1 INFO-VAX	Sat, 25 Nov 2006	Volume 2006 : Issue 648       Contents: Re: DECW$SERVER crashes (8.3) , Re: increase in spam and what to do about it, Re: increase in spam and what to do about it, Re: increase in spam and what to do about it Re: OpenVMS Clustering Question  Re: OpenVMS Clustering Question - Re: Oracle 9i and VMS multihome configuration - Re: Oracle 9i and VMS multihome configuration - Re: Oracle 9i and VMS multihome configuration 4 Re: Thoughts on the book: DEC is dead, long live DEC  F ----------------------------------------------------------------------  % Date: Fri, 24 Nov 2006 17:02:59 -0500 - From: JF Mezei <jfmezei.spamnot@teksavvy.com> & Subject: Re: DECW$SERVER crashes (8.3)8 Message-ID: <c1249$45676bf3$cef8887a$11423@TEKSAVVY.COM>  = Patrick MOREAU, DTI Athis ex CENA, Tel: 01.69.57.68.40 wrote: H > Yes, low process quotas are generally a cause of DECW$SERVER crashes.   E On my VAX, when I had memory problems that made the server unable to  J process an animated GIF, it wrote messages to its log file constantly, it J didn't crash.  I would expect VMS software to handle "no enough resource" + errors in a humane way instead of crashing.   E Note that DECW$SERVER is a critical part or the OS because when that  K crashes, all your sessions to that and other node are also killed. This is  ; as serious as a system crash from the user's point of view.     J > I generally modifiy decw$server_page_file (up from 200000 to 300000) and= > decw$server_file_limit (from 200 to 300) in DECW$DEVICE.COM   H OK, I had mine at 275000. I've just upped it to 300k. But if there is a K memory leak, then it wouldn't matter since it will eventually also run out  
 of memory.  I In my case, it wasn't a case of trying to load large images, it was just  G bringing the existing newsgroups window back to forefront to fetch new  E messages.  So if that caused memory to runn out, it would be because  I previous netscape windows that did consume a lot of pixmap memory didn't  4 quite release it all when those windows were closed.  @ > You also have decw$virtual_pages in DECW$DEVICE_CONFIG_G...com  < It is set to 400,000 . Is that OK ?  Should this be equal to WSEXTENT + PAGFLQUO ?   I What exactly does this parameter do and why would it be device specific ?     O > Mozilla probably makes extensive use of pixmaps -> high virtual memory usage.   J But from the X server point of view, shouldn't it only be concerned about K the graphics that are currently visible in a window ? For instance, if you  J have a huge picture to display. I understand Mozilla needing to have that I picture in memory. But won't it just send to the X server the portion of  # the picture that fits in a window ?    ------------------------------    Date: 24 Nov 2006 20:15:43 -0800 From: davidc@montagar.com 5 Subject: Re: increase in spam and what to do about it C Message-ID: <1164428143.277959.267750@l39g2000cwd.googlegroups.com>    Bill Gunshannon wrote:; > In article <dt6dnSYDN-NU-_nYnZ2dnUVZ_rKdnZ2d@libcom.com>, , > 	Dave Froble <davef@tsoft-inc.com> writes: > > A rather drastic solution. > K > Drastic?  How so?  It merely calls for mailhost sysadmins to do something K > that people have been doing since the beginning of civilization.  Picking 3 > who they will and who they will not commune with.   / Yes, but you still don't explain the process...   E > > Consider, an entity (not a spammer) that has not gone through the J > > process of setting up an e-mail agreement with you, who wishes to send9 > > you an e-mail, which you might be pleased to receive.  > K > I hardly expect every user on the INTERNET to establish an agreement with  > every other user.   C Fine.  How does the user get their mail host to reach and agreement G with YOUR mail host?  You expect mail hosts to do this on behalf of the F user for everyone in their address book?  How does the user figure out who your mail host is?  J > > Consider, an entity that you have reason to contact, but don't have an > > agreement with.  >  > Same as above.  D Still lacking a little detail here...  Could you clarify it a little more?   L > > I agree that spam is a problem.  Your solution would cripple the conceptL > > of e-mail, as it's now implemented.  (I won't deny that spam has already > > crippled e-mail.)  > D > I assume you are seeing this as an all or nothing proposition.  ItE > wouldn't have to be that way.  You can always use the old way.  The D > big question really is after giving it time to get going, how many# > serious email users will want to.   B But if your method is too cumbersome (at least from the mail adminD perspective, it sounds like a TON of work), why would the mail admin& want to do through the trouble at all?   ------------------------------    Date: 24 Nov 2006 20:06:52 -0800 From: davidc@montagar.com 5 Subject: Re: increase in spam and what to do about it B Message-ID: <1164427612.373176.124490@m7g2000cwm.googlegroups.com>   Bill Gunshannon wrote:I > > Which is the same set of "potential customers" - I'm just testing the  > > RBL at a different place.  > J > But, if you just change RBL's you open yourself up to all the places theI > other RBL had that the new one doesn't and your back where you started.   E You still don't understand.  An MTA typically checks for an MX record E to determine which host to send mail to.  Rather than accept and drop C an SMTP connection based on the IP address being in a RBL, it would > save some traffic to not send respond to the DNS lookup if theD requesters IP address is on an RBL.  It's the same RBL, just testing8 the IP address at a different point of the SMTP process.  H > > SPF is one of the social ways (setting up a trust relationship), but* > > spammers are getting around that, too. > I > Not sure what SPF is, but I can assure you there is no way for spammers  > to get around my method.  F Sender Policy Framework?  It's a mechanism developed several years agoE in order to help validate the IP address of a senders domain.  Again, @ since setting it up is a social contract (not required to use or, publish), the success of it is hit-and-miss.  E And I guess I'm still not sure exactly how your method is to actually = work, and how all these agreements are executed and enforced.   C > > Then the social solution (valid or not) is socially unaccepted.  > E > My social solution has not yet been tried, so we don't know that it  > is socially unaccepted.   @ I would at least venture that it hasn't been accepted yet, then?  I > > Unless you charge per e-mail, there's nothing removing the conduit or I > > preventing its abuse.  But then you penalize good people just for the # > > sake of banning the bad people.  > F > Metered service has been looked at and it is unacceptable.  Plus, itG > doesn't stop spam but is very likely to make the innocent pay for it.   > Agreed, even AOL has had lots of complains about it's plans toE implement something like this.  How do you punish the abusers without G inflicting punishment or worse on the vast majority of people who don't 	 abuse it?   E > > How do you stop it at the source?  Which is the spammer, himself?  > I > True.  You stop it by not giving the spammer a venue from which to send J > his spam.  The sysadmins all agree (by contract) to not allow spam to beJ > sent from their systems. Penalty: ostracism.  The sysadmins of the localJ > mailsystems have AUP's that carry penalties (which depend on the type ofH > organization, ie. ISP - include hefty fines in your customer contract,H > business - employee can be fired, school - expulsion or other academicI > sanctions, etc.)  Thus, the spammer has no place where he is welcome on  > the new email network.  G Back in the mid '90's, such things were done.  Erols and other networks G had fines and such for spammers.  It didn't work.  This again referrers C to the "whack-a-mole" game of spammer termination.  Also, often the G spammers would sign up with accounts using credit cards of the clients, D or even stolen credit cards.  So you end up not billing or punishingD the spammer, anyway.  You kill one spammer account, and they have 10" more waiting to abuse when needed.  G Of course, now much spam is from zombied Windows boxes.  The spam can't F be traced back past the zombied PC.  So, do you fine and terminate theE account of the person with the infected PC?  That's going to sit well E with customers.  What about the Wingate proxy exploitation of several F years ago?  The proxy would allow SOCK4-like remote access, making theB Wingate proxy appear to be the source, but no way to determine whoG initiated the connection.  And the wide variety of formmail.pl web form G abuse that occured (and actually, I STILL had several dozen attempts by ? some spammer to test my form mail web script on the Hobby Site: G dinotto2@aol.com and topcopl2@aol.com are their test accounts - may the C harvesters get them)?  And there are still open SOCK4 proxies, open @ SMTP relays, and any number of other methods people are spamming6 without using mail servers they are authorized to use.  E They are already not using email networks where they are not welcome,  so why does your solution work?   G Also, how do you require uniform AUP's across ISP of various countries?   I > Read what I said up above. The customers of the ISP all sign a contract @ > (I know I had to!)  You put serious penalties in the contract.  @ Yes, but they really have no teeth, the spammers are often usingE fraudulent information, or on ISP which don't have strong AUP, or the 9 spammers are using network which they are not authorized.   D You are assuming the spammers are Law Abiding Honest Citizens.  That3 may be true of Usenet back in the day, not anymore.   J > >                                                Years ago panix, epoch,F > > and many other ISP's played constant whack-a-mole against spammers( > > creating accounts on their networks. > I > But they have never instituted serious (and enforced) penalties against # > the people who violate their AUP.   E Sure they did.  It just didn't stop the spammers.  Because they don't  care.   H > > So, how do you get everyone that wants to send email to sign an AUP, > E > You don't need everyone, only those who want to return email to the " > useful form it had 20 years ago.  7 But how does that help when there are those that don't?   K > >                                 After all, who would the enforcing body  > > be?  > J > If the users sign a contract, that would be the courts.  :-)  Especially7 > if the contract includes serious financial penalties.   F What if you get hit with a fine because your PC got trojaned?  Are youF going to quietly pay the fine, or are you fight it because you weren't the one sending the spam.   9 > >         We have ISP's and providers with AUP's today.  > I > Name one ISP that has an AUP that includes a serious fine for spamming!   C Been there, done that, didn't work.  You end up punishing the wrong  people, like in the case above.   J > > Usenet news isn't good example, since it's been rampant with spam evenH > > before e-mail (remember the Brierbart Index and Cancelmoose?  Canter > > and Seigel?).  > J > I didn't mean it as an example of a system that works perfectly, I meantG > it as an example of a system that only works between "trusted hosts". K > Try setting up a news server on your own.  It won't go very far until you K > find at least one other News site willing to exchange with you.  There is I > really nothing to stop these "trusted hosts" from having stricter AUP's I > so that none of the above existed.  As a matter of fact, I believe that J > was the intent of USENET-II (I haven't looked lately to see how this has > worked out.)  D Yes, but peering news isn't that difficult.  I used to when I was onF Sprint as an ISP.  My current provider doesn't carry a feed, but thereC are places that I can get a feed if I need it.  Even still, spam is * still a big problem on Usenet, even today.  @ > > True, but those ISP's can be (and likely are) RBL'd against. > 3 > If they were, I wouldn't be getting the spam. :-)   E Then either you are using the wrong RBL's, or you are not RBL-ing the % entire offending ISP's address space.   K > > Sometimes it's not the money, but the expense.  Chasing and terminating H > > spammers takes time and effort.  Then they just get a new account orI > > you end up with a new batch.  Eventually, it just cost less to ignore  > > it.  > I > Unless you made them sign a contract in the first place that had severe  > financial penalties.  C But that didn't work.  Unless you require ALL ISP's to do that, and E again that's a "social contract" you're not going to get all ISP"s to G adhere to.  However, you can RBL their address space until they do.  Or = whitelist (which helps but doesn't elimitate the issue due to 
