Oracle Cloud Infrastructure Documentation

Redundancy Remedies

Oracle recommends setting up a redundant connection between your on-premises network and virtual cloud network (VCN) for high availability. This topic gives background and links to other topics that describe how to resolve some common redundancy issues with that connection.

About the DRG and Redundant Connections

When you connect your on-premises network to a virtual cloud network (VCN) in Oracle Cloud Infrastructure, you use a dynamic routing gateway (DRG). A DRG is a virtual representation of highly available hardware (physical routers) on the edge of the Oracle Cloud Infrastructure network. You attach a DRG to the VCN, and the DRG is the termination point for the connections from your on-premises network to that VCN. If you have multiple VCNs in your tenancy, each has its own DRG. A VCN can be attached to only a single DRG, and a DRG can be attached to only a single VCN.

For the purposes of redundancy, a single DRG can have multiple connections to it from your on-premises network. Those connections could be the same type or different types. Here are the two types:

  • FastConnect
  • VPN Connect

For example, you might use FastConnect, but also set up VPN Connect to use as backup when FastConnect is temporarily unavailable because of maintenance. Or, you might have two VPN tunnels, with on as primary and the second as backup.

For high availability, the multiple connections to a DRG must not terminate on a single physical router in Oracle's edge network. If they do, your overall connection to Oracle Cloud Infrastructure will be disrupted whenever Oracle performs maintenance on that router.

How to Identify and Fix a Redundancy Issue

You might have a redundancy issue in which a DRG in your tenancy has multiple on-premises connections that terminate on a single physical Oracle router. Or you might have only a single connection with no redundancy.

If you do, the Console displays an alert message when you view the DRG's details, or when you view the details of one of the connections (for example, the IPSec connection). The alert message includes a link to one of the following topics, which explain how to fix the particular issue: