host name resolution in dba_network_acls

All we need is an easy explanation of the problem, so here it is.

When you create an ACL with:

BEGIN
 DBMS_NETWORK_ACL_ADMIN.APPEND_HOST_ACE
 (
 host => 'subdomain.acme.com',
 lower_port => 10000,
 upper_port => 65535,
 ace => xs$ace_type(privilege_list => xs$name_list('jdwp'),
 principal_name => 'myusername',
 principal_type => xs_acl.ptype_db)
 );
END;
/

and then a client tells Oracle to connect to a numeric ip address will Oracle use name resolution to match the host name with the ip address and if so, in which direction? Will Oracle try to make a reverse lookup for the ip address and compare the host names or will it make a domain name lookup and compare the ip addresses?

How to solve :

I know you bored from this bug, So we are here to help you! Take a deep breath and look at the explanation of your problem. We have many solutions to this problem, But we recommend you to use the first method because it is tested & true method that will 100% work for you.

Method 1

The host in the ACL must match the host in the PL/SQL program attempting to make the connection. oracle will not resolve hostname to IP or vice versa when applying the ACL. – pmdba

Note: Use and implement method 1 because this method fully tested our system.
Thank you 🙂

All methods was sourced from stackoverflow.com or stackexchange.com, is licensed under cc by-sa 2.5, cc by-sa 3.0 and cc by-sa 4.0

Leave a Reply