The image shows a primary and secondary region. Both regions are identical and
comprose multiple virtual cloud networks (VCNs) and implementations of the Oracle
Services Network (OSN). The various VCNs contain publc and private subnets.
An on-premises data center communicates with the primary region either over Fast Connect
or a Site-to-Site VPN through a dynamic routing gateway (DRG) and with the secondary
region through a DRG. The DRG on th eprimary region directs traffic to the VCNs
comprising the primary region.
The VCNs and their subnets of both regions are:
- Hub FW External VCN, containing the Hub FW External Subnet, which
itself contains a network firewall and an HA network firewall. Access to this
VCN is through either a NAT gateway, Internet gateway, or a service gateway and
controlled by a routing table and security list. The primary region
implementation of this VCN uses remote peering to exchange data with its
counterpart in the secondary region.
- Management VCN, containing a Management private subnet, which hosts
the management apps. Access to this VCN is through a dynamic routing gateway or
a service gateway and controlled by a routing table and security list.
- Supporting Apps VCN, containg a Supporting Apps private subnet,
which hosts the supporting apps. Access to this VCN is through a dynamic routing
gateway or a service gateway and controlled by a routing table and security
list.
- BaNCS-Web-LBR VCN, containing the BaNCS Web LBR private subnet, which hosts an
application load balancer, an HA load balancer, and BaNCS web servers. Access to
this VCN is through a dynamic routing gateway or a service gateway and
controlled by a routing table and security list. The primary region
implementation of this VCN uses storage replication to exchange data with its
counterpart in the secondary region.
- BaNCS-AppSrv VCN, containing the BaNCS Appsrv private subnet, which hosts the
file system and the BaNCS application servers. Access to this VCN is through a
dynamic routing gateway or a service gateway and controlled by a routing table
and security list. The primary region implementation of this VCN uses storage
replication to exchange data with its counterpart in the secondary region.
- BaNCS-Database VCN, which contains a BaNCS Database private subnet, which hosts
the Oracle Exadata Cloud Service. Access to this VCN is through a dynamic
routing gateway or a service gateway and controlled by a routing table and
security list. The primary region implementation of this VCN uses Data Guard
replication to exchange data with its counterpart in the secondary region.
The OSN services in both regions are:
- OCI Audit
- OCI IAM
- OCI Policies
- OCI Functions
- OCI Object Storage
- OCI Monitoring
- Oracle Maximum Security Zone
- Oracle Cloud Guard
- OCI Certificates
- Oracle Cloud Marketplace
