This post was written by Sergio J. Castro, Senior Solutions Engineer at Oracle, and Bill Blake, Global Solutions Architect at Equinix.
Oracle Cloud Infrastructure FastConnect is a network connectivity alternative to the public internet for connecting an on-premises data center or network with Oracle Cloud Infrastructure.
Equinix is the first and the largest FastConnect partner, that connects the world's leading businesses to their customers, employees and partners inside the most interconnected data centers. With Equinix Cloud Exchange Fabric ™ (ECX Fabric), customers can extend their Oracle IaaS and PaaS solutions to the Oracle Cloud in 30 plus locations across US, EMEA and APAC.
Equinix Cloud Exchange Fabric is optimized for connectivity to Oracle Cloud Infrastructure services, leveraging FastConnect. The result is a secure connection that offers predictable and consistent latency and high bandwidth, for dedicated speeds up to 10 GBPS.
In this post, cloud architects from Oracle and Equinix provide all the necessary steps for completely configuring a FastConnect link from Oracle Cloud Infrastructure to an on-premise router by using Equinix Cloud Exchange Fabric.
Accounts in both Oracle Cloud Infrastructure and Equinix are needed. On the on-premise side of the connection, administrator access to the router that will serve as the customer premise equipment is required. In this post we use a Cisco CSR.
On Oracle Cloud Infrastructure, we build a virtual cloud network (VCN), configure a dynamic routing gateway (DRG), associate the DRG with the VCN, and then add a route rule that points VCN traffic to the DRG. We then configure the FastConnect link. From the FastConnect configuration, we retrieve the virtual circuit OCID and pass it to Equinix for their Cloud Exchange Fabric configuration for setting a private peering.
On Equinix Cloud Exchange Fabric, we create the connection to Oracle Cloud Infrastructure, using the OCID and other information like region, Border Gateway Protocol (BGP) IPs, and autonomous system number (ASN) to complete the configuration.
A Virtual Cloud Network (VCN) is a software defined, private network that you set up in Oracle Cloud Infrastructure. It is a virtual representation of a physical network, with routers, routes and security rules. A VCN is not really needed for the purpose of configuring the Fastconnect link. But the purpose of it is for interconnecting on-premise to cloud networks. And, in this post, for testing end to end connectivity via ICMP.
Sign in to your tenancy in the Oracle Cloud Infrastructure Console.
Ensure that you’re in the Oracle Cloud Infrastructure region that matches the Equinix destination region that you’re going to configure. This example uses the Ashburn region.
In the Quick Launch section of the home page, click Create a virtual cloud network: Networking.
In the Create Virtual Cloud Network dialog box, select a compartment. If one is preselected, ensure that you want your VCN to reside there, or select another one. Oracle Cloud Infrastructure uses compartments to organize resources.
Give your VCN a name. If you leave this field blank, the date and time of creation will be the VCN name.
Select Create Virtual Cloud Network Plus Related Resources. This option assigns a default CIDR block, creates a subnet in each availability domain, adds an internet gateway, generates a security list, and generates a route table with a rule that routes out to the open internet. If you want to customize your own settings, select Create Virtual Cloud Network instead and then create each of these resources.
Click Create Virtual Cloud Network.
The VCN detail page is displayed.
Note: For this example, we launched a Linux VM compute instance with a private IP address of 10.0.2.2. For information about how to launch compute instances on Oracle Cloud Infrastructure, see the Getting Started guide.
A Dynamic Routing Gateway (DRG) is a virtual router that provides a pathway for private traffic between your VCN and other networks, like an on premise network.
On the left side of the Console, under Networking, click Dynamic Routing Gateways.
Click Create Dynamic Routing Gateway.
In the Create Dynamic Routing Gateway dialog box, select the compartment where you want your DRG to reside, and give your DRG a name (in this example, EquinixDRG).
Click Create Dynamic Routing Gateway.
After your DRG is provisioned, select it.
On the left side of the Console, under Resources, click Virtual Cloud Networks.
Click Attach to Virtual Cloud Network.
In the Attach to Virtual Cloud Network dialog box, select the same compartment where your VCN resides, and then select the VCN (in this example, EquinixVCN).
You can ignore the Associate with Route Table settings. For more information about this option, click the help link or the information symbol in the dialog box.
Your VCN is now attached to the DRG.
A VCN uses virtual route tables to send traffic out of the VCN, for example, to the Internet or to your on-premises network, which is this case.
