In my recent ‘Getting started with Oracle Cloud VMware Solution (OVCS)’ post; Getting Started With Oracle Cloud VMware Solution (OCVS) – Connecting To Oracle Cloud Infrastructure Services we deployed a Windows Server into our OCVS SDDC and connected it, using NFS, to an OCI File System that will be used to store files and folders for our users.
Posts in this series:
In this blog post, we are going to look at connecting our OCVS SDDC environment to our on-premises vSphere environment, so that our workloads in both environments can communicate with each other. There are two main ways of connecting OCVS to an on-premises environment. Oracle FastConnect or Oracle VPN Connect. In my environment, I will be using an Oracle FastConnect connection provided by Megaport. As there are many other ways of setting up a FastConnect via other services, I will not document that section step-by-step.
Here is a high-level diagram of what we are going to be configuring.
The first step to enabling hybrid connectivity is to deploy a Dynamic Routing Gateway (DRG) within our Oracle Cloud Infrastructure (OCI). You can think of a DRG as a virtual router that provides a path for private traffic (that is, traffic that uses private IPv4 addresses) between your VCN and networks outside the VCN’s region.
Once the DRG has been created, we now need to attach it to our VCN.
Before we can create our FastConnect connection, we need to collect some information that will be used as part of this process.
Configuring BGP On-Premises
Now that you have created your Oracle FastConnect, next, we need to configure the on-premises router to establish a BGP session. The steps that are needed to perform this configuration will vary depending on which router or service you are using for your on-premises connectivity. For this reason, I am not going to document the step-by-step process. For my Megaport connection, I followed the Connecting to Oracle Cloud Infrastructure FastConnect documentation.
However, the information I needed to complete the configuration can be found in one place in the OCI interface.
With this information to hand, go ahead and configure the BGP configuration. Once correctly configured, the OCI console will appear green, Lifecycle State will show as Provisioned and the IPv4 BGP Status will show as UP.
With our on-premises connectivity established, it’s time to configure our OCI environment to allow traffic to flow between our on-premises environment and our Windows Server virtual machine running within our OCVS SDDC.
The cool thing about the review page is that it displays exactly what Route Table and Network Security Group configurations the wizard is going to make. I found this very useful to help me understand how Route Tables and NSG’s need to be configured to allow traffic to flow. This knowledge will help me in the future when I need to configure something that Oracle doesn’t offer a wizard for.
NOTE: By default, the wizard allows ALL traffic between the on-premises network and the workload network. If this is not desired, be sure to change the rules configured on the following NSG: ‘NSG for NSX Edge Uplink VLANs in tshirts-sddc’
All that is left is to make sure connectivity is working between our on-premises environment and our Windows server which is running in our OCVS SDDC.
The quickest and easiest way to test this is to run a simple ping from a server running in the on-premises environment to a server running in OCVS. Remember, Windows blocks ping by default, so allow it through the windows firewall if you haven’t already.
In the blog post, we’ve been able to quickly and easily configure hybrid connectivity between our on-premises environment and our OCVS SDDC. In my experience, the part the causes the most issues is the BGP configuration. So if you aren’t already, I’d recommend speaking to someone from your networking team who can assist you. It’s a very simple configuration IF you’ve previously configured BGP.
In the next post in this ‘Getting Started with Oracle Cloud VMware Solution (OCVS)’ series, we’ll be looking at using VMware HCX to migrate workloads from our on-premises network over to our OCVS SDDC.
Another VMworld is upon us!!! Sadly, it's only virtual again this year. However, that does…
As part of my recent move to Google, I'm working on quickly getting up to…
I am delighted to announce the next chapter in my career. Today is my first…
In episode thirteen of The VCDX Podcast, I am joined by two special guests who…
In my recent ‘Getting started with Oracle Cloud VMware Solution (OVCS)’ post; Getting Started With…
In my recent ‘Getting started with Oracle Cloud VMware Solution (OVCS)’ post; Getting Started With Oracle…