- A dynamic routing gateway (DRG) for private connections from the customer's data center through IPSec VPN or FastConnect to the bastion and load balancing subnets.
- An internet gateway for user connections to the load balancing subnet.
- A network address translation (NAT) gateway for user connections to the applications layer and database subnets.
- A Service gateway to connect the VCN to object storage services.
The regional subnets are arranged as functional layers:
-
Bastion subnet (regional public subnet): A bastion server resides in fault domain 2 and connects to the DRG and to the application layer and database private subnets.
-
Load balancing subnet (regional public subnet): A load balancer resides in each of the two fault domains. The subnet connects to the DRG and the internet gateway and to the WebSphere Platform in the application layer subnet.
-
Application layer subnet (regional private subnet): A WebSphere Platform block spans the two fault domains and contains a virtual machine (VM) in each of the fault domains. The subnet connects to the NAT gateway. The WebSphere Platform block connects to both the load balancing and database subnets.
-
Database subnet (regional private subnet): The subnet contains a database system and connects to the NAT gateway. The database system communicates with the WebSphere Platform block through an ODBC interface.