Go back to the Networking section and select your VCN (in this example, EquinixVCN).
Under Resources, click Route Tables.
Click Default Route Table for EquinixVCN.
Click Edit Route Rules.
Click +Another Route Rule.
In the expanded dialog box, provide the following information:
The final step on Oracle Cloud Infrastructure is to configure the FastConnect Circuit that the DRG will be using for reaching the on-premise network. For these step you need to know the Border Gateway Protocol (BGP) IP Addresses, and the Autonomous System Number (ASN). Equinix will provide this information.
Go back to the Networking section.
Under Networking, click FastConnect.
Click Create Connection.
In the Create Connection dialog box, select Connect Through a Provider, and then select Equinix: CloudExchange.
In the new Create Connection dialog box, provide the following information. The values provided here are specific to this example.
The connection is created from Oracle Cloud Infrastructure.
On the details page for the connection, copy the OCID. You need it to provision the virtual connection from Equinix in the next section. You can also click the Equinix link, which takes you to their main site, where you can log in to their portal (for the next section).
Now that you completed the Oracle Cloud Infrastructure part, as it is indicated in the image above, the FastConnect status is Pending Provider. Now you need to configure the Equinix part, which is the provider of the actual physical link.
Log in to the Equinix Cloud Exchange Portal.
Click the Create Connection tab.
Select Oracle Cloud.
From the four options, select Oracle Cloud Infrastructure –OCI- FastConnect (Layer 2) and then click Create a Connection.
Select an origin and destination. In this example, we are creating a virtual connection from Equinix Chicago to the Oracle Cloud Infrastructure Ashburn region, which is local to Equinix Ashburn.
Note that we are using the Equinix Cloud Exchange (ECX) WAN Fabric to transit between Chicago and Ashburn.
Provide the required information to build the virtual connection:
The circuit speed is automatically based on the OCID from Oracle Cloud Infrastructure.
On the page that summarizes the virtual connection settings, validate the settings and add your email address for order notifications.
A confirmation screen appears.
Click Inventory and locate your new virtual connection.
Click the virtual connection to view the status. It normally takes from 5 to 10 minutes for the Equinix Cloud Exchange to configure the Equinix and Oracle sides.
Ensure that the Status and Provider Status fields say Provisioned.
The additional information that shows the Oracle side of the virtual connection can be used later for troubleshooting.
On the connection detail page in the Oracle Cloud Infrastructure Console, note that the link is provisioned but not yet synchronized.
Now that the Equinix part is done, the final step is configuring the connection to the on-premise network.
Access your router to configure the BGP properties and establish a peering relationship with Oracle Cloud Infrastructure DRG to exchange routes. This step can vary by vendor; this example is using a Cisco CSR. Refer to your vendor’s documentation for help with BGP.
Oracle's BGP ASN is 31898 when using the Equinix Cloud Exchange. Your ASN can be any private or public ASN that you own.
Configure the router IP address and BGP information:
Following are some suggested steps for testing the connectivity.
Verify that BGP has been established.
Verify that BGP routes are being sent and received from Oracle Cloud Infrastructure.
Send ping and traceroute commands to the Oracle DRG.
Send ping and traceroute commands to Oracle bare metal hosts or VMs within Oracle Cloud Infrastructure.
If you are using multiple virtual connections, test failover.
Verify that you can ping an Oracle VM (10.0.2.2) from your router (192.168.1.1).
Verify that you can ping the Oracle DRG IP address (172.16.4.2) from your router.
In the Oracle Cloud Infrastructure Console, verify that the status of the FastConnect connection is UP.
Basic connectivity should now be established between the edge router and Oracle Cloud Infrastructure.
To learn more about Oracle Cloud Infrastructure FastConnect, see FastConnect Overview.
To learn more about Oracle Cloud partnership with Equinix, see this partner page.
To learn more about Equinix Cloud Exchange Fabric, see ECX Overview.
Bill Blake is a network veteran of over 13 years, and has covered nearly all related technologies including wireless, routing, switching, security, cloud, data centers, and load balancing. He has worked for large enterprises in technical, architectural, and managerial roles, as well as for a large VAR performing massive data center migrations. Most recently, Bill works at Equinix helping customers architect their data center, WAN, and cloud strategies on a global scale.
Sergio Castro is an Oracle Cloud Infrastructure Certified Architect, Associate. He focuses on networking and on next-generation IT services. You can reach him at email@example.com.