 Job-jobbing).   J > > But how do you reject it at the source?  You get a customer to sign anF > > AUP?  As I mentioned, we've already gone through that whack-a-mole. > > tactic of dealing with spammers years ago. > D > But the AUP's they signed in most cases included no penalty beyondG > loosing your account.  They need to carry serious financial penalties * > as money is all anyone understand today.  E You seem to honestly think that will work, since you continue to come F back to that.  It doesn't work because you are either not punshing theG actual spammer, or the spammer just moves somewhere else or hides their  activities via other tactics.   F > > Exaclty - if a spammer spams through your mail server, and it getsJ > > blocks (i.e. you socially disagree to accept their email traffic), allH > > your customers are punished.  Not good for your business.  You can'tC > > stay in business when you treat all your customers like crooks.  > G > Under my system, one would assume that the peers would not need to be G > so draconian as to cut someone off on the first incident.  Of course, J > it would likely depend on how the originating site handled the incident.J > If they had in their AUP (agreed to as a contract so that the courts areI > an arbiter) something along the lines of a $1000 fine for each incident D > of SPAM sent by the customer and they enforced it, it wouldbe veryF > un-profitable to end spam and there would be little if any chance ofH > not getting caught.  Thus removing the greatest incentive to spamming.  F Okay, your zombied PC is invovled in a spam run.  Are you going to pay> the $1,000 fine?  A 0-day exploit is found in your system, andF overnight you send out 1,000,000 spams.  You get the bill.  Do you pay it?   K > > No, it has to be.  There is just too much damage via phishing, identify J > > theft, DDoS, and more to allow hundreds of thousands of Billy boxes onH > > the network.  The cost is too high, and currently Microsoft does notG > > have the pressure to to substantially fix it, despite the financial H > > loss caused by zombied machines.  Either they need to be hardened orD > > more isolated.  Maybe Microsoft can't do it, but eventually someC > > government or business is going to take a huge loss (probably a ? > > lawsuit) due to damage caused by one or more Windows boxes.  > G > Sorry, but I don't believe this will happen until MS runs it's course ( > and is supplanted by something better.  @ I can only hope.  Maybe Linux, since there seems to be much moreF security and less abuse of Linux systems out there.  I've only had twoG times ever where a Linux box on my network has been exploited (and even G then, the exposure was limited) - one by a XML PHP script one a friends G web server (which the fix are readily available) and a SSL V2 flaw many 
 years ago.  F Like I said, perhaps when companies and people start dropping MS afterD that potential huge Multi-Mil-$ class-action lawsuit, we'll see some5 REALLY serious action from MS on "Trusted Computing".   F > > Eventually, someone is going to get an identity theft class-actionH > > lawsuit against a company, and will win because they can demonstrateJ > > that the data on their Windows boxes was exploited because they eitherK > > didn't update their virus definitions enough, or missed a service pack.  > J > But you just gave the best defense.  The user "didn't update their virusJ > definitions enough, or missed a service pack" and thus, it was their own > fault.  B You don't see it, do you?  The COMPANY missed a service pack/virusA update.  The USERS data was on the COMPANY's computer.  Jury will C probably award large damages.  Company will review putting critical $ data on MS software, as will others.  F > > And frankly, I was around in the old Usenet days, too, but I never@ > > signed an AUP to prevent me from spamming or any such thing. > L > What's your point?  Back in those days there were machines on the DARPANETH > that didn't even have passwords.  Society in general was different andF > among the computer community in particular.  Draconian AUP's weren'tI > needed.  Of course, people also used to leave their cars and even their ; > houses unlocked, too.  I can't hink of many who still do.   D Exactly.  Pandora's box has been openned.  Things that worked in theF good old days just don't apply anymore and/or don't scale well.  