September 5, 2019

SCAN in Oracle RAC

Single Client Access Name (SCAN) in Oracle RAC

Oracle RAC 11g release 2 introduces the Single Client Access Name (SCAN), which provides a single name for clients to access Oracle Databases running in a cluster and simplify the database connection strings that an Oracle Client uses to connect.

Without SCAN, till Oracle Clusterware 11g release 1, TNSNAMES has 1 entry per node.

RACDB =
  (DESCRIPTION =
    (ADDRESS = (PROTOCOL = TCP)(HOST = node1-vip)(PORT = 1521))
    (ADDRESS = (PROTOCOL = TCP)(HOST = node2-vip)(PORT = 1521))
     . . .
    (ADDRESS = (PROTOCOL = TCP)(HOST = nodeN-vip)(PORT = 1521))
    (CONNECT_DATA = 
     . . . ))

With every cluster change, like node addition or removal, all client TNSNAMES need to be changed.
With SCAN, from Oracle Clusterware 11g release2, only 1 entry per cluster is used, regardless of the number of nodes.

RACDB =
  (DESCRIPTION =
    (ADDRESS = (PROTOCOL = TCP)(HOST = SCANname)(PORT = 1521))
    (CONNECT_DATA = 
     . . . ))

Single Client Access Name (SCAN) - eliminates the need to change TNSNAMES entry when nodes are added to or removed from the Cluster. RAC instances register to SCAN listeners as remote listeners. Oracle recommends assigning 3 addresses to SCAN, which will create 3 SCAN listeners, though the cluster has got dozens of nodes. SCAN is a domain name registered to at least one and up to three IP addresses, either in DNS (Domain Name Service) or GNS (Grid Naming Service). The SCAN must resolve to at least one address on the public network. For high availability and scalability, Oracle recommends configuring the SCAN to resolve to three addresses.

SCAN components in a cluster:
  • SCAN Name
  • SCAN IPs (3)
  • SCAN Listeners (3)

Public network addresses are used to provide services to clients. If clients are connecting to the Single Client Access Name (SCAN) addresses, then we may need to change public and virtual IP addresses as we add or remove nodes from the cluster, but you do not need to update clients with new cluster addresses. SCANs function like a cluster alias. SCANs are resolved on any node in the cluster, so unlike a VIP address for a node, clients connecting to the SCAN no longer require updated VIP addresses as nodes are added to or removed from the cluster. Because the SCAN addresses resolve to the cluster, rather than to a node address in the cluster, nodes can be added to or removed from the cluster without affecting the SCAN address configuration.

Oracle Database 11g release 2 (11.2) instances only register with SCAN listeners as remote listeners. Databases register with SCAN listeners as remote listeners, and also continue to register with all node listeners. It's highly recommended that the clients are Oracle 11g R2 or later version clients, to allow them to fully take advantage of the failover with the SCAN settings.

Because of the Oracle Clusterware installation requirement that we provide a SCAN name during installation, if we resolved at least one IP address using the server /etc/hosts file to bypass the installation requirement, but we do not have the infrastructure required for SCAN, after the installation, we can ignore the SCAN and connect to the databases in the cluster using VIPs. Oracle does not support removing the SCAN address. Oracle recommends that we should not configure SCAN IP addresses in the hosts file. But if we use the hosts file to resolve SCAN name, we can have only one SCAN IP address.

Each cluster will have 3 SCAN-Listeners, combined with a SCAN-VIP defined as cluster resources. The root.sh script automatically configures the Single Client Access Name (SCAN) VIPs and SCAN listeners. When we run root.sh on the first node, all 3 scan IPs are plugged on to the first node’s public interface. The SCAN VIP/LISTENER combination will failover to another node in the cluster, if the current node fails. SCAN VIP addresses must be on the same subnet as virtual IP addresses and public IP addresses.

Cluster Resources
--------------------------------------------
ora.LISTENER_SCAN1.lsnr 1  ONLINE  ONLINE       node1
ora.LISTENER_SCAN2.lsnr 1  ONLINE  ONLINE       node2
ora.LISTENER_SCAN3.lsnr 1  ONLINE  ONLINE       node3

Domain Name Service (DNS)
The SCAN is a fully qualified name (hostname+domain) that is configured to resolve to all the addresses allocated for the SCAN. The addresses resolve using Round Robin DNS either on the DNS server, or within the cluster in a GNS configuration. SCAN listeners can run on any node in the cluster. SCANs provide location independence for the databases, so that client configuration does not have to depend on which nodes run a particular database.

