Troubleshooting
Problem
I am connecting to my Oracle database on Windows server locally, using a local tcp connection. Guardium S-TAP is not capturing this traffic. Network traffic and other local traffic e.g. named pipes connections are captured as expected.
Cause
One possible cause is that the server is using IPv6 address by default. Up the the current version at the time of writing (v10.1.4), Windows S-TAP does not support capturing local tcp traffic with IPv6.
Diagnosing The Problem
1. Check in the tnsnames.ora file (e.g. C:\app\oracle\product\12.1.0\dbhome_1\NETWORK\ADMIN\tnsnames.ora)for the database instance. e.g.
ORCL =
(DESCRIPTION =
(ADDRESS = (PROTOCOL = TCP)(HOST = <hostname>)(PORT = 1521))
(CONNECT_DATA =
(SERVER = DEDICATED)
(SERVICE_NAME = orcl)
)
)
2. Locally on the server, ping the hostname from 1. If it returns with an IPv6 address, then this problem is present.
Resolving The Problem
Until Windows S-TAP can support IPv6, configure the database to use IPv4 address or configure the server to prefer IPv4 over IPv6.
Configuring the database
In the tnsnames.ora file use the ipv4 address in the "HOST =" setting.
If you want to test both hostname and ipv4 address, define another instance and test e.g.
ORCL =
(DESCRIPTION =
(ADDRESS = (PROTOCOL = TCP)(HOST = <hostname>)(PORT = 1521))
(CONNECT_DATA =
(SERVER = DEDICATED)
(SERVICE_NAME = orcl)
)
)
ORCLTEST =
(DESCRIPTION =
(ADDRESS = (PROTOCOL = TCP)(HOST = <IPv4 address>)(PORT = 1521))
(CONNECT_DATA =
(SERVER = DEDICATED)
(SERVICE_NAME = orcl)
)
)
Connections to ORCLTEST in the example above should be captured.
Configuring the server
Microsoft provides some tools to set the server to prefer ipv4 over ipv6. See - How to disable IPv6 or its components in Windows (External, non IBM link). Beware this option might have other consequences for the server. It is not recommended without full discussion with the Windows server admin.
Was this topic helpful?
Document Information
Modified date:
16 June 2018
UID
swg22010270