配置11gR2 RAC SCAN

11G RAC scan即用DNA解析的IP地址，oracle推荐配置3个，这样可以起到均衡负载和冗余的作用.
系统情况： rac01,rac02
操作系统平台：red hat enterprise 5.4 2台虚拟机
这里 我们需要配置一个scan为 rac-scan的域名解析
配置步骤如下：
1. 我们设置rac01为DNS服务器
[root@rac01 etc]# ifconfig
eth0      Link encap:Ethernet  HWaddr 00:0C:29:B5:38:5E 
          inet addr:192.168.0.18  Bcast:192.168.0.255  Mask:255.255.255.0
          inet6 addr: fe80::20c:29ff:feb5:385e/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:2332291 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1535201 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:2347536563 (2.1 GiB)  TX bytes:1079658292 (1.0 GiB)
          Interrupt:185 Base address:0x1480

eth0:1    Link encap:Ethernet  HWaddr 00:0C:29:B5:38:5E 
          inet addr:192.168.0.101  Bcast:192.168.0.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          Interrupt:185 Base address:0x1480

eth1      Link encap:Ethernet  HWaddr 00:0C:29:B5:38:68 
          inet addr:10.10.10.1  Bcast:10.10.10.255  Mask:255.255.255.0
          inet6 addr: fe80::20c:29ff:feb5:3868/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:39950 errors:0 dropped:0 overruns:0 frame:0
          TX packets:61611 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:15381230 (14.6 MiB)  TX bytes:46112067 (43.9 MiB)
          Interrupt:193 Base address:0x1800

lo        Link encap:Local Loopback 
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:54304 errors:0 dropped:0 overruns:0 frame:0
          TX packets:54304 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:10332630 (9.8 MiB)  TX bytes:10332630 (9.8 MiB)

 

从以上可以看出rac01的IP地址为:192.168.0.1

然后 配置 DNS named.conf 文件 
[root@rac01 named]# vi /var/named/chroot/etc/named.conf

options {
     listen-on port 53 { any; };
     listen-on-v6 port 53 { ::1; };
     directory "/var/named";
     dump-file "/var/named/data/cache_dump.db";
     statistics-file "/var/named/data/named_stats.txt";
     memstatistics-file "/var/named/data/named_mem_stats.txt";
     query-source port 53;
     query-source-v6 port 53;
     allow-query { any; };
};

zone "." IN {
    type hint;
    file "named.ca";
};

zone "testenv.com" IN {
      type master;
      file "testenv.com.zone";
      allow-update { none; };
};

zone "0.168.192.in-addr.arpa." IN {
       type master;
       file "0.168.192.in-addr.arpa.zone";
       allow-update { none; };
};


"/var/named/chroot/etc/named.conf" 29L, 697C

[root@rac01 etc]# dig  -t NS .

; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5 <<>> -t NS .
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 14850
;; flags: qr rd ra; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 14

;; QUESTION SECTION:
;.                              IN      NS

;; ANSWER SECTION:
.                       513716  IN      NS      e.root-servers.net.
.                       513716  IN      NS      f.root-servers.net.
.                       513716  IN      NS      g.root-servers.net.
.                       513716  IN      NS      h.root-servers.net.
.                       513716  IN      NS      i.root-servers.net.
.                       513716  IN      NS      j.root-servers.net.
.                       513716  IN      NS      k.root-servers.net.
.                       513716  IN      NS      l.root-servers.net.
.                       513716  IN      NS      m.root-servers.net.
.                       513716  IN      NS      a.root-servers.net.
.                       513716  IN      NS      b.root-servers.net.
.                       513716  IN      NS      c.root-servers.net.
.                       513716  IN      NS      d.root-servers.net.

;; ADDITIONAL SECTION:
a.root-servers.net.     600116  IN      A       198.41.0.4
a.root-servers.net.     600116  IN      AAAA    2001:503:ba3e::2:30
b.root-servers.net.     600116  IN      A       192.228.79.201
c.root-servers.net.     600116  IN      A       192.33.4.12
d.root-servers.net.     600116  IN      A       128.8.10.90
e.root-servers.net.     600116  IN      A       192.203.230.10
f.root-servers.net.     600116  IN      A       192.5.5.241
f.root-servers.net.     600116  IN      AAAA    2001:500:2f::f
g.root-servers.net.     600116  IN      A       192.112.36.4
h.root-servers.net.     600116  IN      A       128.63.2.53
h.root-servers.net.     600116  IN      AAAA    2001:500:1::803f:235
i.root-servers.net.     600116  IN      A       192.36.148.17
i.root-servers.net.     600116  IN      AAAA    2001:7fe::53
j.root-servers.net.     600116  IN      A       192.58.128.30

