1. Using Oracle Cloud Infrastructure Compute Classic
  2. Connecting to Instances Using Oracle Cloud Infrastructure FastConnect Classic

18 Connecting to Instances Using Oracle Cloud Infrastructure FastConnect Classic

Topics

About FastConnect Classic

Not Oracle Cloud at Customer This topic does not apply to Oracle Cloud at Customer.

Oracle Cloud Infrastructure FastConnect Classic allows you to access your Oracle Cloud services using a direct connection from your premises or colocation facilities. With FastConnect Classic, your network traffic is routed over a direct and deterministic path from your on-premises network to instances in your Compute Classic account. This ensures consistent performance with dedicated bandwidth and controlled or reduced latency in your network traffic.

Use FastConnect Classic to access your Oracle Cloud Infrastructure - Classic services. To access your Oracle Cloud Infrastructure services use Oracle Cloud Infrastructure FastConnect. See the Oracle Cloud Infrastructure FastConnect guide.

Using FastConnect Classic to establish a connection from your premises to Oracle Cloud allows you to:

  • Access your instances through an overlay-based direct connection. Transferring data over a direct connection provides better privacy.

  • Transfer large volumes of data using high WAN bandwidth. Migrating your Internet traffic to a dedicated path improves the overall performance of your network and significantly reduces the time taken to complete data transfers.

Features

  • Standard routing: Leverages the Border Gateway Protocol (BGP) to manage the exchange of routes between Oracle Cloud and your DMZ or public-facing network.

  • Public and private peering: Advertise public and private IP prefixes over the peering established with FastConnect Classic edge routers. You can establish both private and public peering sessions over a single FastConnect Classic connection by adding virtual circuits.

  • Dedicated bandwidth: Access your Oracle Cloud services, as well as transfer large volumes of data between your private clouds and the Oracle Cloud, over a dedicated data connection. The entire assigned bandwidth is available exclusively for your use.

Use FastConnect Classic to establish a dedicated, high-speed connection between your premises and your Compute Classic instances. If you want to establish a secure connection using IPSec tunneling, you can set up a VPN connection instead. If you need a high speed connection along with the security provided by IPSec tunneling, you can set up a VPN tunnel over your FastConnect Classic connection. For information about VPN, see Connecting to Instances in a Multitenant Site Using VPN or Connecting to Oracle Cloud Infrastructure Dedicated Compute Classic Instances Using VPN.

Connecting to Instances on the Shared Network

You can use either of the following models to connect to instances on the shared network:

  • By using Direct Cross Connects. Previously called Standard Edition service model, you can provision cross connects to the Oracle edge routers if your data center is colocated with the Oracle data center at a FastConnect location or if you can connect to the Oracle data center using a private link.

  • By connecting through an Oracle FastConnect Partner. Previously called Partner Edition service model, you can connect through an Oracle FastConnect Partner such as an IP VPN or MPLS VPN network service provider or data center exchange provider.

For information about using FastConnect Classic, see Getting Started With the Service in Using Oracle Cloud Infrastructure FastConnect Classic.

Connecting to Instances on IP Networks

You can also use FastConnect Classic to set up a connection between subnets in your premises and IP networks in your Compute Classic account.

To do this, create a private gateway object in Compute Classic and attach your IP networks to this private gateway. Then set up a private peering connection by using FastConnect Classic. With this connection, you can access instances on your IP networks using their private IP addresses from your on-premises private networks. You don’t need to associate public IP addresses with instances on IP networks.


Private peering between on-premises network and IP networks in Compute Classic

This figure shows private peering connections for two customers from networks in different data centers to IP networks in their Compute Classic account. Customer A uses a single FastConnect Classic connection from their data center to Oracle Cloud, while Customer B has multiple FastConnect Classic connections. Within Oracle Cloud, a private peering connection is established for each customer to connect instances on their IP networks to their private gateway.

Note:

Not all Oracle FastConnect Partners support private peering to enable connections using the private IP addresses of instances on IP networks. If you’re connecting through an Oracle FastConnect Partner, check if your partner supports private peering. See Getting Started With the Service in Using Oracle Cloud Infrastructure FastConnect Classic.

Access to instances on IP networks is controlled by access control lists (ACLs). You must have the required ingress and egress security rules in place and apply those rules using ACLs that are applied to the appropriate vNICset, to enable access to instances on IP networks. You can update these ACLs at any time.

Workflow for Connecting to Instances on IP Networks

Here’s an overview of the procedure for setting up FastConnect Classic to connect to instances on IP networks:

  1. Create the required IP networks. Ensure that the subnets you specify while creating IP networks don’t overlap with subnets in your on-premises networks. See Creating an IP Network.

  2. Create the required ACLs. An ACL is a collection of security rules. After you’ve created the ACL, you can reference it in each security rule that you create. When an ACL is applied, traffic is permitted only if it meets all the criteria of any one security rule in the ACL. See Creating an ACL.

  3. Create the required ingress and egress security rules. Each security rule defines the type of traffic permitted to or from a specified source or destination. As you create each security rule, add it to the appropriate ACL. See Creating a Security Rule for IP Networks.

  4. Create a vNICset. This vNICset will contain the vNICs of the instances on IP networks that you want to access using the FastConnect Classic connection. While creating the vNICset, specify the ACLs that you want to apply to this vNICset. See Creating a vNICset.

  5. Create the instances that you want to access over the FastConnect Classic connection and specify the appropriate IP networks and vNICsets for each instance.

  6. Create a private gateway. See Creating a Private Gateway.

    When you create the private gateway object, specify the list of IP networks that you want to access over the FastConnect Classic connection.

    Note:

    Note the name of your private gateway. You’ll need to provide this name when you set up your FastConnect Classic connection.

  7. Follow the procedure to set up a connection using Direct Cross Connects or through an Oracle FastConnect Partner. See Getting Started With the Service in Using Oracle Cloud Infrastructure FastConnect Classic.

After you’ve established a connection from your premises to instances on your IP networks, you can add IP networks to the list of accessible IP networks at any time. These additional IP network routes are automatically advertised to your remote data center or on-premises location over the FastConnect Classic private peering connection.