OCI Foundations - Networking: Difference between revisions
Jump to navigation
Jump to search
NickPGSmith (talk | contribs) (Created page with " Virtual CLoud Network: Software Defined Network Internet Gateway: Bidrectional NAT Gateway: Unidirectional (out) Service Gateway: Access OCI public services but without Internet Dynamic Routing Gateway: Routing to non-public endpoints like on-premise networks == VCN Routing == Private Subnet * Access for patching: -> NAT Gateway -> Internet * Access to on-premise network -> Dynamic Routing Gateway -> VPN/On-prem network Public Sunbet * Access for serving: -> Interne...") |
NickPGSmith (talk | contribs) No edit summary |
||
Line 6: | Line 6: | ||
Service Gateway: Access OCI public services but without Internet | Service Gateway: Access OCI public services but without Internet | ||
Dynamic Routing Gateway: Routing to non-public endpoints like on-premise networks | Dynamic Routing Gateway: Routing to non-public endpoints like on-premise networks | ||
These are created with a VCN: | |||
* Default DHCP options | |||
* Default route tables | |||
* default security list | |||
== VCN Routing == | == VCN Routing == |
Revision as of 16:23, 21 July 2023
Virtual CLoud Network: Software Defined Network
Internet Gateway: Bidrectional NAT Gateway: Unidirectional (out) Service Gateway: Access OCI public services but without Internet Dynamic Routing Gateway: Routing to non-public endpoints like on-premise networks
These are created with a VCN:
- Default DHCP options
- Default route tables
- default security list
VCN Routing
Private Subnet
- Access for patching: -> NAT Gateway -> Internet
- Access to on-premise network -> Dynamic Routing Gateway -> VPN/On-prem network
Public Sunbet
- Access for serving: -> Internet Gateway -> Internet
Local Peering:
- Where networks are in same OCI region
- Networks communicate via Local Peering Gateway
Remote Peering:
- Where networks are in different OCI regions
- Networks communicate via Dynamic Routing Gateway
New: Dynamic Routing Gateway v2
- Up to 300 VCNs can be connected, rather than point-point
VCN Security
Security List: Firewall rules in/out of subnets
Network Security Group: only apply specific vNICs. Therefore different rules can be applied to different NICs in the same subnet.
Load Balancer
Layer 7 LB: HTTP/HTTPS
- Flexible Shape: define min/max from 10 Mbps - 8 Gbps
- Dynamic Shape: define micro/small/medium/large
- Public or Private options
- High available, highly scalable
- Higher routing intelligence
Network LB, Layer 3/4: TCP/UDP/ICMP
- Much lower latency