8:0 0 100.7G 0 disk ├─sda2 8:2 0 99.7G 0 part │ ├─ol-swap 252:1 0 3.9G 0 lvm [SWAP] │ ├─ol-home 252:2 0 45.8G 0 lvm /home │ └─ol-root 252:0 0 50G 0 lvm / └─sda1 8:1 0 1G 0 part /boot [root@rac1 ~]# [root@rac1 ~]# oracleasm createdisk DISK1 /dev/sdb1 Writing disk header: done Instantiating disk: done [root@rac1 ~]# oracleasm createdisk DISK2 /dev/sdc1 Writing disk header: done Instantiating disk: done [root@rac1 ~]# oracleasm createdisk DISK3 /dev/sdd1 Writing disk header: done Instantiating disk: done [root@rac1 ~]# oracleasm scandisks Reloading disk partitions: done Cleaning any stale ASM disks... Scanning system for ASM disks... [root@rac1 ~]# oracleasm listdisks DISK1 DISK2 DISK3 [root@rac1 ~]# [root@rac2 ~]# oracleasm scandisks Reloading disk partitions: done Cleaning any stale ASM disks... Scanning system for ASM disks... Instantiating disk "DISK1" Instantiating disk "DISK2" Instantiating disk "DISK3" [root@rac2 ~]# oracleasm listdisks DISK1 DISK2 DISK3 [root@rac2 ~]#
Follow below steps for configure Environment variables on oracle account.. In the .bash_profile file of the oracle account in rac2, change the value assigned to ORACLE_SID from orcl1 to orcl2.
RAC1 and RAC2 both apply [oracle@rac1 ~]$ mv ~/.bash_profile ~/.bash_profile_bk [oracle@rac1 ~]$ vi ~/.bash_profile # .bash_profile if [ -f ~/.bashrc ]; then . ~/.bashrc fi ORACLE_SID=orcl1; export ORACLE_SID ORACLE_BASE=/u01/app/oracle; export ORACLE_BASE ORACLE_HOME=$ORACLE_BASE/product/12.1.0/db_1; export ORACLE_HOME ORACLE_TERM=xterm; export ORACLE_TERM NLS_DATE_FORMAT="DD-MON-YYYY HH24:MI:SS"; export NLS_DATE_FORMAT TNS_ADMIN=$ORACLE_HOME/network/admin; export TNS_ADMIN PATH=.:${PATH}:$ORACLE_HOME/bin PATH=${PATH}:/usr/bin:/bin:/usr/local/bin export PATH LD_LIBRARY_PATH=$ORACLE_HOME/lib LD_LIBRARY_PATH=${LD_LIBRARY_PATH}:$ORACLE_HOME/oracm/lib LD_LIBRARY_PATH=${LD_LIBRARY_PATH}:/lib:/usr/lib:/usr/local/lib export LD_LIBRARY_PATH THREADS_FLAG=native; export THREADS_FLAG export TEMP=/tmp export TMPDIR=/tmp export EDITOR=vi umask 022 # .bash_profile if [ -f ~/.bashrc ]; then . ~/.bashrc fi ORACLE_SID=orcl2; export ORACLE_SID ORACLE_BASE=/u01/app/oracle; export ORACLE_BASE ORACLE_HOME=$ORACLE_BASE/product/12.1.0/db_1; export ORACLE_HOME ORACLE_TERM=xterm; export ORACLE_TERM NLS_DATE_FORMAT="DD-MON-YYYY HH24:MI:SS"; export NLS_DATE_FORMAT TNS_ADMIN=$ORACLE_HOME/network/admin; export TNS_ADMIN PATH=.:${PATH}:$ORACLE_HOME/bin PATH=${PATH}:/usr/bin:/bin:/usr/local/bin export PATH LD_LIBRARY_PATH=$ORACLE_HOME/lib LD_LIBRARY_PATH=${LD_LIBRARY_PATH}:$ORACLE_HOME/oracm/lib LD_LIBRARY_PATH=${LD_LIBRARY_PATH}:/lib:/usr/lib:/usr/local/lib export LD_LIBRARY_PATH THREADS_FLAG=native; export THREADS_FLAG export TEMP=/tmp export TMPDIR=/tmp export EDITOR=vi umask 022 [root@rac2 ~]# sudo su - grid [grid@rac2 ~]$ mv ~/.bash_profile ~/.bash_profile_bk [grid@rac2 ~]$ vi ~/.bash_profile [grid@rac2 ~]$
Follow below steps for configure Environment variables on grid account.. In .bash_profile file of the grid account in rac2, change the value assigned to ORACLE_SID from +ASM1 to +ASM2.
