Starting Oracle GoldenGate 12.1.2.1.0 (released in August 2014), Oracle GoldenGate supports SOCKS5 proxy or is SOCKS5 compliant. The feature allows Oracle GoldenGate to deliver data over the network via a SOCKS5 Proxy. In practice, you would create an SOCKS5 Proxy with SSH tunneling to send data over the network to protect the communication over the public network. Let's discuss how you can create an SOCK5 proxy for Oracle GoldenGate Cloud Service.
How to create a SOCKS5 Proxy
You can set up a SOCKS5 proxy on LINUX and Windows. On Linux, a SOCKS5 proxy can be set up along with SSH tunneling using the following SSH command:
ssh –i <private_key file> -v –N –f –D <listening IP Address>:<listening IP port> <GGCS Oracle User>@<GGCS IP Address> -N: No execution command on remote system -D: Dynamic Port Forwarding -i: Private Key File -f: Run the proxy process in the background -v: Verbose Mode -C: Compression
ssh -N -f -i opc_rsa.ppk -D 127.0.0.1:1080 [email protected]
This is because SSH only allows one entry of target with a unique public key on the known_hosts list. If the two different host using the same public key. Then, it will raise error. Please clean out the known_host file and restart. [3]
Please make sure you have the right address in the -D option. When I type 127.0.0.0. I got this error message.
ssh -i opc_rsa.ppk -NCfD 1080 [email protected]
curl -sSf --socks5 127.0.0.1:1080 www.google.com
$ssh -N -i opc_rsa.ppk -D 0.0.0.0:1080 localhost
Permission denied (publickey,gssapi-keyex,gssapi-with-mic).
Answer: The reason is missing the user and host name to connect. In an EC2 environment, you will get this error.
Don't confuse SSH tunneling with SOCKS5. SSH tunneling is an encrypted tunnel created through an SSH connection. SSH tunnel is a secure data transfer with data encryption. SOCKS5 proxy configures a local port (any port) to listen to internal requests and route all the traffic to external servers.
3. How to Use SOCKS5 proxy with Oracle GoldenGate Cloud Service
After setting up the SOCKS5 proxy, you can set up Oracle GoldenGate on-premises Pump to deliver data to GoldenGate Cloud Service via the proxy using the SOCKSPROXY parameter. The following is an example:
RMTHOST 129.145.2.34, COMPRESS, MGRPORT 1021, SOCKSPROXY 127.0.0.1:1080