Oracle Cloud Infrastructure Networking Classic FAQ

VPN for Compute Classic via Corente Services Gateway

What is Corente Services Gateway?

Oracle’s Corente Cloud Services Exchange (Corente CSX) is a cloud-based software- defined networking (SDN) service that enables distributed enterprises to deliver trusted connectivity services to and from any location with less complexity, in significantly less time, and at a greatly reduced cost, when compared to more traditional approaches. The Corente Services Gateway (CSG) is a distributed virtual appliance located at the network edge that provides secure endpoints for virtual private networks over any IP networks with zero-touch installation. A Corente Services Gateway is installed at each branch or partner location, and creates a secure end-to-end connection for application traffic. The Corente Services Gateway also maintains separate out-of-band connections with the Service Control Point (SCP) centralized service management platform that provides secure policy-based service brokering, mediation, virtual network orchestration, monitoring, administration, and logging.

When do I need VPN for Compute Classic?

If you are concerned about the security of your data that is traversing over the public internet all the way from your Data Center to Oracle Cloud Infrastructure, you must use VPN for Compute Classic. It is available for Oracle Cloud Infrastructure Compute Classic, DBCS and JCS services.

How do I get an account Corente VPN?

A Corente account will be created and emailed to you once you purchased Oracle Cloud Infrastructure Compute Classic, DBCS or JCS services.

Can I install multiple gateways in the same environment?

Yes, multiple gateways can be configured to interconnect with multiple other gateway locations.

Is it IPSec compliant?

Yes, it uses standard IPSec.

What is the difference between VPN for Dedicated Compute Classic and VPN for Compute Classic?

VPN for Dedicated Compute Classic is hardware VPN solution for the Dedicated Compute Classic only. VPN for Compute Classic is a VM based VPN solution for general purpose compute, DBCS, JCS etc.

What is the hardware requirement Corente VPN host?

  • Processor: 1.5 GHz Intel-based x86 compatible server (such as Pentium, Celeron, or Core i7)
  • Memory: 1GB RAM
  • Hard Drive: 40 GB IDE/SATA
  • Network Interface: Integrated 10/100/1000M Ethernet Interfaces
  • The number of Ethernet interfaces depends on your Corente Services Gateway configuration, as follows:
    • One for peer configurations
    • Two for inline configurations
    • Three for DMZ or Dual WAN configurations
    • One dedicated interface for the back-channel failover configuration, if you plan to set up a redundant hardware
You can install Corente Services Gateways on the following virtualization platforms:
    • Oracle VM Server for x86 Release 3.4.1 or later
    • Xen 4.4
    • VMware ESX 5.5
    • Citrix XenServer 6.2
    • Microsoft Windows Server 2012 R2 Hyper-V

I have hardware VPN appliance in my datacenter. Will Corente VPN work with my existing appliance?

Currently, third-party VPN appliances will not work with the Corente service. VPN endpoint locations will need to install a Corente Services Gateway.

Do I need separate Corente Gateway for my DbaaS and Compute Classic instances in the same Identity Domain?

You can use the same Corente Services Gateway for multiple IaaS and PaaS services as long as it is in the same compute zone say us2-z23. It is highly recommended that you use different Corente Services Gateways for each services.

Where Can I find more information?

You can refer to the documentation for more information.

Back to Top

FastConnect

What is Oracle Cloud Infrastructure FastConnect Classic?

FastConnect Classic provides you access to your Oracle Cloud IaaS and PaaS services over a direct connection from your premises or colocation facilities. This service provides a direct and deterministic path from your network to Oracle Cloud services, so your data is not transported over the public Internet. This delivers consistent performance, dedicated bandwidth, and controlled or reduced latency. Oracle Cloud Infrastructure FastConnect Classic is offered in two variations to suit the needs of every enterprise and provide the optimal solution for different use cases:

  • FastConnect Classic with Standard Edition service model
  • FastConnect Classic with Partner Edition service model

Contact your Oracle Sales representative to identify the solution that suits your requirement.

What is FastConnect Classic with Standard Edition service model?

FastConnect Classic with Standard Edition service model provides you access to your Oracle Cloud IaaS and PaaS services using a direct connection from your premises or colocation facilities. With this service, you can connect your network edge routers directly to the Oracle edge routers and route traffic to and from Oracle Cloud using the BGP protocol. This service provides a direct and deterministic path from your network to the Oracle Cloud IaaS and PaaS services, so your data is not transported over the public Internet. This service delivers consistent performance, provides dedicated bandwidth, and renders controlled or reduced latency.

What is FastConnect Classic with Partner Edition service model?

FastConnect Classic with Partner Edition service model is offered through a partner, such as an IP VPN, MPLS VPN network service provider, or data center exchange provider. This provides you a simple and standard method of connecting with Oracle. It uses the Border Gateway Protocol (BGP) to exchange routing information with your network through the partner. This enables you to access your Oracle Cloud IaaS and PaaS services over a more direct path as an alternative to using the public Internet. See About the Service in FastConnect Classic Partner Edition.

