![Copyright © 2017, Oracle and/or its affiliates. All rights reserved. |
( )
•
”instance” ( )
• ”userdata” ( {} )
75
"instances": [
{
"attributes": {
"userdata": {
"pre-bootstrap": {
"script": [
"ip route add 10.196.0.0/16 via $(ip route | awk '/default/ {print $3}') dev eth0",
"ip route change default via 192.168.1.1 dev eth1"
]
}
}
},
xxxxxx
}
]
※
10.196.0.0/16 -> IP
Eth0 -> NIC
192.168.1.1 -> IP (1 )](https://image.slidesharecdn.com/ociclassicnetwork2-171222085226/85/Oracle-Cloud-Infrastructure-Classic-69-320.jpg)
![[非公開]Oracle Cloud Infrastructure Classic ネットワーク機能詳細](https://image.slidesharecdn.com/ociclassicnetwork2-171222085226/85/Oracle-Cloud-Infrastructure-Classic-75-320.jpg)
Uploaded byオラクルエンジニア通信
[非公開]Oracle Cloud Infrastructure Classic ネットワーク機能詳細
The document outlines various aspects of Oracle Cloud Infrastructure (OCI) and its components, including the OCI Classic, Bare Metal Cloud Services, and several networking configurations. It discusses IP address management, virtual private networks (VPNs), and security rules associated with cloud services. Additionally, the document provides technical specifications and routing configurations relevant to Oracle's cloud offerings.
More Related Content
![Oracle Gen 2 Exadata Cloud@Customer:サービス概要のご紹介 [2021年7月版]](https://cdn.slidesharecdn.com/ss_thumbnails/exadatacloudatcustomer20210712-210907000957-thumbnail.jpg?width=640&height=640&fit=bounds)
![【旧版】Oracle Gen 2 Exadata Cloud@Customer:サービス概要のご紹介 [2021年12月版]](https://cdn.slidesharecdn.com/ss_thumbnails/exadatacloudatcustomer20211208-211210071313-thumbnail.jpg?width=640&height=640&fit=bounds)
Similar to [非公開]Oracle Cloud Infrastructure Classic ネットワーク機能詳細
![Hacking-Uncovered-How-People-Get-Hacked-and-How-to-Stay-Safe[1].pptx](https://cdn.slidesharecdn.com/ss_thumbnails/hacking-uncovered-how-people-get-hacked-and-how-to-stay-safe1-260130170011-4883a9c7-thumbnail.jpg?width=640&height=640&fit=bounds)
[非公開]Oracle Cloud Infrastructure Classic ネットワーク機能詳細
- 1. Copyright © 2016,Oracle and/or its affiliates. All rights reserved. | Oracle Cloud Infrastructure OCI Classic v2.7 2017 12
- 2. Copyright © 2017,Oracle and/or its affiliates. All rights reserved. | Safe Harbor Statement 3
- 3. Copyright © 2017,Oracle and/or its affiliates. All rights reserved. | • Oracle Cloud Infrastructure (OCI) • 2017 9 Bare Metal Cloud Service (BMC) Oracle Cloud Infrastructure (OCI) Oracle Public Cloud (OPC) Oracle Cloud Infrastructure Classic (OCI Classic) • OCI Classic OCI Classic PaaS Oracle Cloud Infrastructure( Bare Metal Cloud) Oracle Ravello – • Oracle Cloud (http://cloud.oracle.com) 4 • Oracle Cloud Infrastructure Compute Classic • Oracle Database Cloud Service (on OCI Classic) • Oracle Java Cloud Service (on OCI Classic) • OCI SOA Cloud Service (on OCI Classic)
