OCI Foundations - Networking: Difference between revisions

From Smithnet Wiki
Jump to navigation Jump to search
(Created page with " Virtual CLoud Network: Software Defined Network Internet Gateway: Bidrectional NAT Gateway: Unidirectional (out) Service Gateway: Access OCI public services but without Internet Dynamic Routing Gateway: Routing to non-public endpoints like on-premise networks == VCN Routing == Private Subnet * Access for patching: -> NAT Gateway -> Internet * Access to on-premise network -> Dynamic Routing Gateway -> VPN/On-prem network Public Sunbet * Access for serving: -> Interne...")
 
No edit summary
Line 6: Line 6:
Service Gateway: Access OCI public services but without Internet
Service Gateway: Access OCI public services but without Internet
Dynamic Routing Gateway: Routing to non-public endpoints like on-premise networks
Dynamic Routing Gateway: Routing to non-public endpoints like on-premise networks
These are created with a VCN:
* Default DHCP options
* Default route tables
* default security list


== VCN Routing ==
== VCN Routing ==

Revision as of 16:23, 21 July 2023

Virtual CLoud Network: Software Defined Network

Internet Gateway: Bidrectional NAT Gateway: Unidirectional (out) Service Gateway: Access OCI public services but without Internet Dynamic Routing Gateway: Routing to non-public endpoints like on-premise networks

These are created with a VCN:

  • Default DHCP options
  • Default route tables
  • default security list

VCN Routing

Private Subnet

  • Access for patching: -> NAT Gateway -> Internet
  • Access to on-premise network -> Dynamic Routing Gateway -> VPN/On-prem network

Public Sunbet

  • Access for serving: -> Internet Gateway -> Internet

Local Peering:

  • Where networks are in same OCI region
  • Networks communicate via Local Peering Gateway

Remote Peering:

  • Where networks are in different OCI regions
  • Networks communicate via Dynamic Routing Gateway

New: Dynamic Routing Gateway v2

  • Up to 300 VCNs can be connected, rather than point-point

VCN Security

Security List: Firewall rules in/out of subnets

Network Security Group: only apply specific vNICs. Therefore different rules can be applied to different NICs in the same subnet.

Load Balancer

Layer 7 LB: HTTP/HTTPS

  • Flexible Shape: define min/max from 10 Mbps - 8 Gbps
  • Dynamic Shape: define micro/small/medium/large
  • Public or Private options
  • High available, highly scalable
  • Higher routing intelligence

Network LB, Layer 3/4: TCP/UDP/ICMP

  • Much lower latency