What are the benefits of using FastConnect Classic with Standard Edition service model?

Establishing a direct connection from your premises to Oracle Cloud services helps in the following ways:

  • You can access your Oracle Cloud services over a direct and dedicated connection, without having to traverse the public Internet. Transferring data over a direct connection provides better privacy than transferring data over the public Internet.
  • You can transfer large volumes of data using high WAN bandwidth. Migrating your Internet traffic to a dedicated path improves the overall performance, significantly reduces the time taken to complete data transfers, and reduces the latency if you are colocated with an Oracle data center.

How does FastConnect Classic with Standard Edition service model Work?

What is the difference between FastConnect Classic with Standard Edition service model and FastConnect Classic Partner Edition?

Using FastConnect Classic with Standard Edition service model, you can connect your edge routers directly to the Oracle edge routers in a specific data center location and establish a BGP peering session directly with Oracle. FastConnect Classic Partner Edition, your connectivity to Oracle Cloud services is provisioned through a partner, such as Equinix Cloud Exchange or MPLS VPN providers.

For which Oracle Cloud services can I use FastConnect Classic with Standard Edition service model?

FastConnect Classic supports access to Oracle Cloud IaaS and PaaS services. Not all listed Oracle Cloud services are supported in each city. Contact your Oracle Sales representative for information about the Oracle Cloud services that you can access in your city. For the complete list of Oracle Cloud IaaS and PaaS services, see https://cloud.oracle.com.

Where is this service available?

For the most up-to-date listing of where this service is available, contact your Oracle Sales representative.

What are the prerequisites for setting up FastConnect Classic with Standard Edition service model?

Is it required to colocate within an Oracle data center to use FastConnect Classic with Standard Edition service model?

It is not mandatory for your data center to be colocated with an Oracle data center. However, you must connect to the Oracle data center in the city where your Oracle Cloud Service is provisioned. This is achieved using fiber cross connects when you are colocated with the Oracle data center.

Can I use FastConnect Classic with Standard Edition service model if my network equipment is not colocated with an Oracle data center?

Yes. You can still use the service by using a regional carrier or network service provider to extend your network from your premises or datacenter to the Oracle data center. Contact your network service provider to order an Ethernet private line in the appropriate city where your Oracle Cloud service is provisioned.

Will Oracle provide the network link from the Oracle edge routers to my premises if I decide to use FastConnect Classic with Standard Edition service model?

No. You must work with your network service provider to order the necessary private line from your premises to the Oracle facilities. 

How do I sign up for FastConnect Classic with Standard Edition service model?

Contact your Oracle Sales representative to order the service. See Ordering FastConnect Classic.

What equipment do I need to use to connect to FastConnect Classic with Standard Edition service model?

You require network equipment capable of supporting layer-3 routing using the Border Gateway Protocol and VLAN tagging using 802.1Q.

Are the connections to FastConnect Classic with Standard Edition service model redundant?

FastConnect Classic with Standard Edition service model is set up to ensure high availability. When you order this service, Oracle provisions two redundant ports for you to connect to. To achieve end-to-end redundancy from your network edge and to obtain the service level agreement (SLA) of 99.9%, you must order redundant circuits or lines from your network service provider along with separate physical cross connects to the Oracle edge routers from redundant routers in your network. You must also establish two redundant BGP peers. It is not mandated to set up two physical cross connects, but you forfeit the SLA of 99.9% if you only have one physical cross connect and one BGP peer.

What are the required network configurations to use FastConnect Classic with Standard Edition service model?

After receiving the configuration information from Oracle, establish logical connectivity and set up BGP routing configurations on your edge routers. Complete any additional configurations within your environment to manage the traffic flow across FastConnect Classic with Standard Edition service model. Oracle advertises its IPv4 prefixes over the BGP peer with your routers and you’ll need to accept those prefixes and configure the required priority for the traffic to specific end points for your services over the FastConnect Classic peer with Oracle.

Is my BGP session with Oracle secure?

Yes. You can use a pre-shared key for the BGP session while setting up the connection.

Can I advertise private IP addresses to Oracle using OFastConnect Classic with Standard Edition service model?

No. You must advertise publicly routable IP addresses over your peering session with Oracle.

I don’t have public IP prefixes registered with IRR or RIR under my organization name. Can I still advertise these?

This is reviewed and approved by Oracle on a case-by-case basis. You must submit the request through the Oracle Account team. While submitting the request, provide information about who owns the public prefixes and the business reason for using them.

What are the limitations on the number of routes that I can advertise using FastConnect Classic with Standard Edition service model?

You can advertise a maximum of 200 IPv4 prefixes over the BGP peering for FastConnect Classic with Standard Edition service model. 

Will my connectivity fail if my link to Oracle data center fails?

If you have configured redundant connections from your network edge to the Oracle data center and only one of your links fails, you won’t lose connectivity. If both your links to the Oracle data center fail, you won’t be able to use FastConnect Classic with Standard Edition service model till the connectivity is restored.

