This image shows the basic elements for a disaster recovery deployment across two Oracle Cloud Infrastructure regions. Each region has a similar configuration.
- Each region provides a single availability domain with 3 virtual cloud networks (VCN) connected by a local peering gateway. VCNs, and their subnets are shown here with basic information:
- VCN A: Provides an internet gateway, a network address translation (NAT) gateway, two public subnets and a private subnet.
- VCN B: Provides a NAT gateway and three private subnets.
- VCN C (Hub): Provides a dynamic routing gateway (DRG), a NAT gateway, and a single private subnet.
- Cross-region communication and disaster recovery uses the following:
- Public subnets accessed through internet gateways are secured using a web application firewall (WAF).
- The customer data center uses FastConnect or a VPN to communicate with the hub VCNs through the DRG. Other systems, such as SAP and AWS, similarly use a VPN to communicate with the hub VCNs through the DRG.
- Hub VCNs can communicate with each other using a software defined WAN network.
- Database systems use Data Guard to ensure synchronization and availability.
- Remote peering gateways allow the VCNs' resources to communicate using private IP addresses without routing the traffic over the internet or through your on-premises network.