Professional Documents
Culture Documents
• Traffic flows from the Network interface card (NIC) of one VCN instance to the NIC of another instance in a different VCN
• Latency of traffic remains the same as if the instances are in the same region
• VCNs should not have overlapping IP addresses
• Local Peering Gateway
• Like the Internet Gateway, LPG is a component on the VCN
• LPGs of two VCNs are connected to make a peering relationship
• Enable the data plane to learn about instances in peered VCNs
• Route Table
• Supporting route rules to enable traffic to flow over the connection, and only to/from select subnets in the
respective VCNs
• In target types use local peering gateway
• Security Lists - Supporting security list rules to control the types of traffic allowed to/from the instances in the subnets that
need to communicate with the other VCN.
NIC2
4
• update the instance OS
Availability Domain 1
ORACLE CLOUD INFRASTRUCTURE (REGION) • In a BYOH scenario, each guest VM can get
AD2 AD3
one or more secondary VNICs.
Subnet A
10.0.0.0/24
Subnet B
10.0.1.0/24 • In case SR-IOV virtual functions (VF) are being
used by the hypervisor to provide network
VNIC1 VNIC2 VNIC3 VNIC4 access to the guest VMs, each VF can be
configured with the VLAN tag and MAC
address of a secondary VNIC.
primar
y
NIC
VF2
VF1
VF3
1
Hypervisor
VNIC5
Guest VM3
Guest VM2
Guest VM1
Subnet X
172.16.0.0/2
Bare metal instance 4
NIC2
IP7
IP5
IP6
IP4
IP1
IP2
IP3
• Public vs Private Subnets - designate a subnet to be private, which means instances in the subnet cannot
have public IP addresses
• Security Lists - To control packet-level traffic in/out of an instance by defining security rules in your VCN
• Firewall Rules - configure firewall rules directly on the instance itself to control packet-level traffic in/out of
an instance
• Gateways and route tables - Control general traffic flow from your cloud network to outside destinations
(the internet, your on-premises network, or another VCN)
• IAM Policies - control who has access to the Oracle Cloud Infrastructure API or console