1. Connect OCI government and commercial regions using Megaport Cloud Router
  2. Learn About Connecting OCI Using Megaport Cloud Router

Learn About Connecting OCI Using Megaport Cloud Router

Connect Oracle Cloud Infrastructure Government Cloud (OCI Government Cloud) and Oracle Cloud Infrastructure (OCI) commercial regions using Megaport Cloud Router (MCR).

This playbook will help Oracle Cloud customers who need to connect their respective OCI Government Cloud and OCI commercial regions, using a partner connection, where moving data between them is desired. We provide a detailed, step-by-step approach for implementing this solution in your organization.

By following these steps, you can establish a secure, private connection between your OCI Government Cloud and OCI regions. This will enable you to leverage the benefits of both regions and meet your compliance and regulatory requirements.

Architecture

This architecture shows an Oracle Cloud Infrastructure FastConnect deployment using Megaport as the partner connection between OCI Government Cloud and OCI commercial regions.

When connecting to the OCI through FastConnect with Megaport, the virtual cross-connect (VXC) forms the Layer 2 component of the connection. Layer 3 BGP connectivity is established directly between OCI Government Cloud and OCI regions.

The following diagram illustrates this reference architecture.


Description of oci-megaport-cloud-router-architecture.png follows
Description of the illustration oci-megaport-cloud-router-architecture.png

oci-megaport-cloud-router-architecture-oracle.zip

This architecture has the following components:

  • Tenancy

    A tenancy is a secure and isolated partition that Oracle sets up within Oracle Cloud when you sign up for Oracle Cloud Infrastructure. You can create, organize, and administer your resources in Oracle Cloud within your tenancy. A tenancy is synonymous with a company or organization. Usually, a company will have a single tenancy and reflect its organizational structure within that tenancy. A single tenancy is usually associated with a single subscription, and a single subscription usually only has one tenancy.

  • Region

    An Oracle Cloud Infrastructure region is a localized geographic area that contains one or more data centers, called availability domains. Regions are independent of other regions, and vast distances can separate them (across countries or even continents).

  • Compartment

    Compartments are cross-region logical partitions within an Oracle Cloud Infrastructure tenancy. Use compartments to organize your resources in Oracle Cloud, control access to the resources, and set usage quotas. To control access to the resources in a given compartment, you define policies that specify who can access the resources and what actions they can perform.

  • Virtual cloud network (VCN) and subnet

    A VCN is a customizable, software-defined network that you set up in an Oracle Cloud Infrastructure region. Like traditional data center networks, VCNs give you complete control over your network environment. A VCN can have multiple non-overlapping CIDR blocks that you can change after you create the VCN. You can segment a VCN into subnets, which can be scoped to a region or to an availability domain. Each subnet consists of a contiguous range of addresses that don't overlap with the other subnets in the VCN. You can change the size of a subnet after creation. A subnet can be public or private.

  • FastConnect

    Oracle Cloud Infrastructure FastConnect provides an easy way to create a dedicated, private connection between your data center and Oracle Cloud Infrastructure. FastConnect provides higher-bandwidth options and a more reliable networking experience when compared with internet-based connections.

  • Megaport

    Megaport is a global network-as-a-service platform that provides on-demand, scalable, and secure connectivity to multiple cloud services and data centers using a single physical interface.

  • Megaport Cloud Router (MCR)

    The MCR is a virtual router that provides routing between your VCN and your FastConnect connection. You can use MCR to connect your VCN to multiple FastConnect locations.

  • Virtual cross-connect (VXC)

    The VXC is a secure, private connection between your commercial and government OCI regions. You can use VXCs to connect VCNs in different regions.

Considerations

When establishing connectivity to non-FedRAMP accredited regions, consider the following.

Since this is a connection between a non-FedRAMP and FedRAMP High Baseline OCI Government Cloud region, there are several compliance-related issues that customers should keep in mind.

  • Customers need to ensure that they are meeting all the required compliance standards and controls, including those for data privacy, security, and confidentiality.
  • One of the primary reasons for choosing a FedRAMP High Baseline government region is to meet strict compliance requirements. As such, it is essential to classify data properly based on its sensitivity and handle it accordingly. This means identifying and classifying data based on the appropriate risk level and ensuring that the correct controls are in place to protect it.