In today’s post will see VCN Local peering.
High-level overveiw diagram of VCN Local peering:
My Environment details :
I have two compartments.
Compartment 1 as PRD_COMPARTMENT:
- In this compartment, I have created VCN with CIDR 10.0.0.0/16 and with Subnets 10.0.1.0/24, 10.0.2.0/24, 10.0.3.0/24
- Created a Internet Gateway.
- Provisioned an instance with name prd-instance01 and its private IP is 10.0.1.2 (Used Subnet 1 for this instance)
Compartment 2 as SIT_COMPARMENT:
- In this compartment I have created VCN with CIDR 188.8.131.52/16 AND WITH Subnets 184.108.40.206/24,220.127.116.11/24,18.104.22.168/24
- Create an Internet Gateway.
- Provisioned an instance with name sit-instance01 and its private IP is 22.214.171.124 (Used Subnet 2 for this instance)
Now, by default the two instance prd-instance01 and sit-instance01 will not have communication as they are in a different compartment, different VCN, different subnets.
So, with the help of VCN Local peering concept, we will able to achieve the communication b/w the two instances which are in different compartments.
Steps to follow are:
- Create Local Peering Gateway in SIT_VCN01 (which is in SIT_COMPARTMENT).
- Create Local Peering Gateway in PRD_VCN01 (which is in PRD_COMPARTMENT).
- Add Local peering Gateway rule in Route table of SIT_VCN01
- Add Local peering Gateway rule in Route table of PRD_VCN01
- Go to Local peering Gateway of PRD_VCN01 and do the peering with the Local peering Gateway of SIT_VCN01
- Add security rule to allow desired protocols in both security lists of SIT_VCN01 and PRD_VCN01
- Check from both instance, they are able to communicate each other or not.
Creating Local Peering Gateway in SIT_VCN01 in SIT_COMPARTMENT.
SIT_LPG01 Local peering gateway creates successfully.
Going to PRD_COMP_VCN01, create a Local peering Gateway.
PRD_LPG01 Local peering Gateway created successfully.
Add Local peering Gateway in the Route table of PRD_VCN01
Added successfully PRD_LPG01 in the route table, please save the information.
Adding SIT_LPG01 Local Peering Gateway to the Route table of SIT_VCN01.
Now, go to PRD_LPG01 Local peering gateway and peer with SIT_LPG01.
If you go and see the SIT_LPG01 it will also show status as PEERED, there is no activity to do at SIT_LPG01.
Add the below security rules in the security lists of SIT_VCN01 and PRD_VCN01.
In SIT_VCN01 security list add the below rule:
In PRD_VCN01 security list add the below rule:
Now check the connectivity from both the instances it should have to communicate successfully.
Hope this post find’s you well!!
Any queries please let me know in comment box.
Firoz Hussain K.