- 4. Copyright © 2017,Oracle and/or its affiliates. All rights reserved. | OCI Classic 5
- 5. Copyright © 2017,Oracle and/or its affiliates. All rights reserved. | 7 OCI Classic SDN (IP )
- 6. Copyright © 2017,Oracle and/or its affiliates. All rights reserved. | • Oracle Cloud 1 • Oracle IP IP • 30bit L3 • PaaS 8 Oracle Cloud Instance1 eth0 Instance2 Instance3 Instance4 eth0 eth0 eth0 : 10.168.0.0/16 Instance5 eth0 Internet / FastConnect .22/30 .42/30 Identity Domain 1 Identity Domain 2 .50/30 .134/30 .6/30 NAT 129.152.148.131 ( IP) 129.152.148.130 ( IP)
- 7. Copyright © 2017,Oracle and/or its affiliates. All rights reserved. | • 2016 10 ( ) • – • IP NIC IP 10 Instance1 eth0 eth1 IP : 192.168.3.0/24 IP : 192.168.2.0/24 IP : 192.168.2.0/24 Instance2 Instance3 Instance4 eth1 eth2 eth1 eth2 eth0 eth1 : 10.32.1.0/24 Instance5 eth1 eth1 internet .21 .42.2 .3 Identity Domain 1 Identity Domain 2 .4.2 .3 .2 .3 129.152.148.130 ( IP) 129.152.148.131 ( IP) IP NAT
- 8. Copyright © 2017,Oracle and/or its affiliates. All rights reserved. | IP … 1. 2. IP 3. ( NIC) 4. VPN (Corente Cloud Gateway) WAN (GRE ) 5. / ( / ) 6. NIC MAC ( MAC ) 11
- 9. Copyright © 2017,Oracle and/or its affiliates. All rights reserved. | 12 Web VPN VPN VPN
- 10. Copyright © 2017,Oracle and/or its affiliates. All rights reserved. | 13 Oracle Cloud OCI Classic VPN-GW (Corente Services Gateway) VPN-GW VPN Web (Compute Cloud Service) (Java Cloud Service*) (Database Cloud Service*) * (2017 11 ) Java Cloud Service/Database Cloud Service IP
- 11. Copyright © 2017,Oracle and/or its affiliates. All rights reserved. | OCI Classic 14
- 12. Copyright © 2017,Oracle and/or its affiliates. All rights reserved. | • IP – IP – IP – NIC – NIC – * – * – * – IP * – IP * • – – – – IP – IP • VPN – VPNaaS – Corente** – FastConnect 15 OCI Classic * (2017 11 ) * ( ) ** Corente 2017 10 (17.4.2)
- 13. Copyright © 2017,Oracle and/or its affiliates. All rights reserved. | IP – IP 16 IP 1 192.168.1.0/24 IP 2 192.168.2.0/24 .2 .3 .2 .3 IP (IPNetworks) • • 16bit ( : 10.0.0.0 – 10.0.255.255) • IP • ( ) • 1 ( DHCP DNS ) • •
- 14. Copyright © 2017,Oracle and/or its affiliates. All rights reserved. | IP – IP 17 IP 1 192.168.1.0/24 IP 2 192.168.2.0/24 IP .2 .3 .2 .3 IP (IPNetworkExchanges) • IP IP • IP • IP :IP = 1: IP 1 IP • .1 .1
- 15. Copyright © 2017,Oracle and/or its affiliates. All rights reserved. | IP – NIC 18 eth0 : 10.32.1.0/24 .21 eth1 eth2 eth3 eth7 IP : 192.168.1.0/24 192.168.2.0/24 192.168.3.0/24 192.168.7.0/24 .2 .2 .2 .2 NIC (VirtualNICs) • 8 • IP 1 NIC • (= ) • 8 IP • IP IP
