For organizations seeking to optimize cloud infrastructure capabilities and spending, a multicloud solution might be the best approach. It gives organizations access across cloud providers, so workloads and data can be in an environment best suited to their capabilities. To create an integrated multicloud experience, Oracle and Microsoft offer direct interconnection between Oracle Cloud Infrastructure (OCI) and Azure through FastConnect and ExpressRoute.
Recently, Microsoft Azure published several reference architectures to assist multicloud customers using the Oracle Interconnect for Azure, also known as the OCI-Azure Interconnect, to enable network connectivity using different supported and validated scenarios with Microsoft. Read on for an overview of each architecture and links to the documentation to deploy them yourself.
The OCI-Azure Interconnect is a dedicated private interconnection with FastConnect and ExpressRoute that helps multicloud customers innovate across two clouds and apply existing and familiar tools to support workloads. This interconnection offers the following benefits:
Use a direct private connection with low latency with no intermediate service provider.
Gain the ability to choose the best of Oracle’s and Microsoft’s industry-leading technologies.
Maximize return on investment (ROI) by using existing investments and licenses.
Dedicated bandwidth and more
If you’re new to the Interconnect, refer to this blog for the end-to-end interconnect configuration between OCI and Microsoft Azure.
Oracle and Microsoft’s partnership enables customers to deploy multicloud architectures within interconnected regions where customers can innovate using the best of OCI and Microsoft Azure with seamless interoperability. The new architectures include the following features:
Extend the OCI-Azure Interconnect using Azure Virtual VWANN
Enable Azure and OCI interconnected crossconnected ExpressRoutes and region peering
Enable the OCI-Azure Interconnect and secure your traffic using Network Virtual Appliance (NVA).
You can learn more about the Interconnect solution from the Oracle documentation and Azure documentation. Read on for details on each new architecture and the required components for each network configuration.
This solution architecture shows you how to use Azure Virtual WAN to connect your OCI resources to Azure resources over an Interconnect connection. Azure Virtual WAN is a networking service that brings many networking, security, and routing functionality together with key features like ExpressRoute private connectivity.
After you set up the Interconnect, you can extend the ExpressRoute circuit to the ExpressRoute gateway attached to the virtual hub of VWAN. It enables a global transit network architecture, where the cloud hosted network hub enables transitive connectivity between endpoints distributed across different types of spokes. Azure regions serve as hubs that you can choose to connect to. All hubs are connected in full mesh in a standard Virtual WAN configuration, making it easy for you to use the Microsoft backbone for any-to-any (spoke) connectivity.
To learn more and deploy this architecture in a multicloud environment, follow this Oracle Learn platform documentation.
To deploy and validate the architecture, deploy the following networking components:
For network configuration running in Azure:
Azure Virtual WAN running in the interconnected region
Azure ExpressRoute circuit with ExpressRoute Gateway attached to VWAN
Required Azure virtual networks and subnets with compute resources
For network configuration running in OCI:
OCI FastConnect with a dynamic routing gateway (DRG) running in the interconnected region
Required virtual cloud networks (VCNs) and subnets with compute resources
Validate the following network connectivity details between OCI to Azure:
Required routings with security lists are opened to support traffic.
Perform ICMP/TCP RTT to check the connectivity and extend the architecture to support proof of concept to validate your use case.
To enable customers to deploy an effective disaster recovery architecture, OCI and Azure provide inteconnected regions, such as US East and US West3 in North America. This solution architecture shows you how to set up disaster recovery architecture using OCI region peering and ExpressRoute crossconnections within interconnected regions and extend multicloud crossconnectivity, which ensures high availablity within connected regions. If a certain region or the Interconnect fails, you can reach the region using multicloud cross connectivity.
To learn more and deploy this architecture in your multicloud environment, follow this Oracle Learn platform documentation.
To deploy and validate the architecture, deploy the following networking components:
For network configuration running in Azure:
AzureVNet gateways in interconnected regions
ExpressRoute circuit with VNet gateway and crossconnections
Required Azure virtual networks and subnets with compute resources
Optionally enable global reach on ExpressRoute as a fallback option
For network configuration running in OCI:
FastConnect with a DRG running in interconnected regions
Regions peering between OCI regions
Required VCNs and subnets with compute resources
Validate the following network connectivity details between OCI to Azure:
Required routings with security lists are opened to support traffic.
Perform ICMP/TCP RTT to check the connectivity and extend the architecture to support proof of concept to validate your use case.
Customers often look for securing and inspecting traffic within their cloud environment using firewalls. A firewall is a security device that monitors all incoming and outgoing traffic on a network. Network firewalls work like device-specific firewalls, but they protect an entire network by blocking unauthorized access, which protects all the devices connected to that network. This solution architecture shows you how to use Azure Firewall and OCI Network Firewall service provisioned within interconnected regions. You deploy these firewalls in a hub-and-spoke architecture where, when the Interconnect is set up successfully, you can route the multicloud traffic through firewalls within the hub VCN or VNET for securing and inspection.
To learn more and deploy this architecture in the multicloud environment, follow this Oracle Learn platform documentation.
To deploy and validate the architecture, deploy the following networking components:
Network configuration running in Azure
Azure VNet gateways in interconnected regions with ExpressRoute circuits
Required hub-and-spoke Azure Virtual Networks, subnets with compute resources, and spoke VNet peering
Network configuration running in OCI
FastConnect with a DRG running in interconnected regions
Required VCNs and subnets with compute resources
Validate the following network connectivity details between OCI to Azure:
Required routings with security lists are opened to support traffic.
Perform ICMP/TCP RTT to check the connectivity and extend the architecture to support proof of concept to validate your use case.
You can also use any third-party Network Virtual Appliance partner, such as Fortinet, Check Point, Cisco, and Palo Alto Networks, supported on both cloud providers.
This post highlights some new validated networking scenarios to deploy your interconnected workloads in a multicloud environment successfully and utilize the OCI-Azure Interconnect partnership to achieve better performance of both clouds. Want to learn more about the Oracle Cloud Infrastructure and Azure Interconnect? Check out the Oracle Azure Interconnect today!
Arun Poonia is a Principal Solutions Architect whose work is currently focused on Oracle Cloud Infrastructure. His experience at Oracle has been around Strategic Partnership, OCI/Azure Interconnect, Security & Developer Services and OCI Marketplace; Networking & Security.
Prior to joining Oracle, Arun was a Solutions Architect working primarily on various Networking & Security products; associated customers and partners. His experience over the last 11 years was around architecting, planning, implementation and integration of Networking & Security solution with large enterprise customers and supporting them on hybrid cloud solutions.
Previous Post
Next Post