Note:

• This tutorial requires access to Oracle Cloud. To sign up for a free account, see Get started with Oracle Cloud Infrastructure Free Tier.
• It uses example values for Oracle Cloud Infrastructure credentials, tenancy, and compartments. When completing your lab, substitute these values with ones specific to your cloud environment.

Enable multicloud cross-region interconnectivity between Microsoft Azure and Oracle Cloud Infrastructure

Introduction

To create an integrated multicloud experience, Microsoft and Oracle offer direct interconnection between Microsoft Azure and Oracle Cloud Infrastructure (OCI) using Microsoft Azure ExpressRoute and OCI FastConnect. The Microsoft Azure ExpressRoute and OCI FastConnect interconnection, provides low latency, high throughput, and private direct connectivity between the two clouds.

You can set up the interconnection between Microsoft Azure and Oracle Cloud Infrastructure using instructions provided in this step-by-step guide. Once the interconnect is set up, you must connect Virtual Network to ExpressRoute.

This tutorial outlines how you can extend interconnected cross-region connectivity using ExpressRoute cross connection and OCI region peering.

Objective

Enable cross-region connectivity between Oracle Cloud Infrastructure and Microsoft Azure environment through OCI-Azure Interconnect network connectivity. We have covered deploying the environment within Azure and OCI and validating network connectivity between OCI/Azure interconnected regions.

Prerequisites

• An active Microsoft Azure subscription and an active OCI tenancy.
• An Azure ExpressRoute peering location in proximity to or in the same peering location as OCI FastConnect. For more information, see Region Availability.
• Configure direct connectivity between Azure and OCI interconnected regions successfully. For more information, see Configure Direct Connectivity between ExpressRoute and FastConnect.
• Familiarity with networking and cloud services, including OCI FastConnect and Azure ExpressRoute.
• Understanding of OCI Azure Interconnect is required.

Audience

This tutorial is intended for Cloud Service Provider professionals and multicloud administrators.

Architecture

Below is a sample network topology and high level architecture of the solution.

You can refer to this architecture when you want to extend interconnected region connectivity using ExpressRoute cross connections and region peering within OCI regions.

Task 1: Configure Virtual Network and Subnet on Azure

1. Sign in to the Azure Portal.

2. On the upper-left side of the screen, select Create a resource, Networking, Virtual network or search for Virtual network in the search box.

3. In the Create virtual network screen, enter or select this information in the Basics tab.

   Project Details

   • Subscription: Select your Azure subscription
   • Resource Group: Select Create new, enter resource-group-name, then select OK, or select an existing resource-group-name based on parameters.

   Instance details

   • Name: Enter virtual-network-name.

   • Region: Select region-name.

4. Select the IP Addresses tab or select the Next: IP Addresses button at the end of the page.

5. In the IP Addresses tab, enter the following information.

   • IPv4 address space: Enter ipv4-address-range; Example: 10.20.0.0/16 for US East Region, 10.40.0.0/16 for US West3 Region.

6. Under Subnet name, select the word default.

7. In Edit subnet, enter the following information.

   • Subnet name: Enter subnet-name.
   • Subnet address range: Enter subnet-address-range; Example: 10.20.1.0/24 for Compute Subnet in US East , 10.40.1.0/24 for Compute Subnet in US West3.

8. Select Save.

9. Select the Review + create tab or select the Review + create button.

10. Select Create.

Repeat Steps 1-9 for both Interconnected Regions and then proceed to the next section to create Gateway Subnets and Virtual Network Gateways.

Task 2: Create a Gateway Subnet and Virtual Network Gateway on Azure

• In this section, you’ll create Gateway Subnets, Virtual Network Gateways and the following tables describe the minimum parameters required.

  Gateway Subnet Parameters

  Parameter	Value
  gateway-subnet-name	GatewaySubnet name filled automatically.
  subnet-address-range	Enter Gateway Subnet Address Range. Example: 10.20.0.0/24 for US East VNET, 10.40.0.0/24 for US West3 VNET.

  VNET Gateway parameters

  Setting	Value
  Project Details
  Subscription	Select your Azure subscription.
  Resource Group	This will be automatically selected on your VNET selection.
  Gateway details
  Name	Enter gateway-name.
  Region	Select (US) East US or Region where you have created VNET.
  Gateway type	Select ExpressRoute.
  SKU	Select the Gateway SKU from the drop-down list.
  Virtual Network	Select VNET created earlier within your region.
  Public IP Address
  Public IP address	Select Create new.
  Public IP address name	Enter a name for Public IP address.

