首页 » OGG » OGG-01022 Unknown N bytes message received & OGG-01223 Connection reset by peer

OGG-01022 Unknown N bytes message received & OGG-01223 Connection reset by peer

  • 2018/09/13
  • OGG
  • 940 views
  • OGG-01022 Unknown N bytes message received & OGG-01223 Connection reset by peer已关闭评论

最近查看OGG (12.2)的ggserr.log里出现了下面的信息,但是OGG进程还能正常工作, 相同时间段好几台DB ogg出现了相同的日志。

2018-09-12 09:40:48 INFO OGG-01022 Oracle GoldenGate Capture for Oracle, ext_a.prm: 
Unknown 308 bytes message received from [111.96.90.2]:3615:0 - 000000: 47 45 54 20 2f 20 48 54 54 50 2f 31 2e 31 0d 0a 
|GET / HTTP/1.1..|
000010: 48 6f 73 74 3a 20 31 33 33 2e 39 36 2e 36 30 2e |Host: 111.96.60.|
000020: 31 39 3a 37 38 34 31 0d 0a 41 63 63 65 70 74 2d |19:7841..Accept-|
000030: 43 68 61 72 73 65 74 3a 20 69 73 6f 2d 38 38 35 |Charset: iso-885|
000040: 39 2d 31 2c 75 74 66 2d 38 3b 71 3d 30 2e 39 2c |9-1,utf-8;q=0.9,|
000050: 2a 3b 71 3d 30 2e 31 0d 0a 41 63 63 65 70 74 2d |*;q=0.1..Accept-|
000060: 4c 61 6e 67 75 61 67 65 3a 20 65 6e 0d 0a 43 6f |Language: en..Co|
000070: 6e 6e 65 63 74 69 6f 6e 3a 20 4b 65 65 70 2d 41 |nnection: Keep-A|
000080: 6c 69 76 65 0d 0a 55 73 65 72 2d 41 67 65 6e 74 |live..User-Agent|
000090: 3a 20 4d 6f 7a 69 6c 6c 61 2f 34 2e 30 20 28 63 |: Mozilla/4.0 (c|
0000A0: 6f 6d 70 61 74 69 62 6c 65 3b 20 4d 53 49 45 20 |ompatible; MSIE |
0000B0: 38 2e 30 3b 20 57 69 6e 64 6f 77 73 20 4e 54 20 |8.0; Windows NT |
0000C0: 35 2e 31 3b 20 54 72 69 64 65 6e 74 2f 34 2e 30 |5.1; Trident/4.0|
0000D0: 29 0d 0a 50 72 61 67 6d 61 3a 20 6e 6f 2d 63 61 |)..Pragma: no-ca|
0000E0: 63 68 65 0d 0a 41 63 63 65 70 74 3a 20 69 6d 61 |che..Accept: ima|
0000F0: 67 65 2f 67 69 66 2c 20 69 6d 61 67 65 2f 78 2d |ge/gif, image/x-|
000100: 78 62 69 74 6d 61 70 2c 20 69 6d 61 67 65 2f 6a |xbitmap, image/j|
000110: 70 65 67 2c 20 69 6d 61 67 65 2f 70 6a 70 65 67 |peg, image/pjpeg|
000120: 2c 20 69 6d 61 67 65 2f 70 6e 67 2c 20 2a 2f 2a |, image/png, */*|
000130: 0d 0a 0d 0a |.... |.
2018-09-12 09:41:13 WARNING OGG-01223 Oracle GoldenGate Capture for Oracle, ext_a.prm: Connection reset by peer.
2018-09-12 09:41:15 WARNING OGG-01223 Oracle GoldenGate Capture for Oracle, ext_a.prm: Software caused connection abort.
2018-09-12 09:41:22 INFO OGG-01971 Oracle GoldenGate Capture for Oracle, ext_a.prm: The previous message, 'WARNING OGG-01223', repeated 1 times.

TIPs:

可以确认未信息包是从111.96.90.2 主机3615端口发送过来的,请求本地的7841端口,为本地OGG的replicate进程。 这样的错误通常是有网络端口扫描工具引起的,后期确认了该主机当时确是有安全扫描。 在tcperrs文件中检查了TCP错误行为,如果未在tcperr文件中定义错误,则默认行为是异常终止。Oracle 在MOS中描述了该错误。

[oracle@anbob1:/interface/ogg> rmsock f1000e007cd263b8 tcpcb
The socket 0xf1000e007cd26008 is being held by proccess 19661906 (replicat).

[oracle@anbob1:/interface/ogg> ps -ef|grep 19661906|grep -v grep
  oracle 19661906 24380914   0   Sep 09      -  5:52 /interface/ogg/replicat PARAMFILE /interface/ogg/dirprm/raccta01.prm REPORTFILE /interface/ogg/dirrpt/RACCTA01.rpt PROCESSID RACCTA01 USESUBDIRS
  oracle 21562930 19661906   0   Sep 09      -  0:13 oracleanbob1 (DESCRIPTION=(LOCAL=YES)(ADDRESS=(PROTOCOL=beq)))

Solution:

ORACLE还是非常的傲慢,当前的解决方法是安全扫描不应该扫描OGG的端口。从11.2.1.0.6开始只会写入ogg-1223的warning,但还是可以继续工作。但在之前的版本可能需要重启MGR进程。

Related Posts:

打赏

,

对不起,这篇文章暂时关闭评论。

上一篇:

下一篇: