Virtual Cloud Network (VCN)

Introduction 

  • Virtual Cloud Network (VCN) lives within an OCI region (not AD level, a regional component)
  • OCI VCN support ranges from 10.0.0.0/16 (highest) to 10.0.0.0/30 (lowest) only.
  • VCN reserves the first two IP addresses and the last one in each subnet CDIR
  • When you create a VCN, you give it an address space which is a range of IP addresses that you assign. Example 10.0.0.0/16 which is a range from 10.0.0.0 to 10.0.255.255 (/16 reservers the first 16 bits for the network)
  • VCN covers a single contiguous CIDR block and the allowed size range is /16 to /30
  • Network bandwidth: depends on service compute shape

Default VCN Components


The following default components cannot be deleted but can change the contents
  • Default Security List
  • Default Routing Table
  • Default DHCP

Subnets

  • Continuous range
  • Cannot overlap
  • Can be defined on AD level or Regional (span all ADs)
  • Instances are placed on subnets and get their IP addresses and network configuration from the subnet.
  • The first host address (0) is reserved for the network
  • The last address (255) is reserved for broadcast
  • Types
    • Private subnets: only private IP addresses assigned to instances VNICs
    • Public subnets:  contains both private and public IP addresses.
  • Address ranges examples
    • 10.0.0.0/16         10.0.0.0 - 10.0.255.255
    • 10.0.0.0/24          10.0.0.0-10.0.0.255
    • 10.0.0.0/27          10.0.0.0-10.0.0.31
    • 10.0.0.0/32           one address 10.0.0.0 
    • 0.0.0.0/0              Any IP address

VNIC

  • Virtual Network Interface Card
  • Attached to a compute instance
  • Each instance can have two or more VNICs, each VNIC can have multiple private and public IP addresses.
  • The primary private IP address is mandatory
  • One compute instance could have VNIC in different subnets or even different VCNs

IP Addresses

Private IP Addresses

  • A primary private IP address is mandatory, created when an instance is created.
  • Can have up to 31 additional secondary IPs.
  • Secondary VNIC address can be on different subnets or VCNs

Public IP Addresses

  • Reachable from the internet
  • Optional on instances
  • Multiple IPs are possible for an instance (each public ip assigned to one VNIC).
  • Two kinds:
    • Ephemeral
      • Temporary and exist for the life of the instance
      • Can be assigned one per VNIC
    • Reserved
      • Persistent and existing beyond the life of the instance. Can be unassigned and reassigned to other instances.
      • Can be assigned to max 32
  • No charge for using Public IP
  • Cannot choose or edit


Routing Table

  • Contains rules about how IP packets can travel to different IP addresses out of the VCN.
  • Attached to subnets
  • Each subnet uses a single routing table, which can be changed later.
  • Consist of a set of route rules, each rule specify 
    • Destination CIDR block
    • Route target -- the next hop -- for the traffic that matches the destination CIDR 
  • Contain rules about how IP packets can travel to different IP addresses outside the VCN.
  • The routing table is used only if the destination IP address is not within the VCN CIDR block.
  • No routing rules are required to enable traffic within the VCN.




Comments

Post a Comment

Popular posts from this blog

Exam Study

 In the left side sections (Study Guide), you will find a list of subjects that helps in the exam study.  I will be adding more pages to cover other subjects. Being an OCI Architect requires practical experience. I advise you to get a free account to practice your knowledge. To get OCI free access, follow this link Using the Oracle documentation, this study guide and practicing in your free Oracle OCI instance should help you to accomplish your goals and pass the OCI Architect Exam.  If you have questions, let me know in the comments and I will try to help.
Read more