• You can follow the step-by-step guide to create a Gateway Subnet and Virtual Network Gateway. Once you have created the required resources in both Azure Regions, proceed to the next section to create a Virtual Network Gateway ExpressRoute connection.

Task 3: Connect your ExpressRoute Circuit to the Virtual Network Gateway via a connection on Azure

• In this section, you’ll create an ExpressRoute Circuit connection to the Virtual Network Gateway and the following table describes the minimum required parameters.

  Parameter	Value
  Subscription	Select your subscription.
  Resource Group	your-resource-group. Select the resource group which you must have created during prerequisite steps.
  connection-type	Select ExpressRoute
  Name	Enter Connection Name
  Region	Select (US) East US or Region where you have created VNET Gateway.
  virtual-network-gateway	Select VNET gateway created earlier.
  expressroute-circuit	Select ExpressRoute Circuit created in pre-requisites steps.

• You can follow the step-by-step guide to create a ExpressRoute connection. Once you have created required connections in both Azure Regions, proceed to next section to enable cross connection on ExpressRoute Circuits.

Note: [Optional] You can also enable Global Reach at ExpressRoute level to support connectivity from either on-premises or a fall back option between OCI region peering to support connectivity. To learn more about Global reach, check this step-by-step guide.

Task 4: Create ExpressRoute cross connections using Virtual Network Gateways on Azure

• In this section, you’ll create ExpressRoute cross connections using Virtual Network Gateways at each ExpressRoute circuits and the following table describes the minimum required parameters.

  Parameter	Value
  Subscription	Select your subscription.
  Resource group	Select your-resource-group. Select the resource group which you must have created during pre-reqs steps.
  connection-type	Select ExpressRoute
  Name	Enter connection-name
  Region	Select (US) East US or Region where you have created VNET Gateway.
  virtual-network-gateway	Select VNET gateway created earlier. Choose different VNET Gateway to have a cross connection
  expressroute-circuit	Select ExpressRoute Circuit created in pre-requisites steps.

• You can follow the step-by-step guide to create VNET ExpressRoute connections in each cross-region using VNET Gateways. Once you have created connections in both the ExpressRoute circuits, proceed to the next section to create Virtual machines to validate the traffic between Azure and OCI.

Task 5: Create virtual machine on Azure

In this section you will create virtual machines to validate the connectivity from Azure to Oracle Cloud Infrastructure.

1. On the upper-left side of the screen in the Azure portal, select Create a resource, Compute, Virtual machine.

2. In Create a virtual machine - Basics, enter or select this information.

   Setting	Value
   Project details
   Subscription	Select your subscription.
   Resource group	Select your-resource-group. Select the resource group which you have created during prerequisite steps.
   Instance details
   Virtual machine name	Enter vm-name.
   Region	Select (US) East US or Region where you are deploying.
   Availability options	Leave the default No infrastructure redundancy. required.
   Image	Select Ubuntu Server 18.04 LTS - Gen1.
   Size	Select Standard_B2s.
   Administrator account
   Authentication type	Select Password. You can also choose SSH based authentication and update required value as needed.
   Username	Enter a user name.
   Password	Enter a password. The password must be at least 12 characters long and meet the defined complexity requirements.
   Confirm Password	Re-enter password.
   Inbound port rules
   Public inbound ports	Select None.

3. Select Next: Disks.

4. In Create a virtual machine - Disks, leave the defaults and select Next: Networking.

5. In Create a virtual machine - Networking, select this information:

   Setting	Value
   Virtual network	Select virtual-network.
   Subnet	Select compute-subnet. Example: 10.20.1.0/24 in US East Region.
   Public IP	Leave the default (new) my-vm-ip.
   Public inbound ports	Select Allow selected ports.
   Select inbound ports	Select SSH.

6. Select Review + create. You’re taken to the Review + create page where Azure validates your configuration.

7. When you see the Validation passed message, select Create.

Repeat Steps 1-7 for both region VMs and proceed to the next section to create required resources on Oracle Cloud Infrastructure.

Task 6: Create resources on Oracle Cloud Infrastructure

In this section you will create the required resources to support validation from OCI console within interconnected regions. In the OCI console, create following resources in each region:

• Create a Virtual Cloud Network with a Compute Subnet.
• Create a VCN attachment to DRG created in the prerequisite steps which has OCI/Azure Interconnection virtual circuit.
• Create a Virtual Machine within Compute Subnet and update required routes/security lists to connect with Azure VNETs.
• Extend Virtual Cloud Network connectivity to Azure VNET via DRG. You can follow this step-by-step guide.