# .bash_profile # OS User: grid if [ -f ~/.bashrc ]; then . ~/.bashrc fi ORACLE_SID=+ASM1; export ORACLE_SID ORACLE_BASE=/u01/app/grid; export ORACLE_BASE # it must not be under the ORACLE_BASE ORACLE_HOME=/u01/app/12.1.0/grid; export ORACLE_HOME ORACLE_TERM=xterm; export ORACLE_TERM TNS_ADMIN=$ORACLE_HOME/network/admin; export TNS_ADMIN PATH=.:${PATH}:$ORACLE_HOME/bin PATH=${PATH}:/usr/bin:/bin:/usr/local/bin export PATH export TEMP=/tmp export TMPDIR=/tmp umask 022 # .bash_profile # OS User: grid if [ -f ~/.bashrc ]; then . ~/.bashrc fi ORACLE_SID=+ASM2; export ORACLE_SID ORACLE_BASE=/u01/app/grid; export ORACLE_BASE # it must not be under the ORACLE_BASE ORACLE_HOME=/u01/app/12.1.0/grid; export ORACLE_HOME ORACLE_TERM=xterm; export ORACLE_TERM TNS_ADMIN=$ORACLE_HOME/network/admin; export TNS_ADMIN PATH=.:${PATH}:$ORACLE_HOME/bin PATH=${PATH}:/usr/bin:/bin:/usr/local/bin export PATH export TEMP=/tmp export TMPDIR=/tmp umask 022
Set limit values for database.
[root@rac1 limits.d]# mv /etc/security/limits.d/oracle-database-preinstall-19c.conf /etc/security/limits.d/oracle-database-preinstall-19c.conf.bak [root@rac1 limits.d]# ls -lrt total 4 -rw-r--r--. 1 root root 1205 Jul 27 22:50 oracle-database-preinstall-19c.conf.bak [root@rac1 limits.d]# vi /etc/security/limits.d/oracle-database-preinstall-19c.conf [root@rac1 limits.d]# # oracle-rdbms-server-12cR1-preinstall setting for nofile soft limit is 1024 oracle soft nofile 1024 grid soft nofile 1024 # oracle-rdbms-server-12cR1-preinstall setting for nofile hard limit is 65536 oracle hard nofile 65536 grid hard nofile 65536 # oracle-rdbms-server-12cR1-preinstall setting for nproc soft limit is 16384 # refer orabug15971421 for more info. oracle soft nproc 16384 grid soft nproc 16384 # oracle-rdbms-server-12cR1-preinstall setting for nproc hard limit is 16384 oracle hard nproc 16384 grid hard nproc 16384 # oracle-rdbms-server-12cR1-preinstall setting for stack soft limit is 10240KB oracle soft stack 10240 grid soft stack 10240 # oracle-rdbms-server-12cR1-preinstall setting for stack hard limit is 32768KB oracle hard stack 32768 grid hard stack 32768 # oracle-rdbms-server-11gR2-preinstall setting for memlock hard limit is maximum of {128GB (x86_64) / 3GB (x86) or 90 % of RAM} oracle hard memlock 134217728 grid hard memlock 134217728 # oracle-rdbms-server-11gR2-preinstall setting for memlock soft limit is maximum of {128GB (x86_64) / 3GB (x86) or 90% of RAM} oracle soft memlock 134217728 grid soft memlock 134217728In rac1 and rac2, set the number of processes a user can create to 2048
vi /etc/security/limits.d/90-nproc.conf * soft nproc 2048
SSH Passwordless login
[root@rac2 ~]# yum install openssh-server openssh-clients [root@rac2 ~]# yum makecache [root@rac2 ~]# yum install bind bind-utils -y
open all users(root,grid,oracle) on both rac1 and rac2. Execute follow commands
[root@rac1 ~]# ssh-keygen -t rsa
Open id_rsa.pub file and copy all users under the id_rsa.pub file output texts and save it as a file name called authorized_keys. Do it for all users under rac1 and rac2.