To use the DNS method for defining SCAN, the network administrator must create a single name that resolves to 3 separate IP addresses using round-robin algorithms. Regardless of how many systems are part of cluster, Oracle recommends that 3 IP addresses are configured to allow for failover and load-balancing. SCAN Name needs to be registered in DNS and resolved using round-robin algorithm. To test the round-robin algorithm, perform nslookup on the SCAN Name. The DNS server should return those 3 set of IP Address in different order each time.

It is important that the IP addresses are on the same subnet as the public network for the server. The other two requirements are that the name (not including the domain suffix) are 15 characters or less in length and that the name can be resolved without using the domain suffix. Also, the IP addresses should not be specifically assigned to any of the nodes in the cluster.

Grid Naming Service (GNS)
Grid Naming Service (GNS) is a new feature introduced in Oracle RAC 11g R2.  

As part of the Grid Infrastructure installation process, optionally we can also provide Grid Naming Service (GNS) information, which includes the GNS Sub Domain Name and the GNS VIP Address.

Using GNS assumes that a DHCP server is running on the public network with enough available addresses to assign the required IP addresses and the SCAN VIP. Only one static IP address is required to be configured and it should be in the DNS domain.

Oracle Clusterware 11g release 2 (11.2) supports the use of Dynamic Host Configuration Protocol (DHCP) for the VIP addresses and the SCAN address, but not the public address. DHCP provides dynamic configuration of the host's IP address, but it does not provide an optimal method of producing names that are useful to external clients. When using GNS and DHCP, Oracle Clusterware configures the VIP addresses for the SCAN name that is provided during cluster configuration. The node VIP and the three SCAN VIPs are obtained from the DHCP server when using GNS. If a new server joins the cluster, then Oracle Clusterware dynamically obtains the required VIP address from the DHCP server, updates the cluster resource, and makes the server accessible through GNS.

Summary of points about SCAN:
  • SCAN Name will represent the cluster in the network. 
  • SCAN used by clients to connect to any database in the cluster.
  • SCAN is a GSD resource, which is managed by CRS.
  • SCAN provides a single domain name (via DNS), allowing end-users to address a RAC cluster as-if it were a single IP address.
  • Removes the requirement to change the client connection if cluster changes.
  • Load balances across the instances providing a service. SCAN listener selects least loaded node.
  • SCAN requires a DNS entry or GNS to be used.
  • SCAN is an alternative to the transparent application failover (TAF) for automatic load balancing.
  • Provides failover between instances.
  • SCAN VIP/LISTENER will failover to another node in the cluster.
  • Clients do not require VIP information.
  • Must resolve to at least one address on the public network.
  • SCAN provides location independence for the databases.
  • Allow clients to use EZConnect or JDBC connections.
  • SCAN Listener would forward the request to local listener that’s running on VIPs.
  • Each cluster will have 3 SCAN listeners, each having a SCAN VIP defined as cluster resources.
  • Instance registers with local listener on its node. Database “REMOTE_LISTENER” registers instances with all SCAN listeners.
  • SCAN listeners on each node in the cluster, which are not replacements for a regular listener.
  • PMON process of each instance registers the database services with the default listener on the local node and with each SCAN listener, which is specified by the REMOTE_LISTENER database parameter.
  • Client queries DNS to resolve to SCAN.

SCAN (Single Client Access Name) commands in Oracle RAC

cluvfy comp scan -> Use the cluvfy comp scan component verification command to check the Single Client Access Name (SCAN) configuration.

crsctl status resource -w "TYPE = ora.scan_listner.type"