- 16. Copyright © 2017,Oracle and/or its affiliates. All rights reserved. | IP – NIC 19 eth0 .2 eth0 .3 IP (192.168.1.0/24) VPN VPN eth0 eth0 eth1 eth1 .8 .9 NIC (VirtualNICSets) • NIC ( OK) • NIC OK • ACL internet 192.168.101.0/24 (Routes) • • IP (CIDR) NIC • IP ECMP LAN
- 17. Copyright © 2017,Oracle and/or its affiliates. All rights reserved. | IP – 20 Instance1 (AP) eth0 IP Instance2 (AP) eth0 • NIC / (ACL) • NIC Instance3 (DB) eth0 NIC (AP) NIC (DB) allow-ping : icmp : : icmp : 1521-egress -to-DB 1521-ingress -from-AP : 1521 : : DB : 1521 : : AP * (2017 11 ) ( )
- 18. Copyright © 2017,Oracle and/or its affiliates. All rights reserved. | IP – IP * 21 Instance1 eth0 IP Instance2 eth0 IP (IPAddressReservations) • IP 1 1NAT IP NIC • IP ( IP) NIC GIP NAT .2 .3 GIP internet NAT * (2017 11 ) ( ) • IP 1 1NAT IP NIC • IP
- 19. Copyright © 2017,Oracle and/or its affiliates. All rights reserved. | IP – DNS 22 web1 eth0 IP (192.168.1.0/24) web2 eth0 DNS • IP 1 IP DNS • IP • ( ) A IP DNS • DNS (IP VPN ) .2 .3 DNS .1 web1.ipnet1.abc.com. IN A 192.168.1.2 web2.ipnet1.abc.com. IN A 192.168.1.3 www.abc.com. IN A 192.168.1.2 www.abc.com. IN A 192.168.1.3
- 20. Copyright © 2017,Oracle and/or its affiliates. All rights reserved. | 23 Instance1 eth0 eth1 IP Instance2 eth1 Data Center 1 Instance3 eth0 Data Center 2 WAN internet • • IP PaaS IP • IP Storage Cloud
- 21. Copyright © 2017,Oracle and/or its affiliates. All rights reserved. | – IP 24 Instance1 eth0 eth1 IP Instance2 eth1 internet IP (IPReservations) • IP NAT • IP • Database Cloud Service PaaS 1 IP IP NAT NAT (IPAssociations) • IP ( IP) IP 1 1
- 22. Copyright © 2017,Oracle and/or its affiliates. All rights reserved. | – DNS 25 web1 eth0 web2 eth0 DNS • DNS DHCP • IP • ( ) • (Compute- <domain>.oraclecloud.internal) DNS web1.compute-mydomain.oraclecloud.internal. IN A 10.168.x.y web2.compute-mydomain.oraclecloud.internal. IN A 10.168.x.y
- 23. Copyright © 2017,Oracle and/or its affiliates. All rights reserved. | – 26 AP1 eth0 AP2 eth0 DB eth0 seclist-ap seclist-db : seclist-ap : seclist-db : tcp/1521 : 0.0.0.0/0 : seclist-ap : tcp/443 : ( IP) : seclist-db : tcp/22 IP • Oracle Cloud IP • IPv4 CIDR • • • (from) (to) • IP
- 24. Copyright © 2017,Oracle and/or its affiliates. All rights reserved. | IP 28 1. PaaS(DBCS, JCS ) IP – : XXCOM (USCOM-CENTRAL-1, USCOM-EAST-1, GBCOM- SOUTH-1, AUCOM-EAST-1 ) DC(AP5_Z11) – : AP5_Z11( DC) / US00n_Znn / EM00n_Znn • PaaS ComputeCS PaaS GRE ( ) NAT 2. IP (=ACL) & IP NAT (IP ) – : XXCOM AP5_Z11( DC) US006_Znn – : US00n_Znn / EM00n_Znn • ( IP ) New!