[root@rac1 ~]# cd .ssh/ [root@rac1 .ssh]# ls -lrth total 8.0K -rw-r--r-- 1 root root 402 Aug 1 16:33 id_rsa.pub -rw------- 1 root root 1.7K Aug 1 16:33 id_rsa [root@rac1 .ssh]#
[grid@rac2 ~]$ cat .ssh/authorized_keys ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCdeEWaoIVrxUEvyr8Rqoi4xpmVbtr5YNSUrORg8Lazp1DncOns9RZyn7Q9HcpY2TydjUe+oz+9vePcSvpU5ksq6AG9DTNMffoOw0SPzuHrcTnNRgPky+diVBGMHx1ua2bPu4g6EPCU6PNTTrcTuwG+lnrRv6WsAmY6kcjCaXpN/6CA2ga5mNRtWy5JPUcArCn6u9ouAdJIVVBYm1tEPJNxH9eFdcqA8BWFuZzhD+DF0ebveOhvVZv7G8/Iab970E873GvVg4NWi/IYbZOhDKHEC5Cf/ZK0NHTY53Et9fTDuWFd0+2AwfWmhvcOWjh/Z0mHOyxZgAHKDe7vOlPHK7aj root@rac1.bracecoder ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC/337gSVIsBqJP5dMwWOo6LIesk1mkU5A1Sy3Xq0cGN0d3nC+wf9MC/iKDi/NZsPaQK8vBFNuBJ1G7jIQTyNgCsYvWoElom55jvJc/6Kew8WD9w/v82+/EK8vilWJwK7ryMngxxaHOQLxbfdYmFsgmh3TdzdVWrMwQB0e2IWkPJYWLgD9Ht632gcAI47RAgRmBkwkHkISWMHx9IC97+PQ1mtFi0f02WgiWb00er9JETrhXdHR8lErUkt1X8iHhcc8XGgC4SHhRLqlgiNNvlum4mRAchhAfFiWdi0Fol7MIDxjPK7RouDYeWuSEMyLrEyi7nFwhbBansCqjpn8fgxcF root@rac2.bracecoder ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDLBtn2+a5zaZt8kdqFYowyPwTIX5G9ez/GLPRxq9gkG/yI1fAeED/sp4fjCmP8kspYmZvlCu1VG6KbSqV2gGG/DCQgeWGWXoreYL42Fg5L8eyNeUVOkEEh/YDvWzha4djuanYFoVfPCwuY8/jrng5njMDnX5NwNHDJpRZZld4N/L7Xz21I1ad5sSuxnMFqEY610FgIimiCeWdIc/TdAdQk2uQgFmwgTU4OaDUv8eyP5WpHWuR5c4no2PfABfJwGG66Komj2TWm3+f5mpUtmV3xEOPIfCtpzZEmbKXG8Tj34sPNXSaibmIjw3qofcz4hs1LVMvBnJXT1ZR3esE1eqgV oracle@rac1.bracecoder ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDarC3M1+HHAou1E+AXNPwcgE0Ok694m0S1QFne3bnnyCAPHP0wwkxKWm2mr2+G+DJ3esWznQo8QaOiXPl+SsqvKELfz+jceVkbyxb6tNrKIirLNcvhxB1mX21y8wXpyljw3tZx6zWk4M7bvrw/su9UvPz25pbm4+c1DmsLzWkz16/UuXoqrvxyMFu8sZJ6vQtLFMPZhbpzklgVAGRPW68CGDkEdjGGBJRXW6WS8z3d6PN1+wYvAUwn1utL3QqmE7SafAoQgY1hmGF1Dvu8jPQKwCM++CAm2FwUlck9I5BGU2x7h8LI77chAtcvS6qZd269BdN14m8IqlAYzvZ2MuF3 oracle@rac2.bracecoder ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC9JoRUK1O2gVn9/yO0V4gRDNwcgk5ReMtQvsM4SKn6LRD77KdWjFOONDqZElJTvyUE5smjHrW+MtL7Tme4I7dJW0wF9DOUSv9hMUWUk86mzTist5qr1Vd8yD9sX8g3JhiyeUpN99YcQYESwhy3Rg5u9bHWq4LxojeXHmxxbIIS8ehIiaXwYwWxRlQtCaFAIM4I8m+vjlvrYDcwqql0d3IY3aCkZzxWXJaj+dIeBZyMT3J1p9Yqa52YppuDNwqLKeQ8jSW3T9mh70Y3H5q/5uW/J9dR3biv7WUjclWZc336REVMODoPjqxZVmeHOOH91rKoajZVEGV3w9IrIkDd2ROb grid@rac1.bracecoder ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDJJ36IIw05i9wCv/RwbvOuJXiVYUBRSmGf2D43R2cLGZ96OyNi/gLLQx27nottSkIP8VSZhb3Nn2hDt9lS/D85gI1WZmNFY2bp/9t7/PoW40b2Um/1RI8iX17rfvwtlrT62nJB27orQ/g7r37L5xNfFeJQjwpu34Eua3h3BR3xsPhJSR7hdJWUuys7lxARiIFV/J73lY9rO2kA4vDVqA62R7TJb0MwhHkJeWOtN1Tu8/xvl9Qa2Vh0LC3ZY+yDfd8yY2/NteY5YqbI4aroAnryB8uUBAufDdlh5HRLdrUtc8cvPKzEHbmY+FnODuRoX790nSyKMxutVrO5G2xi6jmf grid@rac2.bracecoder
