DEV Community

Cover image for Understanding IP Management in Oracle Cloud Infrastructure (OCI)
Lwandile Majola
Lwandile Majola

Posted on

Understanding IP Management in Oracle Cloud Infrastructure (OCI)

#oci #cloudnetworking #ipmanagement

Navigating the complexities of cloud networking is crucial for building robust and scalable applications. In Oracle Cloud Infrastructure (OCI), effective IP address management forms the backbone of your network architecture. This guide will demystify OCI's IP address categories, explore their use cases, and introduce advanced concepts like Reserved Public IPs, Bring Your Own IP (BYOIP), and Public IP Pools.

🏛️The Two Pillars: Private and Public IP Addresses

OCI categorizes IP addresses into two primary types, each serving distinct communication needs.

🔒Private IP Addresses

These are used for internal communication within your OCI network and with connected on-premises environments.

  • Internal Communication: Instances within the same Virtual Cloud Network (VCN) communicate seamlessly using private IPs.
  • VCN Peering: Connecting multiple VCNs, whether in the same or different regions, relies on private IP routing.
  • On-premises Connectivity: Secure connections to your data centers via the Dynamic Routing Gateway (DRG).
  • Instance Allocation: Each instance receives at least one primary private IP.
  • VNIC Capacity: Every Virtual Network Interface Card (VNIC) includes one primary private IP address and supports up to 32 secondary private IP addresses, totaling 33 private IPs per VNIC.

🌍Public IP Addresses

These are designed for internet accessibility, allowing your resources to communicate with the outside world.

  • Internet Reachability: Public IPs are reachable from the internet, assigned to a private IP object on your OCI resource.
  • Prerequisites: For a public IP to function, your VCN requires an Internet Gateway, and the associated public subnet must have correctly configured Route Tables and Security Lists.
  • Flexibility: Resources can be assigned multiple public IPs across single or multiple VNICs.

⏳Types of Public IP Addresses: Ephemeral vs. Reserved

OCI offers two types of public IP addresses to cater to different operational requirements.

Ephemeral vs Reserved IP comparison Table

Reserved Public IP Addresses in Detail

  • Creation: You create them individually.
  • Limits: Up to 50 Reserved Public IPs are allowed per region.
  • Assignment: Assigned to resources after creation.
  • Unassignment: When unassigned, they return to your tenancy pool for future use.
  • Scope: These are regional resources.
  • Configuration: Specify a name, compartment, and source during creation.

🚢Bring Your Own IP (BYOIP): Extending Your Network into OCI

BYOIP allows you to import your existing public IPv4 CIDR blocks or IPv6 prefixes into OCI, providing seamless network continuity.

📋Requirements & Limits

  • Ownership Verification: You must demonstrate ownership of the public prefix through a supported Regional Internet Registry (RIR).
  • IPv4 Size: Minimum /24, Maximum /8.
  • IPv6 Size: /48 or larger.
  • Management: BYOIP addresses are managed through IP Pools.

✨BYOIP Benefits

  • Solution Continuity: Preserve existing IP addresses hard-coded in devices or applications during migration.
  • IP Reputation: Maintain your established IP reputation with external services.
  • IP Pool Management: Group your imported IP addresses into pools for simplified resource deployment (e.g., Load Balancers).

📋BYOIP Process Overview

BYOIP process diagram flow
The process involves OCI verifying your ownership with an RIR.

  1. Request Import: Initiate the import of your public IPv4/IPv6 prefix to Oracle.
  2. Token Issuance: Oracle provides a unique verification token.
  3. RIR Update: Add the verification token to your RIR records (typically takes ~1 day).
  4. Create ROA: Create a Route Origin Authorization (ROA) with your RIR. The ROA allows Oracle to advertise your CIDR block.
  5. Finish Import: Request Oracle to complete the import. (typically takes up to 10 business days, while Oracle verifies ownership with the RIR).
  6. Provision Addresses: Oracle provisions the addresses to a specified compartment in your tenancy.

🏊Public IP Pools: Structured IP Management

A Public IP Pool is a dedicated set of IPv4 CIDR blocks allocated exclusively to your tenancy, offering granular control over IP assignments.

⚙️Core Characteristics

  • Definition: A collection of IPv4 CIDR blocks.
  • Source: Can consist of all or part of a BYOIP CIDR block.
  • Exclusivity: These pools are unique to your specific tenancy.
  • Sizing: Blocks within a pool range from a minimum /28 to a maximum /24.
  • Restriction: Public IP Pool functionality is currently limited to IPv4 addresses.

🛠️Benefits & Usage

Public IP Pools provide a structured way to manage and allocate public IP addresses to your cloud resources.

  • Allocation Source: Use the pool as the source for IP allocation when deploying: NAT Gateways, Load Balancers, Compute Instances
  • Reservation: Create Reserved Public IPs directly from the pool and attach them to your resources.
  • Direct Launch: Launch resources with IPs directly sourced from the pool.

🎯Conclusion

Effective IP address management is a foundational skill for anyone working with Oracle Cloud Infrastructure. By understanding the distinction between private and public IPs, leveraging Reserved Public IPs for persistence, and exploring advanced options like BYOIP and Public IP Pools, you can design more resilient, flexible, and secure network architectures in OCI. Mastering these concepts empowers you to optimize your cloud environment for performance and operational continuity.

Top comments (0)