AfterA all, that's why DNS was born, since even in the early DARPA days, 1 propogating a /etc/hosts wasn't feasible anymore.   J > >                                                              Email wasA > > just a poor medium to spam, so it wasn't used that way.  Your F > > "original Usenet days" weren't socially or technically better than1 > > before, just not viewed as a target of abuse.  > G > I disagree.  I think they were better socially.  The lack of Spam was H > probably more due to the limited social coverage nature of the medium.  B Society has scammers, cons, thieves, and more.  D/ARPANET wasn't aG target since there wasn't enough volume to be worth it.  Now instead of @ thousands of people, it's millions of people.  Not just research@ scientists and Computer Science students.  It's kids, grandma's,= executives, homeless - and the best and worst of all of them.   H > >                                                Usenet News was whereE > > the spamming problem started due to it's more "broadcast" nature. C > > E-mail didn't become prevelent until the middle 1990's once the A > > Internet started to gain mindshare and more people had e-mail  > > (Compuserve, Prodigy, AOL).  > G > There were lots of different Email systems in the past, USENET, FIDO, D > Bitnet, etc.  And then there were the commercial services like youH > mention, although Prodigy and AOL were latecommers.  there was TELENETK > and TYMNET.  But what was lacking technically was the computing resources ; > and the conduit to handle the volume needed for spamming.   F Not just the volume, but the target-rich environment.  How many peopleG used to have e-mail 20 years ago?  FAXes where the big thing back then. =  But they had a "spamming" problem of their own, didn't they? B Something the Telecommunication Protection Act of 1991 had to helpC solve.  Well, it didn't so much, since the FCC had many forfeitures D even as lately as a few of years ago with fax.com and American Blast Fax.  - Same scum, just adapting to newer technology.   J > > Your sysadmin choice of social "trusts" have been implmented by publicD > > and private RBL lists, spamassasin, Bayesian and other filteringI > > methods, but most can't just whitelist the rest of the world, either, G > > since many people NEED to be contacted by previously unknown places I > > (i.e. me).  And until you get that first spam (or subscribe to an RBL J > > or other service to look at it for you), you really can't tell if it's
 > > spam yet.  > E > As I said, RBL's is not a trusted host relationship it is trying to F > put the responsibility on a third party and after the fact.  That isG > a system destined to fail.  It must be stopped at the point of origin F > and before the fact.  It must be proactive and not reactive in orderI > to work.  If it is reactive, there are just too many potential spammers  > to deal with.   G Sure it's a trust relationship.  You trust the RBL to help you validate 9 the sender is not a likely spammer.  Much like 3-rd party - authentication is commonly done with SSL/TLS.   G But as I've mentioned, you can't stop the "point of origin" due to much D of the fraud and unauthorized use of zombied PC's, open proxies, andF various software exploits curerntly in use.  Since often, the ReceivedB header you track either is fradulent, or only gets you back to the> exploited system - not back the the actual spammer in control.  G The problem is oh-so-much bigger than just getting Ma Kettle to sign an C AUP saying she won't spam.  She won't, but that doesn't mean her PC , won't be an unwitting accomplice to the act.  H > > But as the whack-a-moles at ISP's worked (socially terminating their% > > connectivity for AUP violations),  > 2 > More agressive penalties are needed in the AUP!!  E But you can't require that, nor can you be assured that the penalties ' actually punish the spammer in control.   J > >                                   spammers just used different tricks,! > > like third party SMTP relays,  > F > You don't relay.  Oh, and did I mention that my proposal doesn't use > SMTP.  :-)  B No, you didn't mention that.  So how do you get the whole world toA switch to your protocol, and why is it unable to be exploited any  differently than SMTP has?  D > >                               exploitation of WinGate firewalls, > F > Not sure what that means, but I'll bet it relies on SMTP to send the- > mail from the attacked machine.  See above.  > ' > > exploitation of formmail.pl scripts  > E > Well, I won't even go into the potential security problems with any D > PERL or PHP scripts, but I can tell you that I was able to win the? > battle here to not allow the mail function on our web server.  > K > >                                      (which I have a spammer attempting @ > > to do that off the Hobbyist web form for the past few days -G > > topcopl2@aol.com), abuse of SOCKS4 proxies, and the growing tide of 