try to login using ssh [servername] without asking password. If its prompt password check correctly place text under all users.
[oracle@rac2 ~]$ ssh rac1 Last login: Thu Aug 1 16:47:10 2024 from rac2.bracecoder [oracle@rac1 ~]$ exit logout Connection to rac1 closed. [oracle@rac2 ~]$ ssh rac2 Last login: Thu Aug 1 16:47:44 2024 from rac2.bracecoder [oracle@rac2 ~]$ exit logout Connection to rac2 closed. [oracle@rac2 ~]$ ssh rac1.bracecoder Last login: Thu Aug 1 16:48:03 2024 from rac2.bracecoder [oracle@rac1 ~]$ exit logout Connection to rac1.bracecoder closed. [oracle@rac2 ~]$ ssh rac2.bracecoder Last login: Thu Aug 1 16:48:13 2024 from rac2.bracecoder [oracle@rac2 ~]$ exit logout Connection to rac2.bracecoder closed. [oracle@rac2 ~]$ [oracle@rac2 ~]$ ping rac1 PING rac1.bracecoder (192.168.29.175) 56(84) bytes of data. 64 bytes from rac1.bracecoder (192.168.29.175): icmp_seq=1 ttl=64 time=0.384 ms 64 bytes from rac1.bracecoder (192.168.29.175): icmp_seq=2 ttl=64 time=0.311 ms 64 bytes from rac1.bracecoder (192.168.29.175): icmp_seq=3 ttl=64 time=0.347 ms ^C --- rac1.bracecoder ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 2006ms rtt min/avg/max/mdev = 0.311/0.347/0.384/0.033 ms [oracle@rac2 ~]$ ping rac2 PING rac2.bracecoder (192.168.29.179) 56(84) bytes of data. 64 bytes from rac2.bracecoder (192.168.29.179): icmp_seq=1 ttl=64 time=0.047 ms 64 bytes from rac2.bracecoder (192.168.29.179): icmp_seq=2 ttl=64 time=0.056 ms 64 bytes from rac2.bracecoder (192.168.29.179): icmp_seq=3 ttl=64 time=0.016 ms ^C --- rac2.bracecoder ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 2054ms rtt min/avg/max/mdev = 0.016/0.039/0.056/0.018 ms [oracle@rac2 ~]$ ping rac1.bracecoder PING rac1.bracecoder (192.168.29.175) 56(84) bytes of data. 64 bytes from rac1.bracecoder (192.168.29.175): icmp_seq=1 ttl=64 time=0.467 ms 64 bytes from rac1.bracecoder (192.168.29.175): icmp_seq=2 ttl=64 time=0.574 ms 64 bytes from rac1.bracecoder (192.168.29.175): icmp_seq=3 ttl=64 time=0.387 ms ^C --- rac1.bracecoder ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 2059ms rtt min/avg/max/mdev = 0.387/0.476/0.574/0.076 ms [oracle@rac2 ~]$ ping rac2.bracecoder PING rac2.bracecoder (192.168.29.179) 56(84) bytes of data. 64 bytes from rac2.bracecoder (192.168.29.179): icmp_seq=1 ttl=64 time=0.067 ms 64 bytes from rac2.bracecoder (192.168.29.179): icmp_seq=2 ttl=64 time=0.054 ms 64 bytes from rac2.bracecoder (192.168.29.179): icmp_seq=3 ttl=64 time=0.213 ms ^C --- rac2.bracecoder ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 2060ms rtt min/avg/max/mdev = 0.054/0.111/0.213/0.072 ms [oracle@rac2 ~]$ ping rac1-priv.bracecoder PING rac1-priv.bracecoder (192.168.10.1) 56(84) bytes of data. 64 bytes from rac1-priv.bracecoder (192.168.10.1): icmp_seq=1 ttl=64 time=0.462 ms 64 bytes from rac1-priv.bracecoder (192.168.10.1): icmp_seq=2 ttl=64 time=0.345 ms 64 bytes from rac1-priv.bracecoder (192.168.10.1): icmp_seq=3 ttl=64 time=0.519 ms ^C --- rac1-priv.bracecoder ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 2050ms rtt min/avg/max/mdev = 0.345/0.442/0.519/0.072 ms [oracle@rac2 ~]$ ping rac2-priv.bracecoder PING rac2-priv.bracecoder (192.168.10.2) 56(84) bytes of data. 64 bytes from rac2-priv.bracecoder (192.168.10.2): icmp_seq=1 ttl=64 time=0.047 ms 64 bytes from rac2-priv.bracecoder (192.168.10.2): icmp_seq=2 ttl=64 time=0.117 ms 64 bytes from rac2-priv.bracecoder (192.168.10.2): icmp_seq=3 ttl=64 time=0.018 ms ^C --- rac2-priv.bracecoder ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 2014ms rtt min/avg/max/mdev = 0.018/0.060/0.117/0.042 ms [oracle@rac2 ~]$ ping rac1-vip.bracecoder PING rac1-vip.bracecoder (192.168.29.71) 56(84) bytes of data. 64 bytes from rac1-vip.bracecoder (192.168.29.71): icmp_seq=1 ttl=64 time=0.442 ms 64 bytes from rac1-vip.bracecoder (192.168.29.71): icmp_seq=2 ttl=64 time=0.668 ms 64 bytes from rac1-vip.bracecoder (192.168.29.71): icmp_seq=3 ttl=64 time=0.947 ms ^C --- rac1-vip.bracecoder ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 2005ms rtt min/avg/max/mdev = 0.442/0.685/0.947/0.208 ms [oracle@rac2 ~]$ ping rac2-vip.bracecoder PING rac2-vip.bracecoder (192.168.29.72) 56(84) bytes of data. 64 bytes from rac2-vip.bracecoder (192.168.29.72): icmp_seq=1 ttl=64 time=0.048 ms 64 bytes from rac2-vip.bracecoder (192.168.29.72): icmp_seq=2 ttl=64 time=0.059 ms 64 bytes from rac2-vip.bracecoder (192.168.29.72): icmp_seq=3 ttl=64 time=0.012 ms ^C --- rac2-vip.bracecoder ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 2033ms rtt min/avg/max/mdev = 0.012/0.039/0.059/0.021 ms [oracle@rac2 ~]$
Config nslookup
systemctl stop named
systemctl disable named
export DNS_IP="192.168.29.175"
export DNS_DOMAIN="bracecoder"
export DNS_NETWORK="192.168.29.0/24"
export DNS_BACKWARD="29.168.192.in-addr.arpa"
export DNS_FORWARD=$DNS_DOMAIN
export DNS_BACKWARD_FILE="backward.$DNS_DOMAIN"
export DNS_FORWARD_FILE="forward.$DNS_DOMAIN"
export DNS_HOSTNAME="rac1"
export DNS_FQDN=$DNS_HOSTNAME.$DNS_DOMAIN