- 25. Copyright © 2017,Oracle and/or its affiliates. All rights reserved. | 29
- 26. Copyright © 2017,Oracle and/or its affiliates. All rights reserved. | IP 30 OCI Classic (SecRules) + + (SecurityRules) NIC + + / + / IP NIC NICOracle Cloud → Oracle Cloud → IP Oracle Cloud → Oracle Cloud → IP NIC
- 27. Copyright © 2017,Oracle and/or its affiliates. All rights reserved. | • / • / ( ) – (Deny) • – (Reject) • – (Permit) • ( ) 31
- 28. Copyright © 2017,Oracle and/or its affiliates. All rights reserved. | • – – – 32 Ins Ins Ins A B ※1 8
- 29. Copyright © 2017,Oracle and/or its affiliates. All rights reserved. | • • ( or IP ) ( or ) 33 (SecRules) ? ? OCI Classic → → IP
- 30. Copyright © 2017,Oracle and/or its affiliates. All rights reserved. | • • • – • TCP • UDP • ICMP • GRE • ESP – ~ 34
- 31. Copyright © 2017,Oracle and/or its affiliates. All rights reserved. | • IP • • IP (IP ) • 35 IP
- 32. Copyright © 2017,Oracle and/or its affiliates. All rights reserved. | 36 8 1 10 n n 1 IP 1 n Oracle Cloud(PaaS / IaaS) / / IP IP IP
- 33. Copyright © 2017,Oracle and/or its affiliates. All rights reserved. | 37 • – → : – : • • • DBCS PaaS – DBCS ( DBCS ) – : DBCS Compute DBCS Seclist-AP Compute DBCS Seclist-DB
- 34. Copyright © 2017,Oracle and/or its affiliates. All rights reserved. | IP • – – – • • IP • IP 38 (REST API SecurityRules) ACL ? ( / ) IP IP
- 35. Copyright © 2017,Oracle and/or its affiliates. All rights reserved. | OCI Classic 39
- 36. Copyright © 2017,Oracle and/or its affiliates. All rights reserved. | 41 OCI Classic • • Oracle Cloud SSL • • VPN • IPsec • • Oracle Cloud DC • Oracle • (1Gbps / 10Gbps) • Oracle Cloud • + SSL VPN (IPsec) Oracle FastConnect Standard Edition Partner Edition (NTT- Com,Verizon ,BT ) Oracle Cloud Oracle Cloud i Oracle Cloud NW NW Oracle Oracle
- 37. Copyright © 2017,Oracle and/or its affiliates. All rights reserved. | VPN OCI Classic Virtual Private Network(VPN) VPN Point-to-Point( ) 42 On-Premise Oracle Cloud VPN
- 38. Copyright © 2017,Oracle and/or its affiliates. All rights reserved. | VPN 43
- 39. Copyright © 2017,Oracle and/or its affiliates. All rights reserved. | • Corente – – Compute – IP (GRE ) • VPNaaS – VPN – – IP Oracle Confidential – Internal 44 2 VPN IP LAN GRE internet IPsec Corente Service Gateway Corente Service Gateway IP LAN internet IPsec VPNaaS Compute JCS DBCS
- 40. Copyright © 2017,Oracle and/or its affiliates. All rights reserved. | VPN • 2017 10 20 ( ) Corente + VPNaaS ( ) VPNaaS – Corente VPNaaS (Corente ) • VPNaaS IP ( VPN ) – : RAC Data Guard Database Cloud Service (2017 12 ) IP VPNaaS NAT Confidential – Oracle Internal/Restricted/Highly Restricted 45
- 41. Copyright © 2017,Oracle and/or its affiliates. All rights reserved. | VPN (2017 10 ) DBCS/JCS ? YES NO IP + 2017 10 ? YES NO Corente + NW(GRE) RAC Data Guard ? YES NO VPNaaS + IP IPsec ? NO YES
- 42. Copyright © 2017,Oracle and/or its affiliates. All rights reserved. | VPN - VPNaaS 47