 > > bot-nets.  > J > I'll bet all of these depend on SMTP as the underlying protocol and they > also don't care who connects.  > D > >           And forget just e-mail, IM spamming and web forum/blog% > > spamming is on the increase, too.  > J > They were never truly useful anyway, so I really don't care. I am trying9 > to salvage Email, let someone who cares fix the others.  > I > >                                    The problem is whatever the social J > > contracts are, the spammers will violate them and bypass them, as theyI > > have for years.  Spammers have been fined, sued, terminated, blocked, I > > and more (which is about as strong of a social solution statement you & > > can make), yet they still persist. > H > Sorry, I have never heard of any spammer who has been held financially= > liable for his actions.  Please provide some real examples.   B Read the news.  An owner of a bot-net recently got some jail time.B Even back in the mid-90's Sanford Wallce lost a lawsuit to AOL for> spamming.  Several states (Washington State for one) have alsoA prosocuted and won, too.  You honestly haven't heard about any of E these?  Just read Slashdot or The Register on occasion.  Or read some ' archives of news.admin.net-abuse.email.   I > > There is no one solution.  There may not be a solution.  But you also G > > can't turn back the clock to the good ole days, either.  Profiteers G > > will try anything they can to exploit the system for a measly buck.  > J > Or we can just sit here and let the bastards win.  Sorry, I would ratherG > try to convince people in a position to do something that the time is  > ripe for fixing things.   E So, appearently you don't use SMTP, and you have to sign an agreement A with someone somewhere.  Well, I guess it's a start, but how many B people do you have buy in on this so far?  And exactly how does myD email get from my server to your server when whatever paper work you5 require is done?  And how is it not subject to abuse?   D Part of the problem of your solution is that it requires cooperation@ from a rather large number of ISP's and admins, several softwareD developers, deployment across hundreds of thousands of servers.  AndC that's going to take some big doing and demonstration that what you F propose WILL work.  So I think I might need to hear a little more than@ "Oh, and did I mention that my proposal doesn't use SMTP.  :-)".   ------------------------------    Date: 24 Nov 2006 22:32:45 -0600- From: Kilgallen@SpamCop.net (Larry Kilgallen) 5 Subject: Re: increase in spam and what to do about it 3 Message-ID: <HE1wJgr18seM@eisner.encompasserve.org>   A Some of the solutions described in this discussion are listed at:   4 	http://www.rhyolite.com/anti-spam/you-might-be.html   --  N ==============================================================================0 DoD Instruction 8500.2 field test sites wanted -- 	http://www.LJK.com/LJK/8500_2_fieldtest.html N ==============================================================================   ------------------------------    Date: 24 Nov 2006 11:38:50 -0800& From: "Mister Q" <pquodling@gmail.com>( Subject: Re: OpenVMS Clustering QuestionA Message-ID: <1164397130.626717.36680@m7g2000cwm.googlegroups.com>   F I don't know who is spinning you that BS. Cerner have been a long time1 VMS Shop and should be very VMS Cluster aware....     G MOreover, there is nothing special in AIX, that would do this, that VMS 	 wouldn't.      q      M White wrote: > Thanks JF and Mister Q.  > N > I was afraid that was still the answer(s) I suspected. I'm in a shop runningL > Cerner, and Oracle connected via IBM's MQ.  Supposedly if this was running, > on AIX and automated failover is possible. >  > Thanks again.  > < > "JF Mezei" <jfmezei.spamnot@teksavvy.com> wrote in message2 > news:6d1$4563e729$cef8887a$28827@TEKSAVVY.COM... > > M White wrote:L > > > It's been awhile since I worked with OpenVMS clustering.  Do they have > it   ------------------------------    Date: 24 Nov 2006 22:30:55 -0600- From: Kilgallen@SpamCop.net (Larry Kilgallen) ( Subject: Re: OpenVMS Clustering Question3 Message-ID: <llgdWbNjAawa@eisner.encompasserve.org>   f In article <4567B021.E2DEEFC7@spam.comcast.net>, David J Dachtera <djesys.no@spam.comcast.net> writes: > M White wrote: >>  L >> It's been awhile since I worked with OpenVMS clustering.  Do they have itM >> now so if one node goes down the processes on the downed node get switched M >> to the remaining node(s) without manually logging into the remaining node?  > D > If you can develop that technology, you'll be the next Bill Gates.  2 But who would _want_ to be a marketing charlatan ? --  N ==============================================================================0 DoD Instruction 8500.2 field test sites wanted -- 	http://www.LJK.com/LJK/8500_2_fieldtest.html N ==============================================================================   ------------------------------  % Date: Fri, 24 Nov 2006 14:58:15 -0600 . From: "Dave Gudewicz" <dlgudewicz@comcast.net>6 Subject: Re: Oracle 9i and VMS multihome configuration: Message-ID: <Y66dnQwbQol6wfrYnZ2dnUVZ_sqdnZ2d@comcast.com>  6 "Syltrem" <syltremzulu@videotron.ca> wrote in message ) news:12memi9sm9qk61@corp.supernews.com...  > 7 > "DaveG" <david.gudewicz@abbott.com> wrote in message  > > news:1164382192.355000.183780@m7g2000cwm.googlegroups.com... > Syltrem wrote:G >> "DaveG" <david.gudewicz@abbott.com> a crit dans le message de news: ; >> 1164213396.764195.190120@j44g2000cwa.googlegroups.com... G >> > We recently enabled and started failSAFE IP ( 2 NICs ) on an Alpha K >> > v7.3-2 (patches up to date) system.  This system runs Oracle 9i and it I >> > seems that Oracle only sees one of the 2 active IP addresses on this H >> > system, as it did before we enabled the second NIC and failSAFE IP.J >> > Seems like failSAFE IP is not the issue here, but I include it in theF >> > description for completeness.  failSAFE IP seems to be working asK >> > advertised (nice feature btw) and our DNS servers have been updated to K >> > include the second IP address.  The Oracle listener has been restarted 3 >> > and Oracle is not aware of the second address.  >> >H >> > Other people here have a call in to Oracle support, but while we'reJ >> > waiting for a reply, I thought I'd ask here and discover if anyone isJ >> > running a similar configuration.  My guess is that Oracle needs to beI >> > configured in some way to see both NICs/ IP addresses, but not being : >> > Oracle savy, I haven't a clue how that might be done. >> > >> > Dave... >> > >>4 >> You say that Oracle does not see the 2nd address.4 >> In what is this a problem? Pls explain the issue. >>I >>In this dual homed configuration, we simply want Oracle to utilize both  >>IP addresses.  >>% >>> Are you running on a single node?  >>+ >>Yes, single node for now.  Cluster later.  >>E >>> Are you trying to start the listener or connect to the database ?  >>H >>Starting the listener and connecting to the database (with original IP >>address) are working fine. >>$ >>> What kind of problem do you see? >>H >>Original IP address connection is fine, second IP address seems not to= >>be working with Oracle, I'm told by our application people.  >>F >>> And also explain what you are trying to accomplish by having 2 IP  >>> addresses. >>G >>Load balancing (use both IP address) and failSAFE IP, no single point 
 >>of failure.  >> >>>  >  > Hi >  > Still unsure I understand " > Single machine, 2 ip addresses ?: > If the machine is gone, how would a 2nd IP address help?  M Won't help if the machine is gone, but if the network switch that one of the  L NICs is connected to fails, or one NIC goes bad or someone unplugs a cable, A then the other one takes over.  That's what failSAFE IP provides.   J > You say you have 2 Oracle homes. All that on a single node or different ! > machines of which only 1 is up?   M Didn't say there were 2 Oracle homes.  The machine with 2 NICs is considered   multi-homed.  