export DNS_IP="192.168.29.180"
export DNS_DOMAIN="bracecoder"
export DNS_NETWORK="192.168.29.0/24"
export DNS_BACKWARD="29.168.192.in-addr.arpa"
export DNS_FORWARD=$DNS_DOMAIN
export DNS_BACKWARD_FILE="backward.$DNS_DOMAIN"
export DNS_FORWARD_FILE="forward.$DNS_DOMAIN"
export DNS_HOSTNAME="rac2"
export DNS_FQDN=$DNS_HOSTNAME.$DNS_DOMAIN
rac1 and rac2:
cat > /etc/named.conf <<EOF
options {
listen-on port 53 { 127.0.0.1; $DNS_IP; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
recursing-file "/var/named/data/named.recursing";
secroots-file "/var/named/data/named.secroots";
allow-query { localhost; $DNS_NETWORK; };
/*
- If you are building an AUTHORITATIVE DNS server, do NOT enable recursion.
- If you are building a RECURSIVE (caching) DNS server, you need to enable
recursion.
- If your recursive DNS server has a public IP address, you MUST enable access
control to limit queries to your legitimate users. Failing to do so will
cause your server to become part of large scale DNS amplification
attacks. Implementing BCP38 within your network would greatly
reduce such attack surface
*/
recursion yes;
dnssec-enable yes;
dnssec-validation yes;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.root.key";
managed-keys-directory "/var/named/dynamic";
pid-file "/run/named/named.pid";
session-keyfile "/run/named/session.key";
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
zone "." IN {
type hint;
file "named.ca";
};
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
//forward zone
zone "$DNS_DOMAIN" IN {
type master;
file "$DNS_FORWARD_FILE";
allow-update { none; };
allow-query { any; };
};
//backward zone or reverse zone
zone "$DNS_BACKWARD" IN {
type master;
file "$DNS_BACKWARD_FILE";
allow-update { none; };
allow-query { any; };
};
EOF
rac1:
cat > /var/named/forward.bracecoder <<EOF
\$TTL 86400
@ IN SOA rac1.bracecoder. admin.bracecoder. (
2021040300 ;Serial
3600 ;Refresh
1800 ;Retry
604800 ;Expire
86400 ;Minimum TTL
)
;Name Server Information
@ IN NS rac1.bracecoder.
@ IN A 192.168.29.175
@ IN A 192.168.29.180
@ IN A 192.168.29.71
@ IN A 192.168.29.72
@ IN A 192.168.29.91
@ IN A 192.168.29.92
@ IN A 192.168.29.93
;IP Address for Name Server
rac1 IN A 192.168.29.175
;Mail Server MX (Mail exchanger) Record
;rac1.bracecoder IN MX 10 mail.rac1.bracecoder
;A Record for the following Host name
rac1 IN A 192.168.29.175
rac2 IN A 192.168.29.180
rac1-vip IN A 192.168.29.71
rac2-vip IN A 192.168.29.72
rac-scan IN A 192.168.29.91
rac-scan IN A 192.168.29.92
rac-scan IN A 192.168.29.93
;CNAME Record
;ftp IN CNAME ftp.rac1.bracecoder.
