To specify the protocol address of Oracle Connection Manager.

(ADDRESS=(PROTOCOL=protocol)(HOST=host_name)(PORT=port_number)

(ADDRESS=(PROTOCOL=tcp)(HOST=sales-server)(PORT=1521))

To specify whether Oracle Database security authentication settings must be used by the client.

The global setting can be overridden by a rule-level setting in ACTION_LIST.

• on to instruct Oracle Connection Manager to reject connection requests that are not using Secure Network Services (SNS). SNS is part of Oracle Database security.

• off to instruct Oracle Connection Manager not to check for SNS between the client and server. This is the default.

To specify whether the SHOW_CONNECTIONS command displays connection statistics.

The global setting can be overridden by a rule-level setting in ACTION_LIST.

• yes to display statistics.

• no to not display statistics. This is the default.

To specify which event groups are logged.

Multiple events may be designated using a comma-delimited list.

• alert for alert notifications.

• cmd_proc for command processing.

• conn_hdlg for connection handling.

• init_and_term for initialization and termination.

• memory_ops for memory operations.

• proc_mgmt for process management.

• reg_and_load for registration and load update.

• relay for events associated with connection control blocks.

• timer for gateway timeouts.

• wake_up for events related to Connection Manager Administration (CMADMIN) wake-up queue.

To specify the amount of time that an established connection can remain active without transmitting data.

The global setting can be overridden by a rule-level setting in ACTION_LIST.

• 0 to disable the timeout. This is the default.

• Any number greater than 0 to enable the timeout. The number equals the timeout period in seconds.

To specify how long in seconds the Oracle Connection Manager listener waits for a valid connection from a client or another instance of Oracle Connection Manager.

• 60 sec is the default. Use value 0 to disable timeout.

• Any number greater than 0 to enable the timeout. The number equals the timeout period in seconds.

To specify the directory for the Oracle Connection Manager log files.

To specify the level for log messages.

• off for no logging. This is the default.

• user for user-induced errors log information.

• admin for administration log information, such as installation-specific.

• support for Oracle Support Services information.

To specify the maximum number of concurrent registration and client connection sessions that can be supported by Oracle Connection Manager.

This number includes registration connections from databases, and ongoing client connection establishment requests. After a connection is established, the clients do not maintain a connection to the listener. This limit only applies to client connections that are in the initial connection establishment phase from a listener perspective.

Operating system-specific

MAX_ALL_CONNECTIONS=40

To specify the maximum number of concurrent local or remote sessions of the Oracle Connection Manager control utility allowable for a given instance.

One of the sessions must be a local session.

Any number of sessions can be designated.

Bug 2447824

To specify the maximum number of connection slots that a gateway process can handle.

Any number in the range of 1 to 1024.

To specify the maximum number of gateway processes that an instance of Oracle Connection Manager supports.

The number designated must be greater than the minimum number of gateway processes. The maximum is 64.

To specify the maximum number of concurrent registration connection sessions that can be supported by Oracle Connection Manager.

512

MAX_REG_CONNECTIONS=20

To specify the minimum number of gateway processes that an instance of Oracle Connection Manager supports.

Any number of sessions can be designated up to 64.

To specify the length of time in seconds that the Oracle Connection Manager instance waits for a valid connection to be established with the database server or with another Oracle Connection Manager instance.

• 60 to disable the timeout. This is the default.

• Any number greater than 0 to enable the timeout. The number equals the timeout period in seconds.

To specify the encrypted instance password, if one has been set.

To specify the list of nodes that cannot register with the listener.

The list can include host names or CIDR notation for IPv4 and IPv6 addresses. The wildcard format (*) is supported for IPv4 addresses. The presence of a host name in the list results in the inclusion of all IP addresses mapped to the host name. The host name should be consistent with the public network interface.

If the REGISTRATION_INVITED_NODES parameter and the REGISTRATION_EXCLUDED_NODES parameter are set, then the REGISTRATION_EXCLUDED_NODES parameter is ignored.

Valid nodes and subnet IP addresses or names.