1 > Sorry it must be too late on a Friday afternoon   M Late for me too and in the States, yesterday (Thanksgiving) and today are no   work days for many.   0 > Here is what I have, maybe it helps maybe not:J > 2 nodes (in a cluster but it does not really matter for ip connectivity) > 2 listeners, one on each node M > the oracle instance is running on one of the nodes (only one set of oracle   > licenses)  > clients may be anywhere  > K > If the node that has the oracle instance dies (hw failure) I restart the  I > database on the other node (thanks to vmscluster, no restore required). J > clients can still connect because I have 2 lines in my TNSNAMES.ORA for  > each service >  > MYDB = >  (DESCRIPTION =  >    (ADDRESS_LIST => >      (ADDRESS = (PROTOCOL = TCP)(HOST = NODEA)(PORT = 1521))> >      (ADDRESS = (PROTOCOL = TCP)(HOST = NODEB)(PORT = 1521)) >    ) >    (CONNECT_DATA = >      (SERVICE_NAME = MYDB) >      (SERVER = SHARED) >    ) >  ) > H > Oracle client will first try on NODEA, if it does not respond then it  > tries on NODEB > C > Of course if NODEA is alive but the listener on that node is not  K > responding, it will take a moment until it gives up and tries for NODEB.  K > But this is taken care of by ip aliases. The IP aliases are also used by  K > clients to locate the listener - clients do not call a specific node but   > the alias.M > The node that has "the handle" on the alias will answer. If that node goes  3 > down the oter node will take over the alias name.  > M > I`m still unsure how you have your 2 oracle homes setup but if they are on  M > separate nodes, the only difference with me is that you`ll need to restore  I > the database files on NODEB when NODEA fails, or you need some kind of   > replication mechanism or RAC.  >   I We do not have 2 Oracle homes.  Sorry again for the confusion, but we do   have 2 NICs on the machine.    > HTH  > 	 > Syltrem  >  >   J Thanks and I think Malcolm is pointing us in the right direction with his 
 earlier post.    Dave...    ------------------------------  % Date: Fri, 24 Nov 2006 17:05:58 -0500 - From: JF Mezei <jfmezei.spamnot@teksavvy.com> 6 Subject: Re: Oracle 9i and VMS multihome configuration8 Message-ID: <eba9b$45676ca5$cef8887a$11423@TEKSAVVY.COM>   DaveG wrote:I > In this dual homed configuration, we simply want Oracle to utilize both  > IP addresses.   J The trick is to listen to 0.0.0.0 and then, the app automatically listens I to any/all interfaces on that system. (this is especially important when  D you have the no-longer-supported cluster alias which may be created K dynamically when a node takes that responsability (creates a new interface  ( on that node with the cluster alias IP).   ------------------------------  % Date: Fri, 24 Nov 2006 21:01:08 -0600 3 From: David J Dachtera <djesys.no@spam.comcast.net> 6 Subject: Re: Oracle 9i and VMS multihome configuration0 Message-ID: <4567B1F4.2A1DD7F9@spam.comcast.net>   DaveG wrote: > D > We recently enabled and started failSAFE IP ( 2 NICs ) on an Alpha% > v7.3-2 (patches up to date) system.    What version of UCX?  P Note that in V5.4 ECO-5, failSAFE IP is broken in a major way. V5.4-6 seems much better.   G Watch out for round-robin-ing within subnets: if, for example, EWA-0 is O 10.10.1.6 and EWA-1 is 10.10.1.7, both go to different physical routes, and one J loses connectivity above layer-2, failSAFE IP will not detect this and the( entire subnet becomes unstable/unusable.   --   David J Dachtera dba DJE Systems  http://www.djesys.com/  & Unofficial OpenVMS Marketing Home Page! http://www.djesys.com/vms/market/   ( Unofficial Affordable OpenVMS Home Page: http://www.djesys.com/vms/soho/   " Unofficial OpenVMS-IA32 Home Page: http://www.djesys.com/vms/ia32/   ) Unofficial OpenVMS Hobbyist Support Page: " http://www.djesys.com/vms/support/   ------------------------------  + Date: Sat, 25 Nov 2006 02:01:24 +0000 (UTC) 7 From: moroney@world.std.spaamtrap.com (Michael Moroney) = Subject: Re: Thoughts on the book: DEC is dead, long live DEC ( Message-ID: <ek885k$2um$1@pcls6.std.com>  # "Ian Miller" <gxys@uk2.net> writes:   0 >Cobra had five scsi buses and turbochannel too!> >I've got one that's still running (VMS V7.3-2) as a test box.  D That's the one that's I'm talking about.  Four of the SCSI buses can
 be DSSI, too.    ------------------------------   End of INFO-VAX 2006.648 ************************