SCAN:
srvctl add scan -n scan_name [-k network_number] [-S subnet/netmask[/if1[|if2|...]]]
#srvctl add scan -n scan.mycluster.example.com   -- Adds new SCAN information for a cluster

srvctl remove scan [-f]   -- Removes SCAN information
srvctl remove scan
srvctl remove scan -f

srvctl start scan [-i ordinal_number] [-n node_name]
srvctl start scan
srvctl start scan -i 1 -n node1

srvctl stop scan [-i ordinal_number] [-f]
srvctl stop scan
srvctl stop scan -i 1

srvctl status scan [-i ordinal_number]
srvctl status scan
srvctl status scan -i 1

srvctl enable scan [-i ordinal_number]
srvctl enable scan
srvctl enable scan -i 1

srvctl disable scan [-i ordinal_number]
srvctl disable scan
srvctl disable scan -i 3

srvctl config scan [-i ordinal_number]   -- Shows the current SCAN configuration
srvctl config scan
srvctl config scan -i 2

srvctl modify scan -n scan_name
srvctl modify scan -n scan1
-- Modifies SCAN information (used when changing SCAN to DNS after initially using /etc/hosts)

srvctl relocate scan -i ordinal_number [-n node_name]
srvctl relocate scan -i 2 -n node2

ordinal_number=1,2,3 --> this refers to the SCAN VIPs

Scan_listener:
srvctl add scan_listener [-l lsnr_name_prefix] [-s] [-p "[TCP:]port_list[/IPC:key][/NMP:pipe_name][/TCPS:s_port] [/SDP:port]"]
#srvctl add scan_listener -l myscanlistener   -- Adds a new SCAN listener for a cluster on the default port of 1521
#srvctl add scan_listener -p 1565         -- Adds a new SCAN listener on a different port

srvctl remove scan_listener [-f]
srvctl remove scan_listener        -- Removes the SCAN listener
srvctl remove scan_listener -f

srvctl start scan_listener [-n node_name] [-i ordinal_number]
srvctl start scan_listener

srvctl stop scan_listener [-i ordinal_number] [-f]
srvctl stop scan_listener
srvctl stop scan_listener -i 3

srvctl status scan_listener [-i ordinal_number]
srvctl status scan_listener
srvctl status scan_listener -i 1

srvctl enable scan_listener [-i ordinal_number]
srvctl enable scan_listener
srvctl enable scan_listener -i 2

srvctl disable scan_listener [-i ordinal_number]
srvctl disable scan_listener
srvctl disable scan_listener -i 1

srvctl config scan_listener [-i ordinal_number]  -- Shows the existence and port numbers for the SCAN listeners
srvctl config scan_listener
srvctl config scan_listener -i 3

srvctl modify scan_listener {-p [TCP:]port[/IPC:key][/NMP:pipe_name] [/TCPS:s_port][/SDP:port] | -u }
srvctl modify scan_listener –u -- Modifies the SCAN listener information to match the new SCAN VIP information
srvctl modify scan_listener -p 1521

srvctl relocate scan_listener -i ordinal_number [-n node_name]
srvctl relocate scan_listener -i 1

ordinal_number=1,2,3

GNS (Grid Naming Service):
srvctl add gns -i ip_address -d domain
srvctl add gns -i 192.124.16.96 -d cluster.mycompany.com

srvctl remove gns [-f]
srvctl remove gns

srvctl start gns [-l log_level] [-n node_name]

srvctl stop gns [-n node_name [-v] [-f]
srvctl stop gns

srvctl status gns [-n node_name]
srvctl status gns

srvctl enable gns [-n node_name]
srvctl enable gns

srvctl disable gns [-n node_name]
srvctl disable gns -n devnode2

srvctl config gns [-a] [-d] [-k] [-m] [-n node_name] [-p] [-s] [-V] [-q name] [-l] [-v]
srvctl config gns -n lnx03

srvctl modify gns [-i ip_address] [-d domain]
srvctl modify gns -i 192.100.010.007

srvctl relocate gns [-n node_name]
srvctl relocate gns -n node2

Related Oracle Articles:  Virtual IP (VIP) in RAC    srvctl commands RAC    cluvfy commands RAC    crsctl commands RAC


7 comments:

  1. Great article, really helped clear up my understanding.

    ReplyDelete
  2. Good article, it answered a question i had.

    ReplyDelete
  3. Great article.
    I have made a blog in which I have tried to explain the concept of service and VIP which will also help to understand SCAN well. https://oraclerds.blogspot.com

    ReplyDelete




  4. "that the name can be resolved without using the domain suffix". Is this specific to 11g2?
    I have a grid 12.1 RAC with 11g2 DBs, the SCAN will return a VIP without suffix (confirmed with tcpdump).
    On two other systems 18.x and 19.x the scan returns the FQDN.

    Thanks & great article!

    ReplyDelete