Private lines have connected different locations for a long time. Extending your on-premises network to the cloud happens more often now, and using private lines meets the most demanding requirements. Oracle Cloud Infrastructure FastConnect provides an easy way to create a dedicated, private connection between your data center or existing network and Oracle Cloud Infrastructure.
Higher bandwidth and lower latency
Flexibility of the type of peering: public, private, or both
SLAs that are not available on public lines
This reference architecture shows how to set up a FastConnect connection between your on-premises network and virtual cloud network (VCN).
The following diagram illustrates this architecture.
Description of the illustration fastconnect-single-vc.png
- On-premises network
The local network used by your organization.
Creates a dedicated, private connection between your local network and your Oracle Cloud Infrastructure VCN.
- Virtual cloud network (VCN)
A virtual, private network set up in Oracle data centers.
Subdivisions that you define within a VCN. A subnet has a contiguous range of IP addresses that don’t overlap with other subnets in the VCN.
- Dynamic routing gateway (DRG)
A virtual router added to your VCN to provide a path for private network traffic between your VCN and on-premises network (transit routing).
- IPv4 and IPv6
Address schemes used for the networks. IPv6 is supported only in US Government Cloud.
- Border Gateway Protocol (BGP) routing
Allows routes to be learned dynamically. The DRG dynamically learns the routes from your on-premises network. On the Oracle side, the DRG advertises the VCN's subnets.
- Private peering
Extends existing infrastructure by using private IP addresses.
- Public peering
Allows public Oracle Cloud Infrastructure services to be accessed using a private connection instead of the internet.
- Virtual circuit
The private path used to connect on-premises and Oracle Cloud Infrastructure. It can include multiples lines, physical or logical, depending on the requirements and capabilities of the line provider.
Your requirements might differ from the architecture described here. Use the following recommendations as a starting point.
When you create a VCN, determine the number of CIDR blocks required and the size of each block based on the number of resources that you plan to attach to subnets in the VCN. Use CIDR blocks that are within the standard private IP address space.
After you create a VCN, you can change, add, and remove its CIDR blocks.
When you design the subnets, consider your traffic flow and security requirements. Attach all the resources within a specific tier or role to the same subnet, which can serve as a security boundary.
- Security lists
Use security lists to define ingress and egress rules that apply to the entire subnet.
FastConnect offers two tiers: 1 Gbps and 10 Gbps. These values are the maximum throughput used in each tier. The virtual circuit throughput should be equal to or lower than the selected port.
Communication happens over private lines, and the usual security controls should be applied, granting the appropriate access.
FastConnect components are redundant, and Oracle offers resources that can be combined with any of the connectivity models to meet the requirements.
FastConnect ports are billed per hour. There is no charge for egress or ingress traffic. The cost of the virtual circuit is not included with the port.