REGISTRATION_EXCLUDED_NODES = (10.1.26.*, 10.16.40.0/24, \
                                       2001:DB8:3eff:fe38, node2)

To specify the list of node that can register with the listener.

The list can include host names or CIDR notation for IPv4 and IPv6 addresses. The wildcard format (*) is supported for IPv4 addresses. The presence of a host name in the list results in the inclusion of all IP addresses mapped to the host name. The host name should be consistent with the public network interface.

If the REGISTRATION_INVITED_NODES parameter and the REGISTRATION_EXCLUDED_NODES parameter are set, then the REGISTRATION_EXCLUDED_NODES parameter is ignored.

Valid nodes and subnet IP addresses or names.

REGISTRATION_INVITED_NODES = (10.1.35.*, 10.1.34.0/24, \
                                      2001:DB8:fe38:7303, node1)

To specify an access control rule list to filter incoming connections.

A rule list specifies which connections are accepted, rejected, or dropped.

If no rules are specified, then all connections are rejected.

The source and destination can be a host name, IP address, or subnet mask.

There must be at least one rule for client connections and one rule for CMCTL connections. Omitting one or the other results in the rejection of all connections for the rule type omitted. The last rule in the example that follows is a CMCTL rule.

Oracle Connection Manager does not support wildcards for partial IP addresses. If you use a wildcard, then use it in place of a full IP address. The IP address of the client may, for example, be (SRC=*).

Oracle Connection Manager supports only the /nn notation for subnet addresses. In the first rule in Example 8-1, /27 represents a subnet mask that comprises 27 left-most bits.

This parameter is listed in the rule list section of the cman.ora file preceded by RULE_LIST=.

(RULE_LIST=
  (RULE=
    (SRC=host)
    (DST=host)
    (SRV=service_name)
    (ACT={accept|reject|drop})
    (ACTION_LIST=AUT={on|off}
    ((CONN_STATS={yes|no})(MCT=time)(MIT=time)(MOCT=time)))
  (RULE= ...))

The RULE parameter filters a connection or group of connections using the following parameters:

SRC: The source host name or IP address of the client.

DST: The destination server host name or IP address of the database server.

SRV: The database service name of Oracle Database obtained from the SERVICE_NAME parameter in the initialization parameter file.

ACT: The action for the connection request. Use accept to accept incoming requests, reject to reject incoming requests, or drop to reject incoming requests without sending an error message.

ACTION_LIST: The rule-level parameter settings for some parameters. These parameters are as follows:

• AUT: Oracle Database security authentication on client side.

• CONN_STATS: Log input and output statistics.

• MCT: Maximum connect time.

• MIT: Maximum idle timeout.

• MOCT: Maximum outbound connect time.

Rule-level parameters override their global counterparts.

(RULE_LIST=
  (RULE=
    (SRC=client1-pc)
    (DST=sales-server)
    (SRV=sales.us.example.com)
    (ACT=reject))
  (RULE=
    (SRC=192.0.2.45)
    (DST=192.0.2.200)
    (SRV=db1)
    (ACT=accept))
  (RULE=
    (SRC=sale-rep)
    (DST=sales1-server)
    (SRV=cmon)
    (ACT=accept)))

To specify the maximum time in seconds allowed for a user session.

The global setting can be overridden by a rule-level setting in ACTION_LIST.

• 0 to disable the timeout. This is the default.

• Any number greater than 0 to enable the timeout. The number equals the timeout period in seconds.

To specify the directory for Oracle Connection Manager trace files.

To specify the size of the trace file in KB.

When the size is reached, the trace information is written to the next file. The number of files is specified with the TRACE_FILENO parameter.

To specify the number of trace files.

When this parameter is set along with the TRACE_FILELEN parameter, trace files are used in a cyclical fashion. The first file is filled first, then the second file, and so on. When the last file has been filled, the first file is reused, and so on.

To specify the level for trace messages.

• off for no tracing. This is the default.

• user for user-induced errors trace information.

• admin for administration trace information, such as installation-specific.

• support for Oracle Support Services information.

To specify the use of a timestamp for the tracing logs.

If the TRACING parameter is enabled, then a time stamp in the form of dd-mmm-yyyy hh:mi:ss:mil for every trace event in the trace file.

