Private lines have connected different locations for a long time. Extending your on-premises network to the cloud happens more often now, and using private lines meets the most demanding requirements. Oracle Cloud Infrastructure FastConnect provides an easy way to create a dedicated, private connection between your data center or existing network and Oracle Cloud Infrastructure.
Higher bandwidth and lower latency
Flexibility of the type of peering: public, private, or both
SLAs that are not available on public lines
This reference architecture shows how to set up a FastConnect connection between your on-premises network and virtual cloud network (VCN).
The following diagram illustrates this architecture.
Description of the illustration fastconnect-single-vc.png
- On-premises network
The local network used by your organization.
Creates a dedicated, private connection between your local network and your Oracle Cloud Infrastructure VCN.
- Virtual cloud network (VCN)
A virtual, private network set up in Oracle data centers.
Subdivisions that you define within a VCN. A subnet has a contiguous range of IP addresses that don’t overlap with other subnets in the VCN.
- Dynamic routing gateway (DRG)
A virtual router added to your VCN to provide a path for private network traffic between your VCN and on-premises network (transit routing).
- IPv4 and IPv6
Address schemes used for the networks. IPv6 is supported only in US Government Cloud.
- Border Gateway Protocol (BGP) routing
Allows routes to be learned dynamically. The DRG dynamically learns the routes from your on-premises network. On the Oracle side, the DRG advertises the VCN's subnets.
- Private peering
Extends existing infrastructure by using private IP addresses.
- Public peering
Allows public Oracle Cloud Infrastructure services to be accessed using a private connection instead of the internet.
- Virtual circuit
The private path used to connect on-premises and Oracle Cloud Infrastructure. It can include multiples lines, physical or logical, depending on the requirements and capabilities of the line provider.
Your requirements might differ from the architecture described here. Use the following recommendations as a starting point.
When you create the VCN, determine how many IP addresses your cloud resources in each subnet require. Using Classless Inter-Domain Routing (CIDR) notation, specify a subnet mask and a network address range large enough for the required IP addresses. Use an address space that falls within the standard private IP address blocks.
Choose an address range that doesn't overlap with your on-premises network, in case you need to set up a connection between the VCN and your on-premises network later.
After you create the VCN, you can't change the address range.
When you design the subnets, consider functionality and security requirements. All compute instances within the same tier or role should go into the same subnet, which can be a security boundary.
- Security lists
Use security lists to define ingress and egress rules that apply to the entire subnet.
FastConnect offers two tiers: 1 Gbps and 10 Gbps. These values are the maximum throughput used in each tier. The virtual circuit throughput should be equal to or lower than the selected port.
Communication happens over private lines, and the usual security controls should be applied, granting the appropriate access.
FastConnect components are redundant, and Oracle offers resources that can be combined with any of the connectivity models to meet the requirements.
FastConnect ports are billed per hour. There is no charge for egress or ingress traffic. The cost of the virtual circuit is not included with the port.