OCI: Gateway Types and Network Routing Fundamentals Part-4

By -

When working with Oracle Cloud Infrastructure (OCI), understanding the different types of gateways is essential for designing secure and efficient network connectivity. In this article, I will explain Internet Gateway, NAT Gateway, Service Gateway, and Dynamic Routing Gateway (DRG) in simple terms.

Internet Gateway (IGW)

An Internet Gateway (IGW) is an optional gateway that can be attached to a Virtual Cloud Network (VCN) to enable direct connectivity between the VCN and the internet.

The Internet Gateway supports both inbound and outbound internet traffic.

By default, a compute instance deployed in a public subnet cannot access the internet unless:

  • An Internet Gateway is created and attached to the VCN.
  • The route table is configured to direct internet traffic through the Internet Gateway.
  • The instance has a public IP address assigned.

Oracle manages the availability, redundancy, and maintenance of the Internet Gateway internally.

Key Points

Used primarily for public subnets.

Enables inbound and outbound internet connectivity.

Requires proper route table configuration.

Instances typically need a public IP address to communicate through the Internet Gateway.


Network Address Translation (NAT) Gateway

A NAT Gateway enables instances in a private subnet to access the internet without exposing them to inbound internet connections.

If a server is deployed in a private subnet and needs to download operating system updates, RPM packages, application patches, or access external repositories, a NAT Gateway can be used.

The private subnet itself does not have direct internet connectivity. The NAT Gateway provides outbound internet access while keeping the instances private.

Key Points

  • Used by resources in private subnets.
  • Supports outbound internet traffic only.
  • Prevents inbound internet access to private instances.
  • Allows patch downloads, OS updates, and access to external repositories.
  • Public IP addresses are not required on private instances.
  • OCI automatically assigns a public IP to the NAT Gateway itself.

Common Use Cases

  • Downloading operating system updates.
  • Downloading RPM packages.
  • Downloading Oracle patches.
  • Accessing external repositories and APIs.

 

Service Gateway (SGW)

A Service Gateway allows resources in a private subnet to access Oracle Cloud services without using the internet.

Service Gateways are created at the VCN level. During creation, you can choose whether the gateway should provide access only to Object Storage or to all supported Oracle services.

Examples of OCI Services Accessed Through Service Gateway

  • Oracle Cloud Object Storage
  • Oracle Autonomous Database
  • Oracle Functions
  • Other supported OCI services

Common Use Cases

  • Backing up databases to Object Storage.
  • Connecting to Autonomous Database.
  • Accessing Oracle-managed cloud services privately.

Before Service Gateway

  • Private instances access Object Storage through the Internet Gateway.
  • Traffic leaves the VCN and uses public endpoints.
  • NAT or public internet access may be required.
  • Security exposure is higher.

After Service Gateway

  • Private instances access Object Storage through the Service Gateway.
  • Traffic remains within Oracle's private backbone network.
  • No public IP is required.
  • Security is improved and network exposure is reduced.

 

Dynamic Routing Gateway (DRG)

  • A Dynamic Routing Gateway (DRG) is a virtual router that connects your OCI VCN to networks outside OCI.
  • DRG is commonly used to establish private connectivity between OCI and external environments.

Supported Connections

  • On-premises data centers
  • Another OCI region through Remote Peering
  • Other cloud providers such as AWS, Azure, and Google Cloud
  • Site-to-Site VPN connections
  • FastConnect connections

Key Points

  • Acts as a virtual router between OCI and external networks.
  • Enables private communication between OCI and on-premises environments.
  • Supports VPN and FastConnect connectivity.
  • Used for hybrid cloud architectures and multi-cloud deployments.

Common Use Cases

  • Connecting an on-premises data center to OCI.
  • Accessing Oracle E-Business Suite hosted in OCI from a corporate network.
  • Building hybrid cloud solutions.
  • Establishing connectivity between OCI regions.

 

Gateway Type

Purpose

Internet Gateway (IGW)

Provides inbound and outbound internet access for public subnet resources

NAT Gateway

Provides outbound internet access for private subnet resources

Service Gateway

Provides private access to OCI services without using the internet

Dynamic Routing Gateway (DRG)

Provides private connectivity between OCI and external networks such as on-premises data centers, other OCI regions, and other cloud providers

 Related posts:

Comments

Post a Comment

Popular posts from this blog

How to troubleshoot long running concurrent request in R12.2

By -
We frequently encounter issues with concurrent programs running long and concurrent requests not picking up jobs. These problems are often expected from the development and functional team we need to address this issue To solve this, we should take the following steps: Collect below basis level of information to development team 1 Oracle seeded program/Custom program? 2 How much time it used earlier? 3 Is there any recent code change done in concurrent program? 4 Is this program fetching higher data compare to last run? 5 Does this job running any specific time/ It can be run any time? 6 Does this job fetching data using DB link? 7 Does the problem happen on both the test and production instance?   Troubleshooting Steps for Concurrent Requests Check for Locks and Blocking sessions Identify if the request is running but blocked by database locks/Blocking sessions. Use DBA tools or queries to identify and release locks if necessary. Review Parameters and Data ...
Read more

JSP Compilation in R12.2

By -
Sometime after upgrade, cloning and patching front end login page is not opening showing blank page or showing “ java.lang.StringIndexOutOfBoundsException ” error. This issue was occurring due to cache is not cleared after upgrade/Cloning JSP Compilation steps Step 1: Shutdown the application services Step 2: Take backup for the _Page(class file) folders $ cd $OA_HTML/WEB-INF/classes $ ls -lrt $ mv _pages _pages_bkup<date> a $ cd $OA_HTML/WEB-INF/classes $ ls -lrt $ mv _pages _pages_bkup<date> $ mkdir _pages $ ls -lrt Step 3: Run the below command $ perl $FND_TOP/patch/115/bin/ojspCompile.pl --compile --flush -p 99 Step 4: Start the application and clear browser cache. After completed the JSP compilation home page not coming please clear the image and style sheet cache also Cabo Images and style sheets can be corrupted or out of sync in the cabo caches, you may need to clear the related directories after backup: Step1: Shutdown the services...
Read more

How to find EBS URL in R12.2

By -
There are different way to find the EBS URL Method 1 Login the R12.2 application server Source the Env File [oracle@san ~]$ grep login $CONTEXT_FILE          <login_page oa_var="s_login_page">http://dev1.apps.com:8001/OA_HTML/AppsLogin</login_page> [oracle@san~]$ Method 2: Connect sqlplus apps user SQL> SELECT home_url  FROM icx_parameters; HOME_URL -------------------------------------------------------------------------------- http://<Hostname>:8007/OA_HTML/AppsLogin How to find Weblogic URL and PORT number: Login the R12.2 application server Source the Env File [oracle@sanprod ~]$ grep s_wls_adminport $CONTEXT_FILE          <wls_adminport oa_var="s_wls_adminport" oa_type="PORT" base="7001" step="1" range="-1" label="WLS Admin Server Port"> 7002 </wls_adminport> [oracle@sanprod ~]$ Weblogic Port Number:7002  Weblogic URL:http://<...
Read more