Set up a distribution path between OCI GoldenGate deployments in different regions with VCN peering

Learn to set up and configure Oracle Cloud Infrastructure GoldenGate and Virtual Cloud Network (VCN) peering to create a distribution path between two OCI GoldenGate deployments located in two different regions.

Overview

You can create a distributed heterogeneous and multicloud data fabric using interconnected Oracle Cloud Infrastructure (OCI) GoldenGate deployments. This example demonstrates how to create a distribution path between OCI GoldenGate deployments located in Phoenix (Region A) and Frankfurt (Region B).

Description of the illustration vcn-peering-diff-regions.png

Before you begin

You must have the following in order to proceed:

• An existing OCI GoldenGate deployment in one region (Region A) with an Extract defined
• An existing OCI GoldenGate deployment in a different region (Region B)
• Both should only allow private network connectivity
• An existing Dynamic Routing Gateway (DRG)

Task 1: Configure networking

1. In Region A, follow the steps to create a VCN:
   1. From the Oracle Cloud console navigation menu, click Networking, and then click Virtual cloud networks.
   2. Confirm the compartment selection, or change compartments.
   3. Click Create VCN.
   4. In the Create VCN panel, complete the following fields, and then click Create VCN:
      • Name: Enter a name
      • Create in Compartment: Leave as is
      • IPv4 CIDR Blocks:
        • Public (10.0.0.0/24)
        • Private (10.0.1.0/24)
   5. On the VCN A Details page, click Gateways, and then click Create DRG Attachment.
   6. on the Create DRG Attachment page, enter a Name for the DRG, select a DRG Location, and then click Create DRG Attachment.
   7. In the Dynamic Routing Gateway Attachments list, select the DRG you created.
   8. On the DRG Details page, click Attachments.
   9. Under Remote peering connection attachments, and then click Create remote peering connection.
   10. In the Create Remote Peering Connection panel, enter a name, leave the default settings as is, and then click Create remote peering connection. An RPC attachment is automatically added to the DRG and its peering status set to New (not peered).
   11. In the Remote peering connections attachments list, select the RPC you created.
   12. On the RPC Details page, for OCID, click Copy.

       Note:

       You can temporarily paste the OCID to a text editor for later use.
2. Repeat the previous step in Region B to create a VCN (VCN B) with two regional subnets and DRG:
   • Public (192.168.0.0/24)
   • Private (192.168.1.0/24)
3. On Region B's RPC Details page, click the RPC name, and then click Establish Connection.
4. On VCN A's Details page, click Security, and then click security list for private subnet-<VCN Name>.
5. Click Add Ingress Rules.
6. In the Add Ingress Rules dialog, complete the following fields, and then click Add Ingress Rules:
   1. Source Type: CIDR
   2. Source CIDR: 192.168.1.0/24
   3. IP Protocol: TCP
   4. Source Port Range: All
   5. Destination Port Range: 443

      Note:

      443 is the default port to access OCI GoldenGate deployments.
7. Similarly add Ingress Rules to allow the DNS Resolver in both regions to communicate with each other:
   • 192.168.0.0/16 UDP All 53
   • 192.168.0.0/16 TCP All 53
8. On VCN A's Details page, click Routing, and then click route table for private subnet-<VCN Name>.
9. Click Add Route Rules.
10. In the Add Route Rules panel, complete the following fields, and then click Add Route Rules:
    • Target Type: Dynamic Routing Gateway
    • Destination CIDR Block: 192.168.1.0/24
11. On VCN B's Details page, click Security, and then click security list for private subnet-<VCN Name>.
12. Click Add Ingress Rules.
13. In the Add Ingress Rules dialog, complete the following fields and then click Add Ingress Rules:
    1. Source Type: CIDR
    2. Source CIDR: 10.0.1.0/24
    3. IP Protocol: TCP
    4. Source Port Range: All
    5. Destination Port Range: 443

       Note:

       443 is the default port to access OCI GoldenGate deployments.
14. Similarly add Ingress Rules to allow the DNS Resolver in both regions to communicate with each other:
    • 10.0.0.0/16 UDP All 53
    • 10.0.0.0/16 TCP All 53
15. On VCN B's Details page, under Resources, click Route Tables, and then click route table for private subnet-<VCN Name>.
16. Click Add Route Rules.
17. In the Add Route Rules panel, complete the following fields, and then click Add Route Rules:
    • Target Type: Dynamic Routing Gateway
    • Destination CIDR Block: 10.0.1.0/24

Task 2: Configure DNS Peering

1. Create a Listening and a Forwarding endpoint in VCN A:
   1. From the Oracle Cloud console navigation menu, click Networking, and then select Virtual Cloud Networks.
   2. From the list of Virtual Cloud Networks, select VCN A.
   3. In VCN A, under VCN Information, select the DNS Resolver.
   4. Under Resources, click Endpoints then click Create endpoint to create a Listening and a Forwarding endpoint.
      1. In the Create endpoint panel, enter a Name.
      2. For Choose a subnet, select VCN A Private subnet from the dropdown.
      3. For Endpoint type, select Listening.
      4. Click Create endpoint.
      5. Repeat the steps above to create the Forwarding endpoint.

      Note:

      See Creating a Resolver Endpoint for more information.
2. Repeat step 1 to create a Listening and a Forwarding endpoint in VCN B.
3. Manage Rules for VCN A:
   1. Go back to VCN A, click on DNS Resolver.
   2. Under Resources, click Rules and then click Manage rules:
      1. In the Manage rules panel, for Rule condition, select Domains from the dropdown.
      2. For Domains, enter the DNS Domain Name for VCN B.

         For example, if your target region (Region B) is Germany Central (Frankfurt), then your OCI GoldenGate domain name would be: deployment.goldengate.eu-frankfurt-1.oci.oraclecloud.com

      3. For Source endpoint, select the DNS Resolver Forwarding Endpoint for VCN A from the dropdown.
      4. For Destination IP address, enter the IP address of the DNS Resolver Listening Endpoint for VCN B.
      5. Click Save changes.

         Note:

         See Resolver Rules for more information about creating a resolver rule.
4. Manage Rules for VCN B:
   1. Go back to VCN B, click on DNS Resolver.
   2. Under Resources, click Rules and then click Manage rules:
      1. In the Manage rules panel, for Rule condition, select Domains from the dropdown.
      2. For Domains, enter the OCI GoldenGate Domain Name for VCN A.

         For example, if your target region (Region A) is US West (Phoenix), then your OCI GoldenGate domain name would be: deployment.goldengate.us-phoenix-1.oci.oraclecloud.com

      3. For Source endpoint, select the DNS Resolver Forwarding Endpoint for VCN B from the dropdown.
      4. For Destination IP address, enter the IP address of the DNS Resolver Listening Endpoint for VCN A.
      5. Click Save changes.

         Note:

         See Resolver Rules for more information about creating a resolver rule.

Task 3: Create and assign connections

1. In Region A, create a GoldenGate Connection for the remote deployment in Region B.

   Note:

   Ensure that:

   • You select Dedicated endpoint for Traffic routing method.
   • The domain used by the FQDN provided in the connection string or wallet is being correctly forwarded to the appropriate DNS Resolver using its Rules. See Resolver Rules for more information.
2. Assign the connection to the deployment in Region A.

Task 4: Create a distribution path

1. In Region A, log into the OCI GoldenGate deployment console.
2. Add a Distribution Path using the Extract and Trail defined in this deployment.
3. Once the distribution path is active, log into the target deployment in Region B and verify the distribution path appears in Receiver Service.

Learn more

• Remote VCN Peering using an RPC
• Private DNS Implementation
• VCN Peering for ADBs with Private Endpoints and Cross-Region Autonomous Data Guard

---

Title and Copyright Information

Copyright ©2024,2025,

Oracle and/or its affiliates.