• off for no timestamp to be included in the file.

• on for timestamp to be included in the file.

To determine whether valid node checking registration is performed, and if the subnet is allowed.

When set to on, valid node checking registration is performed at the listener for any incoming registration request, and only local IP addresses are allowed.

off

• off | 0 to specify valid node checking registration is off, and no checking is performed.

• on | 1 | local to specify valid node checking registration is on, and all local IP addresses can register. If a list of invited nodes is set, then all IP addresses, host names, or subnets in the list as well as local IP addresses are allowed.

• subnet | 2 to specify valid node checking registration is on, and all machines in the local subnets are allowed to register. If a list of invited nodes is set, then all nodes in the local subnets as well as all IP addresses, host names and subnets in the list are allowed.

VALID_NODE_CHECKING_REGISTRATION = on

To specify the base directory to store tracing and logging incidents when ADR is enabled.

The default is ORACLE_BASE, or ORACLE_HOME/log if ORACLE_BASE is not defined.

Any valid directory path to a directory with write permission.

ADR_BASE=/oracle/network/trace

To indicate whether ADR tracing is enabled.

When the DIAG_ADR_ENABLED parameter is set to OFF, then non-ADR file tracing is used.

on | off

DIAG_ADR_ENABLED=on

To specify the level of logging performed by Oracle Connection Manager.

This parameter is also applicable when non-ADR logging is used.

The following log files are used with Oracle Connection Manager:

• instance-name_pid.log for the listener.

• instance-name_cmadmin_pid.log for CMADMIN.

• instance-name_cmgw_pid.log for the gateway processes.

The log files are located in the ORACLE_HOME/network/log directory.

off or 0

• off or 0 for no log output.

• user or 4 for user log information.

• admin or 10 for administration log information.

• support or 16 for Oracle Support Services log information.

LOG_LEVEL=admin

To specify the trace level for the Oracle Connection Manager instance.

This parameter is also applicable when non-ADR tracing is used.

The following trace files are used with Oracle Connection Manager:

• instance-name_pid.trc for the listener.

• instance-name_cmadmin_pid.trc for CMADMIN.

• instance-name_cmgw_pid.trc for the gateway processes.

The log files are located in the ORACLE_HOME/network/log directory.

off

• off for no trace output.

• user for user trace information.

• admin for administration trace information.

• support for Oracle Support Services trace information.

TRACE_LEVEL=admin

To add a time stamp in the form of dd-mmm-yyyy hh:mi:ss:mil to every trace event in the trace file for the listener.

This parameter is used with the TRACE_LEVEL parameter. This parameter is also applicable when non-ADR tracing is used.

on

• on or true

• off or false

TRACE_TIMESTAMP=true

To specify the location of Oracle Connection Manager log files.

Use this parameter when ADR is not enabled.

ORACLE_HOME/network/log

Any valid directory path to a directory with write permission.

LOG_DIRECTORY=/oracle/network/log

To specify the location of the Oracle Connection Manager trace files.

Use this parameter when ADR is not enabled.

ORACLE_HOME/network/trace 

Any valid directory path to a directory with write permission.

TRACE_DIRECTORY=/oracle/network/admin/trace

To specify the size, in KB, of the trace file.

When the size is met, the trace information is written to the next file. The number of files is specified with the TRACE_FILENO parameter. Any size can be designated. Use this parameter when ADR is not enabled.

Unlimited

TRACE_FILELEN=100

To specify the number of trace files for Oracle Connection Manager tracing.

When this parameter is set along with the TRACE_FILELEN parameter, trace files are used in a cyclical fashion. The first file is filled first, then the second file, and so on. When the last file has been filled, the first file is reused, and so on. Any number of files can be designated.

The trace file names are distinguished from one another by their sequence number. For example, if this parameter is set to 3, then the gateway trace files would be named instance-name_cmgw1_pid.trc, instance_name_cmgw2_pid.trc and instance_name_cmgw3_pid.trc.

In addition, trace events in the trace files are preceded by the sequence number of the file. Use this parameter when ADR is not enabled.

1

TRACE_FILENO=3