- 43. Copyright © 2017,Oracle and/or its affiliates. All rights reserved. | VPNaaS Confidential – Oracle Internal/Restricted/Highly Restricted 48 VPNaaS ( DatabaseCompute Compute Gateway Gateway IP Network Compute IP Exchange IP Network Oracle Cloud NAT • VPN VPNaaS) • VPN • NAT • IP Network • IP Network IP Exchange
- 44. Copyright © 2017,Oracle and/or its affiliates. All rights reserved. | VPNaaS • VPN IPsec VPNaaS Oracle • – Cicso 2921 – Cisco ISR 4331 – Cisco ASA5505 – Checkpoint 3200 – Palo Alto 3020 – FortiGate-200D • 49
- 45. Copyright © 2017,Oracle and/or its affiliates. All rights reserved. | VPN (1) • – • IP – (IP ) – IP IP • vNICset( ) • – WAN IP(NAT ) • – ( ) • (PSK) – ( ) • IKE ID( ) – IP_ADDR_V4 VPNaaS IP 50
- 46. Copyright © 2017,Oracle and/or its affiliates. All rights reserved. | VPN (2) • 1 IKE – 1(IKE) VPNaaS • 2 ESP – 2(ESP) VPNaaS • – 2 PFS : Perfect Forward Securecy 51
- 47. Copyright © 2017,Oracle and/or its affiliates. All rights reserved. | VPNaaS TIPS • IKEv1 (IKEv1 IKEv2 ) • VPN ( VPN ) – IP N • VPN VPNaaS IP IP • VPN VPN (= IP ) – (= IP) – (= ) – (PSK) – IP (= IP ) • 1 VPN 1 • VPNaaS 52
- 48. Copyright © 2017,Oracle and/or its affiliates. All rights reserved. | VPN • – VPN > VPNaaS > VPN > • VPNaaS (=Corente Services Gateway) Openswan – Openswan – strongSwan – Libreswan 53
- 49. Copyright © 2017,Oracle and/or its affiliates. All rights reserved. | VPN - Corente 54
- 50. Copyright © 2017,Oracle and/or its affiliates. All rights reserved. | VPN – Corente 55 Corente Services Gateway • Corente Services Gateway – IPsec – OCI Classic – VPN – OS Oracle Compute Cloud Cloud App Net Manager – VPN Corente Services Gateway
- 51. Copyright © 2017,Oracle and/or its affiliates. All rights reserved. | VPN – Corente 56 DC VPN • 1. Corente Services Gateway – Oracle Technology Network Corente Services Gateway – – – Oracle (Oracle Cloud ) • 2. IPsec – IPsec
- 52. Copyright © 2017,Oracle and/or its affiliates. All rights reserved. | VPN – Corente 57 DC GW Corente Services Gateway • A) • ( ) – Oracle VM 3.4.1 – Xen 4.4, VMWare ESX5.5 – Citrix XenServer 6.2 – Microsoft Windows Server 2012 R2 Hyper-V B) Corente • • (Corente AppNet Manager) → Oracle Cloud
- 53. Copyright © 2017,Oracle and/or its affiliates. All rights reserved. | VPN – Corente • DC Corente – • Corente → IP (ANY) 443/TCP ( ) • Corente → IP (ANY) 53/UDP ( ) • Corente 1025-65535/TCP → IP (ANY) 551/TCP (Corente Service Port) • Corente 551/UDP → IP (ANY) 551/UDP (Corente Service Port) – • IP (ANY) 1025-65535/TCP → Corente 551/TCP (Corente Service Port) • IP (ANY) 551/UDP → Corente 551/UDP (Corente Service Port) 58 DC GW Corente Services Gateway Corente Services Gateway Deployment Guide - 2.2 Network Requirements http://docs.oracle.com/cd/E74662_01/E80339/html/install-plan-lan.html#install-plan-lan-fw
- 54. Copyright © 2017,Oracle and/or its affiliates. All rights reserved. | VPN – Corente DC GW Corente Services Gateway 59 : 1.5 GHz Intel-based x86 compatible server : 1 GB RAM : 40 GB IDE/SATA : Integrated 10/100/1000M Ethernet Interfaces Oracle VM Server for x86 Release 3.4.1 or later Xen 4.4 VMware ESX 5.5 Citrix XenServer 6.2 Microsoft Windows Server 2012 R2 Hyper-V ※Corente Services Gateway Deployment Guide (http://docs.oracle.com/cd/E74662_01/E80339/E80339.pdf) 2.1 Corente Services Gateway Installation Requirements