;; Query time: 7 msec
;; SERVER: 192.168.0.18#53(192.168.0.18)
;; WHEN: Sun Jan  2 09:09:56 2011
;; MSG SIZE  rcvd: 500
[root@rac01 etc]# dig  -t NS . >/var/named/named.ca

配置正解析文件 
[root@rac01 etc]#  vi /var/named/chroot/var/named/testenv.com.zone

$TTL 86400
@        IN      SOA     dns.testenv.com.        root.dns.testenv.com. (
                         20110102
                         1H
                         15M
                         1W
                         1D)
testenv.com.   IN NS  dns.testenv.com.
dns              IN A 192.168.0.18
www            IN A 192.168.0.199
vip-rac01      IN A 192.168.0.100
vip-rac02      IN A 192.168.0.101
rac-scan       IN A 192.168.0.55
rac-scan       IN A 192.168.0.56
rac-scan       IN A 192.168.0.57
news           IN CNAME www
~
~
~
~
"/var/named/chroot/var/named/testenv.com.zone" 18L, 595C written
配置反解析文件
[root@rac01 etc]# vi /var/named/chroot/var/named/0.168.192.in-addr.arpa.zone

$TTL 86400
@    IN SOA dns.testenv.com. root.dns.testenv.com. (
                  20111102
                  3H
                  1H
                  1W
                  1H )
     IN NS      dns.testenv.com.
18   IN PTR     dns.testenv.com.
199  IN PTR     www.testenv.com.
100  IN PTR     vip-rac01.testenv.com.
101  IN PTR     vip-rac02.testenv.com.
55   IN PTR     rac-scan.testenv.com.
56   IN PTR     rac-scan.testenv.com.
57   IN PTR     rac-scan.testenv.com.
~
~
~
~
"/var/named/chroot/var/named/0.168.192.in-addr.arpa.zone" 15L, 468C

 

配置DNS服务器所在地址：其中192.168.0.1为总的解析服务器,这里我们添加192.168.0.18为解析服务器

[root@rac01 etc]# vi /etc/resolv.conf

nameserver 192.168.0.18
nameserver 192.168.0.1
search localdomain testenv.com
~
~
"/etc/resolv.conf" 3L, 78C

配置hosts解析顺序:

[root@rac01 etc]# vi /etc/nsswitch.conf

#
# /etc/nsswitch.conf
#
# An example Name Service Switch config file. This file should be
# sorted with the most-used services at the beginning.
#
# The entry '[NOTFOUND=return]' means that the search for an
# entry should stop if the search in the previous entry turned
# up nothing. Note that if the search failed due to some other reason
# (like no NIS server responding) then the search continues with the
# next entry.
#
# Legal entries are:
#
#       nisplus or nis+         Use NIS+ (NIS version 3)
#       nis or yp               Use NIS (NIS version 2), also called YP
#       dns                     Use DNS (Domain Name Service)
#       files                   Use the local files
#       db                      Use the local database (.db) files
#       compat                  Use NIS on compat mode
#       hesiod                  Use Hesiod for user lookups
#       [NOTFOUND=return]       Stop searching if not found so far
#

# To use db, put the "db" in front of "files" for entries you want to be
# looked up first in the databases
#
# Example:
#passwd:    db files nisplus nis
#shadow:    db files nisplus nis
#group:     db files nisplus nis

passwd:     files
shadow:     files
group:      files

#hosts:     db files nisplus nis dns
#hosts:      files dns
hosts:       dns files nis

# Example - obey only what nisplus tells us...
#services:   nisplus [NOTFOUND=return] files
"/etc/nsswitch.conf" 64L, 1724C

 

然后重新启动DNS服务

[root@rac01 etc]# service named restart
Stopping named: [  OK  ]
Starting named: [  OK  ]
[root@rac01 etc]# tail /var/log/messages
Jan  2 09:14:02 rac01 named[29179]: listening on IPv4 interface eth0:1, 192.168.0.101#53
Jan  2 09:14:02 rac01 named[29179]: listening on IPv4 interface eth1, 10.10.10.1#53
Jan  2 09:14:02 rac01 named[29179]: /etc/named.conf:8: using specific query-source port suppresses port randomization and can be insecure.
Jan  2 09:14:02 rac01 named[29179]: /etc/named.conf:9: using specific query-source port suppresses port randomization and can be insecure.
Jan  2 09:14:02 rac01 named[29179]: command channel listening on 127.0.0.1#953
Jan  2 09:14:02 rac01 named[29179]: command channel listening on ::1#953
Jan  2 09:14:02 rac01 named[29179]: the working directory is not writable
Jan  2 09:14:02 rac01 named[29179]: zone 0.168.192.in-addr.arpa/IN: loaded serial 20111102
Jan  2 09:14:02 rac01 named[29179]: zone testenv.com/IN: loaded serial 20110102
Jan  2 09:14:02 rac01 named[29179]: running

