Martins Blog

Trying to explain complex things in simple terms

Archive for June, 2011

Open VPN for the Road Warrior

Posted by Martin Bach on June 15, 2011


I have updated the post on 05-DEC-2013 to be relevant for openvpn-2.2.2-9.5.1.x86_64 on OpenSuSE 12.3. Instead of Xen I switched to KVM as it was easier to implement. I left the by now outdated versions of the Oracle software as they were, they don’t matter. The Xen “virtual machine” is called domU, KVM calls them VM which sounds more familiar. So simply substitute VM for domU :) Note that I’m NOT using libvirt to manage the networks, otherwise the configuration would be different. The network configuration relies entirely on the bridges provided by Linux and set up in YAST2


As a consultant it is important to have a test lab, something which is your own, where you can play with new versions and concepts to your heart’s delight without disturbing anyone else. Or worse, causing problems for the customer. For this reason I like to have an Internet facing machine which I can connect to from anywhere. In case the corporate network doesn’t let you out, consider getting mobile broadband on a PAYG basis-it works a dream!

I have blogged about my system a number of times, with special emphasis on RHEL 5.x and 6.x. Unlike many other Oracle scientists I do not use Virtual Box or VMWare for virtualisation, but rather Xen. When I started looking at para-virtualisation I looked at Oracle VM but at the time it was lacking features I wanted such as iSCSI provided storage. OpenSuSE is a great distribution which offers a dom0 kernel out of the box, and this is what I went for. My lab can support a four node cluster plus two Grid Control domUs, which is more than enough for me to work with. And although it’s busy, it doesn’t make working with the machine impossible.

For a long time I was very happy with my machine, and SSH access was all I needed. But when moving to Vista/Windows 7 a problem became apparent: I could no longer use port-forwarding to access my samba server on my backup domU. Microsoft added some other software to listen on the required port so I started looking at OpenVPN as a solution. This article assumes that you are familiar with OpenVPN-if you are not then you might want to have a look at the documentation. The howto is a a great starting point:

Read the rest of this entry »

Posted in Linux | Tagged: , | Leave a Comment »

Additional date for my Grid Infrastructure seminar in the UK

Posted by Martin Bach on June 8, 2011

I was very pleasently surprised that Oracle University are offering another day for my “Grid Infrastructure and Database High Availability Deep Dive” seminar. In addition to the immenent seminars in June (I blogged about them earlier), this one is in London, England. For anyone interested, here is the link:

The date has been set to October 10th, so there is plenty of time still, but nevertheless I hope to see you there!

Posted in 11g Release 2, Automatic Storage Management, Public Appearances, RAC | Leave a Comment »

Tuning Log and Trace levels for Clusterware 11.2

Posted by Martin Bach on June 2, 2011

With the introduction of Clusterware 11.2 a great number of command line tools have either been deprecated ($ORA_CRS_HOME/bin/crs_* and others) or merged into other tools. This is especially true for crsctl, which is now the tool to access and manipulate low level resources in Clusterware.

This also implies that some of the notes on Metalink are no longer applicable to Clusterware 11.2, such as the one detailing how to get more detailed information in the logs. Not that the log information wasn’t already rather comprehensive if you asked me…

And here comes a warning: don’t change the log levels unless you have a valid reason, or under the instructions of support. Higher log levels than the defaults tend to generate too much data, filling up the GRID_HOME and potentially killing the node.

Log File Location

The location for logs in Clusterware hasn’t changed much since the unified log structure was introduced in 10.2 and documented in “CRS and 10g/11.1 Real Application Clusters (Doc ID 259301.1)”. It has been extended though, and quite dramatically so in 11.2, which is documented as well in one of the better notes from support: “11gR2 Clusterware and Grid Home – What You Need to Know (Doc ID 1053147.1)”

The techniques for getting debug and trace information as described for example in “Diagnosability for CRS / EVM / RACG (Doc ID 357808.1)” doesn’t really apply any more as the syntax changed.

Read the rest of this entry »

Posted in 11g Release 2, Linux, RAC | 3 Comments »

A more user friendly multipath.conf

Posted by Martin Bach on June 1, 2011


The below described changes to the device uid, gid and mode have been deprecated with RHEL6/OL 6. Back to udev rules… See for more information

During some recent work I did involving a stretched RAC for a SAP implementation at a customer site I researched TimeFinder/Clone backups. As part of this exercise I have been able to experiment with RHEL (OEL) 5.6 and the new device mapper multipath package on the mount host. I have been very pleasantly surprise about this new feature which I’d like to share.

Background of this article

Device Mapper Multipath is the “native” Linux multipathing software, as opposed to vendor-supplied multipathing such as EMC’s Power Path or Hitachi’s HDLM.

My customer’s setup is rather unique for a SAP environment as it uses Oracle Enterprise Linux and not Solaris/SPARC or AIX on the Power platform with an active/passive solution. Well if that doesn’t make it sound unique, the fact that there is a plan to run Oracle RAC potentially across sites using ASM and ACFS certainly makes this deployment stand out from the rest. Read the rest of this entry »

Posted in 10g Release 2, 11g Release 1, 11g Release 2, Linux | 8 Comments »