This image shows an OCI region with an availability domain and three fault domains. The region contains a VCN with an internet gateway and a NAT gateway.
The VCN contains three subnets:
- Public Subnet A with a VTAP enabled Load Balancer-as-a-Service (LBaaS) (layer 7, proxy load balancer).
- Private Subnet B with the following components. Each component has VTAP
enabled.
- VNICs from application servers that the load balancer is directing traffic to
- Exadata clusters
- DBaaS systems
- Autonomous databases accessed via private endpoint (PE)
- The captured traffic from each VTAP is directed to a Network Load Balancer (layer 4, non-proxy load balancer) with backend hosts in a separate Private Subnet C with backend hosts which have the Wireshark packet analyzer software installed.
A Bastion Service allows the user to access the backend hosts. Each subnet has a security list and a route table.