 

检查配置是否成功：试着解析rac-scan域名
[root@rac01 etc]# nslookup rac-scan
Server:         192.168.0.18
Address:        192.168.0.18#53

Name:   rac-scan.testenv.com
Address: 192.168.0.55
Name:   rac-scan.testenv.com
Address: 192.168.0.56
Name:   rac-scan.testenv.com
Address: 192.168.0.57

[root@rac01 etc]# nslookup vip-rac01
Server:         192.168.0.18
Address:        192.168.0.18#53

Name:   vip-rac01.testenv.com
Address: 192.168.0.100

[root@rac01 etc]# nslookup vip-rac02
Server:         192.168.0.18
Address:        192.168.0.18#53

Name:   vip-rac02.testenv.com
Address: 192.168.0.101
反解析：
[root@rac01 etc]# nslookup 192.168.0.56
Server:         192.168.0.18
Address:        192.168.0.18#53

56.0.168.192.in-addr.arpa       name = rac-scan.testenv.com.

[root@rac01 etc]#
看来配置成功!

然后再在rac02上做相关配置:
[root@rac02 ~]# vi /etc/nsswitch.conf

#
# /etc/nsswitch.conf
#
# An example Name Service Switch config file. This file should be
# sorted with the most-used services at the beginning.
#
# The entry '[NOTFOUND=return]' means that the search for an
# entry should stop if the search in the previous entry turned
# up nothing. Note that if the search failed due to some other reason
# (like no NIS server responding) then the search continues with the
# next entry.
#
# Legal entries are:
#
#       nisplus or nis+         Use NIS+ (NIS version 3)
#       nis or yp               Use NIS (NIS version 2), also called YP
#       dns                     Use DNS (Domain Name Service)
#       files                   Use the local files
#       db                      Use the local database (.db) files
#       compat                  Use NIS on compat mode
#       hesiod                  Use Hesiod for user lookups
#       [NOTFOUND=return]       Stop searching if not found so far
#

# To use db, put the "db" in front of "files" for entries you want to be
# looked up first in the databases
#
# Example:
#passwd:    db files nisplus nis
#shadow:    db files nisplus nis
#group:     db files nisplus nis

passwd:     files
shadow:     files
group:      files

#hosts:     db files nisplus nis dns
#hosts:     files dns
hosts:      dns files nis

# Example - obey only what nisplus tells us...
#services:   nisplus [NOTFOUND=return] files
"/etc/nsswitch.conf" 64L, 1722C
[root@rac02 ~]# vi /etc/resolv.conf

; generated by /sbin/dhclient-script
nameserver 192.168.0.18
nameserver 192.168.0.1
search localdomain testenv.com
~
~
"/etc/resolv.conf" 4L, 115C

 

[root@rac02 ~]# nslookup rac-scan
Server:         192.168.0.18
Address:        192.168.0.18#53

Name:   rac-scan.testenv.com
Address: 192.168.0.56
Name:   rac-scan.testenv.com
Address: 192.168.0.57
Name:   rac-scan.testenv.com
Address: 192.168.0.55

[root@rac02 ~]#
[root@rac02 ~]# nslookup vip-rac01
Server:         192.168.0.18
Address:        192.168.0.18#53

Name:   vip-rac01.testenv.com
Address: 192.168.0.100

[root@rac02 ~]# nslookup vip-rac02
Server:         192.168.0.18
Address:        192.168.0.18#53

Name:   vip-rac02.testenv.com
Address: 192.168.0.101

[root@rac02 ~]# nslookup 192.168.0.56
Server:         192.168.0.18
Address:        192.168.0.18#53

56.0.168.192.in-addr.arpa       name = rac-scan.testenv.com.

[root@rac02 ~]#

 

rac02也可以正确解析SCAN域名！

这样一个正反解析的SCAN域名就配置成功了.......

 

注意：在安装11Gr2 RAC集群时，配置其中的一个节点作为DNS服务器是不被支持的，安装过程中会出错