During the installation of the Oracle Grid Infrastructure 12c Release 2, the installation will fail during the Network Interface Usage step if any type of firewall is running. Instead of completely disabling the firewall, the source address of our bonded interface, bond0, is added to the trusted zone within firewalld. However, this should be immediately removed upon completion of the installation of Oracle as bond0 is a public interface and should not reside in the trusted zone. For clarification, interfaces em3 and em4 are private interfaces that reside on a private network not accessible to the outside world. Due to this, it is acceptable for these interfaces to be part of the trusted zone.

On all nodes within the Oracle RAC cluster as the root user, remove the source public address of the other nodes in the cluster. For example, this reference environment consists ofa two node Oracle RAC cluster, with node one’s public IP set to 10.19.142.51 and node two’s public IP set to 10.19.142.52 Within node one of the Oracle RAC cluster, run the following command:

# firewall-cmd –permanent –zone=trusted –remove-source=10.19.142.52/21
success

Restart the firewalld service,

# systemctl restart firewalld.service

Within node two of the Oracle RAC cluster, run the following command:

# firewall-cmd –permanent –zone=trusted –remove-source=10.19.142.51/21
success

Restart the firewalld service,

# systemctl restart firewalld.service

With the removal of the public source addresses, Oracle RAC Database can now run properly with a firewall protecting the public interface.