1. Reference for Oracle GoldenGate
  2. Oracle GoldenGate Common Components
  3. Oracle GoldenGate Parameters
  4. RMTHOSTOPTIONS

RMTHOSTOPTIONS

Valid For

Passive Extract

Description

Use the RMTHOSTOPTIONS parameter to control attributes of a TCP/IP connection made between an Extract group running in PASSIVE mode on a less trusted source to a target system in a more secure network zone. This parameter controls compression, data encryption, buffer attributes, streaming, and the wait period for a connection request. It also can be used to set Collector parameters.

This parameter differs from the RMTHOST parameter because it does not provide the host information needed to establish a remote connection. When Extract is running in PASSIVE mode, all connections between source and target are established by an alias Extract group on the target.

All parameter options must be specified in one RMTHOSTOPTIONS statement. If multiple RMTHOSTOPTIONS statements are used, the last one in the parameter file is used, and the others are ignored. RMTHOSTOPTIONS overrides any RMTHOST statements in the file.

See RMTHOST for additional information about supported IP protocols.

The RMTHOST and RMTHOSTOPTIONS parameters can be specified together; the RMTHOST parameter is not required for RMTHOSTOPTIONS if the dynamic IP assignment is properly configured. When RMTHOSTOPTIONS is used, the MGRPORT option is ignored.

Default

None

Syntax

RMTHOSTOPTIONS
[, COMPRESS]
[, COMPRESSTHRESHOLD]
[, ENCRYPT algorithm [KEYNAME key_name]]
[, PARAMS collector_parameters]
[, STREAMING | NOSTREAMING]
[, TCPBUFSIZE bytes]
[, TCPFLUSHBYTES bytes]
[, TIMEOUT seconds]
COMPRESS

Compresses outgoing blocks of records to reduce bandwidth requirements. Oracle GoldenGate decompresses the data before writing it to the trail. COMPRESS typically results in compression ratios of at least 4:1 and sometimes better. However, compressing data can consume CPU resources.

COMPRESSTHRESHOLD

Sets the minimum block size for which compression is to occur. Valid values are from 0 and through 28000. The default is 1,000 bytes.

ENCRYPT algorithm [KEYNAME key_name]

Encrypts the data stream sent over TCP/IP to the target system. This option supports the following encryption options:

  • Master key and wallet method: Generate a one-time AES key to encrypt the data across the TCP/IP network. Then, the one-time key is encrypted by the master-key and stored in the trail file header.

  • ENCKEYS method: Generate an AES encryption key, store it under a given name in an ENCKEYS file, and configure Oracle GoldenGate to use that key to directly encrypt the data across the TCP/IP network.

algorithm

Specifies the encryption algorithm to use:

  • AES128 uses the AES-128 cipher, which has a key size of 128 bits. AES128 is the default if no algorithm is specified.

  • AES192 uses the AES-192 cipher, which has a key size of 192 bits.

  • AES256 uses the AES-256 cipher, which has a key size of 256 bits.

  • BLOWFISH uses Blowfish encryption with a 64-bit block size and a variable-length key size from 64 bits to 128 bits. Use BLOWFISH for backward compatibility with earlier Oracle GoldenGate versions and for Oracle GoldenGate installations for DB2 on z/OS. BLOWFISH is the only supported encryption method. Use AES where supported because it is more secure than BLOWFISH for those platforms.

    Set the path as follows:

    • Linux: Specify the path as an entry to the LD_LIBRARY_PATH. For example: 

      setenv LD_LIBRARY_PATH ./lib:$LD_LIBRARY_PATH

    • For Solaris: Specify the path as an entry to the SHLIB_PATH variable.

    • For IBMi and AIX: Specify the path as an entry to the LIBPATH variable.

    • Windows: Add the path to the PATH variable.

    You can use the SETENV parameter to set the library as a session variable for the process.

KEYNAME key_name

Specifies that the ENCKEYS method of encryption will be used. Not valid for the master key and wallet method. For key_name, specify the logical name of the user-defined encryption key. Oracle GoldenGate uses the key name to look up the actual key in the ENCKEYS lookup file. To use the ENCKEYS method, you must:

  • Generate the encryption key.

  • Store it in an ENCKEYS lookup file.

  • Copy ENCKEYS to every system where encryption or decryption (or both) are performed.

PARAMS collector_parameters

Specifies Collector parameters on a NonStop target system.

Note:

Do not specify a Collector port (-p argument) if Manager will be starting Collector dynamically.

For more information about Collector parameters on the NonStop platform, see Reference Guide for Oracle GoldenGate for HP NonStop (Guardian).

STREAMING | NOSTREAMING

Controls TCP/IP streaming.

STREAMING

Enables the asynchronous internet streaming protocol and is the default. In STREAMING mode, the receiver (Collector) does not send an acknowledgment to the sender (primary Extract or data pump) for any data packet unless the packet contains a flag requesting a response, typically when the sender must checkpoint or determine a write position. Because this method omits acknowledgments, the sender or receiver process terminates if there is a network disruption; therefore, when using STREAMING, use the AUTORESTART parameter in the Manager parameter file to restart Extract and Collector if they terminate.

NOSTREAMING

Enables the synchronous internet protocol. In NOSTREAMING mode, the sender sends a packet and then waits for the receiver to acknowledge it, before sending the next packet. This method is more reliable, because it enables the sender or receiver process to recover if there is a network disruption.

Extract falls back to the synchronous protocol automatically if the host system of the receiver process is not configured to use streaming.

Keep the STREAMING default unless you are requested to disable it, because streaming reduces transmission latency, especially in networks where latency is a problem already. Streaming is not supported for initial-load tasks where Extract communicates directly with Replicat.

TCPFLUSHBYTES bytes

Controls the size of the buffer, in bytes, that collects data that is ready to be sent across the network. When either this value or the value of the FLUSHSECS parameter is reached, the data is flushed to the target.

The default is 30,000 bytes. Valid values are from 1000 to 200000000 (two hundred million) bytes, but should be at least the value of TCPBUFSIZE.

Do not use this parameter for an initial load Extract. It is valid only for an online Extract group. Do not use this parameter if the target system is NonStop.

TIMEOUT seconds

Specifies how long an Extract running in PASSIVE mode waits to get a connection from Collector, and how long Extract waits for a heartbeat signal from Collector before terminating a connection. Valid values are 1 second to 1800 seconds (30 minutes). The default value is 300 seconds (5 minutes). Setting the timeout to a very low value is not recommended in a production setting. You might need to increase the TIMEOUT value if you see a warning in the error log that there was a TCP/IP error 10054 (existing connection forcibly closed by remote host). This error typically occurs when the Extract terminates itself after the TIMEOUT value is exceeded.

Example

RMTHOSTOPTIONS ENCRYPT AES192, COMPRESS, COMPRESSTHRESHOLD 750, TCPBUFSIZE 100000, TCPFLUSHBYTES 300000, NOSTREAMING