- 55. Copyright © 2017,Oracle and/or its affiliates. All rights reserved. | VPN – Corente 60 DC GW IPsec • (Certified Configuration) IPsec Corente Services Gateway • My Oracle Support – Cisco ASA 5505 (Doc ID 2153452.1) – SonicWall TZ190 (Doc ID 2153603.1) – Juniper JuneOS15 (Doc ID 2164001.1) • – Cisco CSR1000v (How to connect an application on Ravello to Oracle IaaS/PaaS services (e.g. DBCS etc.) over VPN) Oracle Cloud
- 56. Copyright © 2017,Oracle and/or its affiliates. All rights reserved. | VPN – Corente • Oracle Compute Cloud IP Oracle Cloud IP IP GRE 61 NW IP
- 57. Copyright © 2017,Oracle and/or its affiliates. All rights reserved. | VPN – Corente • Corente Services Gateway Compute / PaaS GRE • Oracle Technology Network (Linux, Windows ) • : 10.0.0.0/8 62 NW GRE
- 58. Copyright © 2017,Oracle and/or its affiliates. All rights reserved. | 63 Corente Active / Active HA ( IPsec ) VPN IPsec IPsec CSG01 (Active) CSG02 (Active) eth0 IP 192.168.55.0/24 .8 .9 VMvNIC Set:A Name IP Address Next Hop vNIC Distance Outbound 192.168.0.0 A 0 Routes: route add -net 192.168.0.0/24 gw 192.168.55.1 IPsec DC 192.168.0.0/24 (VRRP, HSRP, MHSRP, etc) .100 Static Route Cloud Failover eth0eth1 eth1 OCI Classic VM .2 IPsec F/W
- 59. Copyright © 2017,Oracle and/or its affiliates. All rights reserved. | Corente Services Gateway IPsec • / • Corente Services Gateway 64 VPN • Oracle Cloud • ( ) NAT / NAPT • IPsec VPN • ( )NAT / NAPT• AppNet Manager • • IP( 1 ) • IPsec • IPsec • VPN IP (IP ) • • VPN IPsec • • AppNet Manager IPsec • Oracle Cloud • VPN Oracle Cloud LAN
- 60. Copyright © 2017,Oracle and/or its affiliates. All rights reserved. | VPN 65 ※ (2017 12 ) Database Cloud Service (RAC Data Guard) IP IP VPN IP GRE NW VPNGW IP VPNaaS IPsec & Oracle Cloud Infrastructure Compute Classic - 16 VPNaaS VPN Corente IPsec Oracle Cloud Infrastructure Compute Classic - VPN (Active-Active HA) - HA Corente Corente Services Gateway IP VPN + GRE ※ Corente IPsec Oracle Cloud Infrastructure Compute Classic - VPN (Active-Active HA) - HA Corente Corente Services Gateway VPN
- 61. Copyright © 2017,Oracle and/or its affiliates. All rights reserved. | 66
- 62. Copyright © 2017,Oracle and/or its affiliates. All rights reserved. | • Oracle Cloud VPN • • Oracle Cloud IP 1. Compute eth0 IP 192.168.1.0/24 Compute Java AP eth0 eth0 internet .2 .3 .4 IP Oracle Cloud VPN IP IP 67 VPNaaS .253 Database eth0 .5
- 63. Copyright © 2017,Oracle and/or its affiliates. All rights reserved. | • Web • • VPN • (Bastion) 2. Web eth1 Back: 192.168.2.0/24 AP* DB* Bastion eth0 eth0eth1 .2.3 .5 .2 IP Oracle Cloud eth0 .2 internet IP Web VPN IP 69 eth0 .4 NAT NAT Front: 192.168.0.0/24 IP VPNaaS .253 Mgmt: 192.168.1.0/24
- 64. Copyright © 2017,Oracle and/or its affiliates. All rights reserved. | TIPS 70