You’ll need to establish and test the appropriate configurations on your routers to ensure that you will not lose connectivity if a link fails.

Even if both your links to FastConnect Classic with Standard Edition service model fail, you won’t lose access to Oracle Cloud services as they’ll still be available through the public Internet. You can reconfigure your routers to route traffic related to your Oracle Cloud IaaS and PaaS services through the public Internet.

You’ll need to establish and test the appropriate configurations and procedures to ensure uninterrupted access to your Oracle Cloud IaaS and PaaS services over the public Internet even when both your links to FastConnect Classic fail.

When I connect to FastConnect Classic with Standard Edition service model using redundant cross connects or private lines, are both the lines active for exchange of traffic?

Yes. FastConnect Classic with Standard Edition service model is configured as active-active for the two links. Both BGP sessions on the two links are up and active and can pass traffic at any time to provide high availability. You must configure your BGP routing to pass traffic through only one link at a time. You should also set your BGP local preference so traffic back to FastConnect Classic is routed to the primary link. The secondary link is used only if the connection through the primary link or router fails.

If I order a redundant connection, will the FastConnect ID for the redundant connection be different?

No. The FastConnect ID that you receive when FastConnect Classic is provisioned is valid for a redundant pair of connections at a location.

Can I extend a VLAN from my network using FastConnect Classic?

No. Layer-2 connectivity into FastConnect Classic is not supported.

What is an Autonomous System number (ASN)?

An Autonomous System Number or ASN is used in the Internet to identify either a single network or a group of networks managed and controlled by a common network administrative entity (which could be an Internet Service Provider, a business enterprise, an institute for example). An autonomous system is a routing domain that is managed by the network administrator of that domain. The autonomous system is assigned a globally unique number that is referred to as the Autonomous System Number (ASN). See http://www.iana.org/assignments/as-numbers/as-numbers.xhtml.

What is the ASN for Oracle Cloud Infrastructure?

The ASN for Oracle Cloud Infrastructure is currently AS7160.

I have forgotten my FastConnect ID. Where can I find it?

The FastConnect ID is created when your FastConnect Classic service is ordered. Contact your Oracle Sales representative to get your FastConnect ID.

I am connected with the Oracle data center at a different city than where my Oracle services are provisioned. Can I use that same connection to access FastConnect Classic?

No. You must order FastConnect Classic with Standard Edition service model at the location where your Oracle services are provisioned and connect through the Oracle data center at that location.

I have Oracle Cloud services provisioned at multiple locations and I want to access all the services using FastConnect Classic. How can I achieve this?

If you have Oracle Cloud IaaS and PaaS services provisioned in multiple locations, you’ll need to establish FastConnect Classic connection at each of the locations where your services are provisioned. For example, if you have services at both Chicago and Ashburn, you must order and provision FastConnect Classic connections at both locations. Contact your Oracle Sales representative for information about the Oracle Cloud services that you can access in your city.

What are the connection speeds available for connecting through FastConnect Classic with Standard Edition service model?

The connections speeds available on the Oracle routers are 1 Gbps and 10 Gbps. However, the service features and connectivity options are constantly upgraded. Contact your Oracle Account team to obtain more information and updates.

If I am ordering FastConnect Classic Edition at two locations, do they have to be the same speed or can they be different speeds?

You can select different speeds for FastConnect Classic with Standard Edition service model connections that are provisioned in different cities or locations. For example, if you provision an FastConnect Classic with Standard Edition service model connection at Chicago and another at Ashburn, you can pick 10 Gbps for one location and 1 Gbps for the other location based on your requirements.

Can I use FastConnect Classic with Standard Edition service model in one location and FastConnect Classic - Partner Edition at a different location?

Yes. You can provision FastConnect Classic with Standard Edition service model at one location and provision FastConnect Classic Partner Edition at a different location based on your requirements. Contact your Oracle Sales representative for information about the Oracle Cloud services that you can access in your city and which service you can use in each city.

Is FastConnect Classic with Standard Edition service model the same as an IPSec VPN tunnel?

No. FastConnect Classic with Standard Edition service model provides the ability to route your traffic to and from Oracle without having to traverse the public Internet but it is not an IPSec VPN tunnel.

Can I establish an IPSec VPN tunnel to Oracle if I am using FastConnect Classic with Standard Edition service model?

Yes. You can establish an IPSec VPN tunnel to Oracle after you establish direct connectivity using FastConnect Classic with Standard Edition service model. For more information about establishing an IPSec VPN channel from your data center, see Connecting to Instances in a Dedicated Site Using VPN in Using Oracle Compute Classic.

Is it mandatory to establish an IPSec VPN tunnel over this service?

No. You can establish an IPsec VPN tunnel to provide an extra layer of security and is not a mandatory requirement. If you are accessing Dedicated Compute Classic services through FastConnect Classic Partner Edition, you must use IPsec VPN tunneling to extend your on premise private network.

Back to Top

×
Call us now
1-800-633-0738 (United States)

Contact
×
Call us now
1-800-633-0738 (United States)

Technical Support

Oracle Cloud Discussion Forums