Local VCN peering is the process of connecting two VCNs in the same region so that their resources can communicate using private IP addresses without routing the traffic over the internet or through your on-premises network. The VCNs can be in the same Oracle Cloud Infrastructure tenancy or different ones.
At high Level:-
- Two VCNs with non-overlapping CIDRs, in the same region
- A local peering gateway (LPG) on each VCN in the peering relationship.
- A connection between those two LPGs.
- Supporting route rules to enable traffic to flow over the connection, and only to and from select subnets in the respective VCNs (if desired).
- Supporting security rules to control the types of traffic allowed to and from the instances in the subnets that need to communicate with the other VCN.
1.. Login to OCI console, open the navigation menu. Under Core Infrastructure, go to Networking and Virtual Cloud Network.
1.1 Click on Start VCN Wizard tab, and again select VCN with Internet connectivity and now click on the Start VCN Wizard.
1.2.. Now click on Next and review the resources of your VCN and click on Create
Note :- Creating VCN with Internet connectivity it provides VCN, public subnet, private subnet, internet gateway (IG), NAT gateway (NAT), service gateway (SG).
2.. Now again follow the same process to create a new VCN in same region as VCN_LPG1 but with different name VCN_LPG2 and different non overlapping CIDR value. i.e. 192.168.0.0/16
2.1 Enter details as given below for VCN_LPG2 and again review the resources of your VCN_LPG2 and click on Create
3.. Now as you can see given below my both the VCN for local peering are in same region US West (Phoenix) and same region. Similarly, you can peered VCN either with same tenancy or different tenancy bu.t in same region only.
4.. Now create two compute instances COMPUTE_LPG1 in VCN_LPG1 and COMPUTE_LPG2 in VCN_LPG2
Note:- To create compute instances navigate to Compute Tab and then click on instances Tab and again click on Create Instance Tab.
In summary COMPUTE_LPG1 :-
In summary COMPUTE_LPG2:-
5.. Now create Local Peering Gateway for both VCN, VCN_LPG1 and VCN_LPG2
For VCN:- VCN_LPG1 go to detail page and click on Local Peering Gateways Tab
Give name LOCAL_PEERING_GATEWAY_VCN1 and click on Create Local Peering Gateway
Once it is created it will appear like given below.
6.. Again follow the same process and create LOCAL_PEERING_GATEWAY_VCN2 for VCN, VCN_LPG2
And once it is created it will appear like this
7.. Now to establish connection between Local Peering Gateway created LOCAL_PEERING_GATEWAY_VCN1 and LOCAL_PEERING_GATEWAY_VCN2
7.1 Navigate to VCN, VCN_LPG1 -> and LOCAL_PEERING_GATEWAY_VCN1 and click on Establish Peering Connection Tab
And enter the details of other VCN,VCN_LPG1 and Local Peering Gateway, LOCAL_PEERING_GATEWAY_VCN2 And click on Establish Peering Connection
7.2.. Hence Peering Connection is done
8.. Now to add Route Rule, navigate to VCN_LPG1-> click on Default Route Table for VCN_LPG1 -> click on Add Route Rules and enter information as given below .i.e Public Subnet-VCN_LPG2:-192.168.0.0/24
9.. Again follow the same process to add Route Rule, navigate to VCN_LPG2-> click on Default Route Table for VCN_LPG2 -> click on Add Route Rules and enter information as given below i.e Public Subnet-VCN_LPG1:- 10.0.0.0/24
10.. Configuring Security Lists for Local Peering Gateway in both VCN, VCN_LPG1 and VCN_LPG2
10.2 Navigate to VCN, VCN_LPG1 -> click on Security List and then click on Default Security List for VCN_LPG1 and again click on Add Ingress Rules.
10.3 Navigate to VCN, VCN_LPG2 -> click on Security List and then click on Default Security List for VCN_LPG2 and again click on Add Ingress Rules.
11.. Now to test Local Peering Connectivity navigate to both compute instance COMPUTE_LPG1 and COMPUTE_LPG2 and login using respective public IP address and ping private IP address of each other compute instances.
11.1.. From COMPUTE_LPG1 to private IP address of COMPUTE_LPG2
11.2.. From COMPUTE_LPG2 to private IP address of COMPUTE_LPG1
Happy Learning !!!!
askmedawaa.wordpress.com 