- 65. Copyright © 2017,Oracle and/or its affiliates. All rights reserved. | OCI Classic • IP IP ( )IP ( )IP – DHCP IP • IP ( )IP – DHCP ( DNS ) • IP IP – IP Site-to-site VPN 71
- 66. Copyright © 2017,Oracle and/or its affiliates. All rights reserved. | • OCI Classic DHCP OS – Oracle Linux (eth0 ) 72 OracleLinux1 eth2 IP 1 IP 2 eth0 eth1 ✓ DNS ✓ IP OracleLinux2 eth0 eth1 eth2 ✓ IP 2 DNS ✓IP 2 IP 1
- 67. Copyright © 2017,Oracle and/or its affiliates. All rights reserved. | • IP • IP(IP ) IP 73 IP IP internet NAT GW
- 68. Copyright © 2017,Oracle and/or its affiliates. All rights reserved. | ( ) • : IP – (Linux) • sudo ip route add 10.196.0.0/16 via $(ip route | awk '/default/ {print $3}’) dev eth0 • sudo ip route change default via 192.168.1.1 dev eth1 – IP ssh ( ssh ) 74
- 69. Copyright © 2017,Oracle and/or its affiliates. All rights reserved. | ( ) • ”instance” ( ) • ”userdata” ( {} ) 75 "instances": [ { "attributes": { "userdata": { "pre-bootstrap": { "script": [ "ip route add 10.196.0.0/16 via $(ip route | awk '/default/ {print $3}') dev eth0", "ip route change default via 192.168.1.1 dev eth1" ] } } }, xxxxxx } ] ※ 10.196.0.0/16 -> IP Eth0 -> NIC 192.168.1.1 -> IP (1 )
- 70. Copyright © 2017,Oracle and/or its affiliates. All rights reserved. | NIC IP 76 • IP 1 IP • 1 → IPeth0 (10.x.x.x) eth1 (192.168.1.2) eth2 (192.168.2.2) internet NAT GIP2GIP1 GIP3 IPnet1 IPnet2 sudo ip rule add from 192.168.1.2 table 100 prio 1000 sudo ip rule add from 192.168.2.2 table 200 prio 1000 sudo ip route add default via 192.168.1.1 dev eth1 table 100 sudo ip route add default via 192.168.2.1 dev eth2 table 200 IPDefault GW IP ※ IP
- 71. Copyright © 2017,Oracle and/or its affiliates. All rights reserved. | 1 NIC IP (IP ) 77 • IP NIC IP • IP NIC IP IP IP eth0 192.168.1.2 192.168.1.10 IP (192.168.1.0/24) IP :192.168.1.10/32 : 1 eth0 (vNICSet ) $ sudo ip addr add 192.168.1.10/32 dev eth0 label eth0:1 $ ip addr list eth0 | grep inet inet 192.168.1.2/24 brd 192.168.1.255 scope global eth0 inet 192.168.1.10/24 scope global secondary eth0:1 IP
- 72. Copyright © 2017,Oracle and/or its affiliates. All rights reserved. | 78 Instance1 eth0 Instance2 eth0 internet IP NAT Active Standby 35.x.x.x ( IP) 10.x.x.1 ( IP) 10.x.x.2 ( IP) IP Instance1 Instance1 eth0 Instance2 eth0 internet IP NAT Active Standby 35.x.x.x ( IP) 10.x.x.1 ( IP) IP 10.x.x.2 ( IP) • IP IP Instance 1 • IP • Instance1 IP IP Instance2
- 73. Copyright © 2017,Oracle and/or its affiliates. All rights reserved. | Instance1 Instance2 IP 79 eth1 192.168.1.3 eth1 192.168.1.4 IP (192.168.1.0/24) Instance1 • Instance1 Instance2 eth1 2 IP ※ • 2 IP 192.168.1.11eth1:1 Instance eth1 Active Standby • IP NIC OS IP 2 IP • OCI Classic 2 IP ※ L2 2 IP ※ NIC 192.168.1.11 Instance1 eth1 192.168.1.2 : 192.168.1.11 Instance1 Instance2 eth1 192.168.1.3 eth1 192.168.1.4 IP (192.168.1.0/24) 192.168.1.11eth1:1 Instance eth1 Active Standby 192.168.1.2 192.168.1.11 Instance2 eth1
- 74. Copyright © 2017,Oracle and/or its affiliates. All rights reserved. | 80