In this post, I have covered one of the most important topics in the context of Oracle Cloud Infrastructure Architect Associate Exam (1Z0-932) which is Networking where I will be covering various components of networking such as VCN, Subnet, Routing, Gateways, DRG, IGW & much more.
Check one of many questions that you can expect in OCI Architect 1Z0-932 Exam (To get a FREE Copy of 20 Questions for 1Z0-932 Exam Click Here.
Note: Networking has a high weightage in Oracle Cloud Infrastructure Architect Associate Exam (1Z0-932), so it’s very important to understand the functionality of each component in Networking in Oracle Cloud Infrastructure
If you are new to Cloud Computing then I would highly recommend checking my previous blog on Cloud Service Models (SaaS, PaaS, IaaS)
In the below Video, I have covered the things you must about Networking in Oracle Cloud Infrastructure (OCI)
When you work with Oracle Cloud Infrastructure, one of the first steps is to set up a virtual cloud network (VCN) for your cloud resources. This post gives you an overview of the Oracle Cloud Infrastructure Networking components.
OCI Networking Architecture
Components of Networking in OCI
The Networking service in Oracle Cloud Infrastructure uses virtual versions of traditional network components you might already be familiar with:
Region & Availability Domain
- OCI Servers & Data is hosted in a region where the region is a localized geographic area, as of August 2019, There is a total of 11 Regions now (i.e. London Heathrow, Frankfurt, Ashburn, Phoenix, Canada, Tokyo, Seoul, Mumbai, Zurich, Sao Paulo & Sydney)
- Availability Domain (AD) is one or more data centers located within a region. A region is composed of three availability domains. Services/Resources are either Region-Specific (like VCN) or Availability Domain Specific (like Compute)
To know more about Regions & Availability Domain in Oracle Cloud Infrastructure check our previous blog post on Oracle Cloud Infrastructure Availability Domains & Fault Domains
Virtual Cloud Network (VCN)
- It is the first thing you create in order to make your OCI services accessible via the internet or via VPN (Private network)
- A software-defined version of a traditional physical network including subnet, route tables, and gateways
- VCN Resides within a single Region but can cross multiple Availability Domain (AD)
Subnet & AD (Availability Domain)
- Bigger Network divided into multiple smaller networks
- A subnet is specific to an Availability Domain (AD)
- You can have multiple subnets in an Availability Domain (AD)
Security List & Route Table
- Security List: Common Set of firewall rules associated with a subnet and applied to all compute instances in that subnet
- Security List provides two types of traffic allowed
Ingress: Incoming Traffic
Egress: Outgoing Traffic
- Firewall rules in OCI are defined at subnet level and not at compute instance level
- Route Table is set of route rules that provide mapping for traffic from subnet via gateways to other subnets or destination outside VCN
- OCI VPN securely connects the on-premise network to OCI VCN through an IPSec VPN connection
- IPSec: Internet Protocol Security is a network protocol that ATN & encrypts data packets sent over the network
- Connects existing network to VCN over a private physical network instead of the internet
- There are two ways to connect with FastConnect
Colocation: By Co-locating with Oracle in a FastConnect Locations
Provider: By Connecting to a FastConnect Provider
Dynamic Routing Gateway (DRG)
- Dynamic Routing Gateway (DRG) provides the single point of entry for remote network paths coming into VCN
- Use DRG to connect On-Premise network to Oracle Cloud using IPSec VPN Tunnel & Fast Connect
- Each VCN can have single DRG
Internet Gateway (IGW)
- Internet Gateway (IGW) provides a path for network traffic between VCN & Internet
- Compute Instance in Public Subnet by default won’t be able to connect to the internet unless you create a gateway and configure routing table of VCN to IGW
- Redundancy for IGW is managed by Oracle
- VCN Peering is the process of connecting multiple virtual cloud networks (VCN)
- With peering, instances in two VCNs communicate as if they are in the same network
- VCN Peering can be of two types Local VCN Peering (within Region) & Remote VCN Peering (across Regions)
- Local VCN Peering is supported in all OCI Regions
Now it’s your turn to post your doubts in the comment section and let us know where you are facing challenges in Oracle Cloud Infrastructure
This post is from our Course “Oracle Cloud IaaS – Oracle Cloud Infrastructure (OCI) Architect” with 1 Year On-Job Support and 1 year Unlimited FREE Retakes (If you need to know more about this program then reach out to our team at firstname.lastname@example.org )
- 7 Days FREE Trial to Start Your Oracle Cloud Journey
- Oracle Cloud Infrastructure Availability Domains & Fault Domains
- Oracle Cloud Infrastructure (OCI) Architect (1z0-932)Live Training
- Oracle Cloud Infrastructure (OCI) Architect(1z0-932) Self-Paced Training
- Oracle Cloud Infrastructure (OCI) Architect: Certification Exam 1Z0-932: Step by Step Activity Guides To Clear Exam
Do You Know?
Oracle Cloud Infrastructure Architect Exam (1Z0-932) consists of 70 Questions and you need to clear 68%, to get certified.
So, If you have any doubts and want to polish your learning for Oracle Cloud Infrastructure Architect Basics, then Join FREE Masterclass on How To Become Oracle Certified Cloud Architect [1Z0-932] in 8 Weeks and start preparing today to clear the Exam for Oracle Cloud Infrastructure Architect Exam-(1Z0-932) Certification.
Click Down the image below to register for FREE.
Click on the below image to join our FREE Telegram Group.