EOF
rac2:
cat > /var/named/forward.bracecoder <<EOF
\$TTL 86400
@ IN SOA rac2.bracecoder. admin.bracecoder. (
2021040300 ;Serial
3600 ;Refresh
1800 ;Retry
604800 ;Expire
86400 ;Minimum TTL
)
;Name Server Information
@ IN NS rac2.bracecoder.
@ IN A 192.168.29.175
@ IN A 192.168.29.180
@ IN A 192.168.29.71
@ IN A 192.168.29.72
@ IN A 192.168.29.91
@ IN A 192.168.29.92
@ IN A 192.168.29.93
;IP Address for Name Server
rac2 IN A 192.168.29.180
;Mail Server MX (Mail exchanger) Record
;rac2.bracecoder IN MX 10 mail.rac2.bracecoder
;A Record for the following Host name
rac1 IN A 192.168.29.175
rac2 IN A 192.168.29.180
rac1-vip IN A 192.168.29.71
rac2-vip IN A 192.168.29.72
rac-scan IN A 192.168.29.91
rac-scan IN A 192.168.29.92
rac-scan IN A 192.168.29.93
;CNAME Record
;ftp IN CNAME ftp.rac2.bracecoder.
EOF
rac1:
cat > /var/named/backward.bracecoder <<EOF
\$TTL 86400
@ IN SOA rac1.bracecoder. admin.bracecoder. (
2021040300 ;Serial
3600 ;Refresh
1800 ;Retry
604800 ;Expire
86400 ;Minimum TTL
)
;Name Server Information
@ IN NS rac1.bracecoder.
rac1 IN A 192.168.29.175
;Reverse lookup for Name Server
35 IN PTR rac1.bracecoder.
;PTR Record IP address to Hostname
175 IN PTR rac1.bracecoder.
180 IN PTR rac2.bracecoder.
71 IN PTR rac1-vip.bracecoder
72 IN PTR rac2-vip.bracecoder
91 IN PTR rac-scan.bracecoder
92 IN PTR rac-scan.bracecoder
93 IN PTR rac-scan.bracecoder
EOF
rac2:
cat > /var/named/backward.bracecoder <<EOF
\$TTL 86400
@ IN SOA rac2.bracecoder. admin.bracecoder. (
2021040300 ;Serial
3600 ;Refresh
1800 ;Retry
604800 ;Expire
86400 ;Minimum TTL
)
;Name Server Information
@ IN NS rac2.bracecoder.
rac1 IN A 192.168.29.180
;Reverse lookup for Name Server
35 IN PTR rac2.bracecoder.
;PTR Record IP address to Hostname
175 IN PTR rac1.bracecoder.
180 IN PTR rac2.bracecoder.
71 IN PTR rac1-vip.bracecoder
72 IN PTR rac2-vip.bracecoder
91 IN PTR rac-scan.bracecoder
92 IN PTR rac-scan.bracecoder
93 IN PTR rac-scan.bracecoder
EOF
# change the owner
chown named:named /var/named/forward.bracecoder
chown named:named /var/named/backward.bracecoder
named-checkzone bracecoder /var/named/forward.bracecoder
rac2> named-checkzone 192.168.29.180 /var/named/backward.bracecoder
rac1> named-checkzone 192.168.29.175 /var/named/backward.bracecoder
systemctl start named
systemctl enable named
rac1:
[root@rac1 ~]# cat /etc/resolv.conf
# Generated by NetworkManager
search bracecoder
nameserver 192.168.29.175
domain rac1.bracecoder
nameserver 2405:201:e005:2105::c0a8:1d01
[root@rac1 ~]#
rac2:
[root@rac2 ~]# cat /etc/resolv.conf
# Generated by NetworkManager
search bracecoder
nameserver 192.168.29.180
domain rac2.bracecoder
nameserver 2405:201:e005:2105::c0a8:1d01
[root@rac2 ~]#
That’s it.
If you would have any questions or concerns, please leave your comments. I would be glad to explain in more details. Thank you so much for all your feedback and support!