You can follow this step-by-step guide to create a VM and complete required Virtual Cloud Network/Subnet set up. You need to follow this step-by-step guide to establish region peering between OCI Regions through DRG.

Once you have created the required resources and configuration based on architecture, proceed to the next section to validate interconnected regions connectivity.

Task 7: Validate the traffic in OCI/Azure Interconnect

In this section, you will connect to Linux VMs of both Cloud Providers and do a ping test to check the connectivity.

1. Connect to Linux VMs on both cloud providers using your terminal.

2. Initiate a ICMP RTT from Azure VMs to OCI VMs and vice-versa.

   • This will ensure network connectivity.

   • Below table shows a connectivity test performed based on shared network topology and reflects you can reach from OCI Ashburn, OCI Phoenix to US East, US West3 and vice-versa.

     Traffic Validation	SRIOV/Accelerated Networking	ICMP RTT (Milliseconds)
     OCI Ashburn VM to Azure US East VM; 10.10.0.168 > 10.20.1.4	yes	2.2
     OCI Ashburn VM to Azure US West3 VM; 10.10.0.168 > 10.40.1.4	yes	48.47
     OCI Ashburn VM to OCI PHX VM; 10.10.0.168 > 10.30.0.194	yes	58.75
     OCI PHX VM to Azure US East VM; 10.30.0.194 > 10.20.1.4	yes	62.00
     OCI PHX VM to Azure US West3 VM; 10.30.0.194 > 10.40.1.4	yes	2.2
     OCI PHX VM to OCI Ashburn VM; 10.30.0.194 > 10.10.0.168	yes	49.0
     Azure US East VM to OCI Ashburn VM; 10.20.1.4 > 10.10.0.168	yes	2.3
     Azure US East VM to OCI PHX VM; 10.20.1.4 > 10.30.0.194	yes	61.7
     Azure US East VM to Azure US West3 VM; 10.20.1.4 > 10.40.1.4	yes	52.9
     Azure US West3 VM to OCI Ashburn VM; 10.40.1.4 > 10.20.1.4	yes	59.5
     Azure US West3 VM to OCI PHX VM; 10.40.1.4 > 10.30.0.194	yes	2.2
     Azure US West3 VM to Azure US East VM; 10.40.1.4 > 10.30.1.4	yes	62.0

   • ICMP RTT between Azure and OCI reflects connectivity established between regions using ExpressRoute cross connection and regions peering as per our network topology.

   • Note: The above table reflects ICMP RTT as a reference point which could vary depending on the regions and use-case architecture. It is recommended to do a POC.

   • You can find more information about Azure latency between regions in Microsoft Learn: Azure network round-trip latency statistics.

   • For more information on how to test Virtual Machine latency, see Microsoft Learn: Test Azure virtual machine network latency in an Azure virtual network.

   • Note: You can validate DR failover using disabling ExpressRoute private peering option to ensure traffic: Microsoft Learn: Azure ExpressRoute: Reset circuit peering by using the Azure portal.

Task 8: Clean up resources

After you are done using the resources, delete the resource group and associated resources.

1. Delete the interconnect link if you haven’t done already. For details see the step-by-step guide.

2. Enter your-resource-group-name in the Search box at the top of the portal and select your-resource-group-name from the search results.

3. Select Delete resource group.

4. Enter your-resource-group-name for TYPE THE RESOURCE GROUP NAME and select Delete.

5. Similarly delete the resources in Oracle Cloud Infrastructure.

Related Links

• Partnership: Oracle Azure Interconnect

• Overview of Oracle Applications and solutions on Azure

• Express Route Cross-Network Connectivity Connections

• Blog: Step-by-Step Guide: Interconnecting Oracle Cloud Infrastructure and Microsoft Azure

Acknowledgments

• Author - Arun Poonia, Principal Solution Architect
• Contributor - Daniel Mauser, Principal Solutions Specialist Global Black Belt – Azure Networking

More Learning Resources

Explore other labs on docs.oracle.com/learn or access more free learning content on the Oracle Learning YouTube channel. Additionally, visit education.oracle.com/learning-explorer to become an Oracle Learning Explorer.

For product documentation, visit Oracle Help Center.

---

Title and Copyright Information

Enable multicloud cross-region interconnectivity between Microsoft Azure and Oracle Cloud Infrastructure

F81089-02

July 2023

Copyright © 2023, Oracle and/or its affiliates.