As more companies are coming to the cloud, what type of deployment strategy are they deciding is best for them? For most, it’s multicloud.
A multicloud strategy is the use of two or more cloud-based computing services. Multicloud can refer to any deployment of multiple software-as-a-service (SaaS) or platform-as-a-service (PaaS) cloud offerings, but it is generally used to refer to a mix of public infrastructure-as-a-service (IaaS) environments.
Organizations choose to implement a multicloud strategy for many reasons: to enable flexible distribution of workloads, increase security, improve reliability, enable versatile DevOps environments, and, of course, reduce costs.
This article describes how to use Megaport Cloud Router (MCR) to enable multi-cloud connectivity between Oracle Cloud Infrastructure (OCI) VCN and Amazon VPC without deploying physical infrastructure. For other cloud service provider Virtual Networks, you can replace the second half of the tutorial with instructions from Megaport.
The numbers in the diagram correspond to the following steps:
1. Create an account with Megaport.
2. Create a Fast Connect connection and add the connection to the MCR
3. Add connections to other cloud service providers.
If you are redundantly connected, a 99.9% SLA is guaranteed for the OCI FastConnect service.
However, those steps aren’t covered in this tutorial.
MCR is backed by a 100% availability SLA.
MCR 2.0 supports throughput speeds of 2.5 Gbps, 5 Gbps and 10 Gbps.
1. Create a Fast Connect connection.
2. Connect Fast Connect to the MCR.
3. Add other cloud service provider private connections, such as AWS Direct Connect or Google Public Cloud, to MCR to enable routing between your Virtual Networks.
If you use less than a month of service, charges for Fast Connect on OCI, AWS Direct Connect, and Virtual Cross Connect (VXCs) and MCRs on Megaport are pro-rated by the hour.
Oracle charges only for port hours consumed and not data transfer if connecting via Fast Connect.
Before you begin
1. make sure you have appropriate Identity and Access Management permissions.
2. make sure you have Fast Connect requirements .
3. create or choose a VCN.
1. In AWS, make sure you have the appropriate Identity and Access Management (IAM) permissions to use AWS Direct Connect and Amazon VPC services.
2. Create or choose an Amazon VPC with at least one subnet and route table that contains the resources you want to connect and ensure IP address space doesn’t overlap with the OCI environment.
1. Create a Megaport account.
2. Set up a billing market.
When connecting to the Oracle Cloud Infrastructure (OCI) via a FastConnect with Megaport, the virtual cross connect (VXC) forms the Layer 2 component of the connection. Layer 3 BGP connectivity is established directly between the customer and Oracle.
In this example we are going to create a private peering connection.
Creating a Fast Connect connection on OCI
1. Sign in to your tenancy in the Oracle Cloud Infrastructure Console.
2. Ensure that you’re in the Oracle Cloud Infrastructure region that matches the destination region that you’re going to configure. This example uses the Frankfurt region.
3. In the Quick Launch section of the home page, click Create a virtual cloud network: Networking.
4. In the Create Virtual Cloud Network dialog box, select a compartment. If one is preselected, ensure that you want your VCN to reside there, or select another one. Oracle Cloud Infrastructure uses compartments to organize resources.
5. Give your VCN a name. If you leave this field blank, the date and time of creation will be the VCN name.
6. Select Create Virtual Cloud Network Plus Related Resources. This option assigns a default CIDR block, creates a subnet in each availability domain, adds an internet gateway, generates a security list, and generates a route table with a rule that routes out to the open internet. If you want to customize your own settings, select Create Virtual Cloud Network instead and then create each of these resources.
7. Click Create Virtual Cloud Network
The VCN detail page is displayed
8. Create a Dynamic Routing Gateway
A Dynamic Routing Gateway (DRG) is a virtual router that provides a pathway for private traffic between your VCN and other networks, like an on premise network.
a. On the left side of the Console, under Networking, click Dynamic Routing Gateways.
b. Click Create Dynamic Routing Gateway.
c. In the Create Dynamic Routing Gateway dialog box, select the compartment where you want your DRG to reside, and give your DRG a name (in this example, DRG-MCR).
d. Click Create Dynamic Routing Gateway.
e. After your DRG is provisioned, select it.
f. On the left side of the Console, under Resources, click Virtual Cloud Networks.
g. Click Attach to Virtual Cloud Network.
h. In the Attach to Virtual Cloud Network dialog box, select the same compartment where your VCN resides, and then select the VCN(in this example, VCN-MCR).
You can ignore the Associate with Route Table settings. For more information about this option, click the help link or the information symbol in the dialog box.
i. Click Attach.
Your VCN is now attached to the DRG.
9. Add a Rule to the DRG on Your Route Table
A VCN uses virtual route tables to send traffic out of the VCN, for example, to the Internet or to your on-premises network, which is this case.
a. Go back to the Networking section and select your VCN (in this example, VCN-MCR).
b. Under Resources, click Route Tables.
c. Click Default Route Table for VCN-MCR.
d. Click Edit Route Rules.
e. Click +Another Route Rule.
f. In the expanded dialog box, provide the following information:
-For Target Type, select Dynamic Routing Gateway.
-For Compartment, select the same one that you’ve been using throughout this exercise (in this example, Megaport).
-For Destination CIDR Block, enter the on-premises network CIDR block. In this example, we are using 10.20.0.0/16.
-For Target Dynamic Routing Gateway, select the DRG that you just created (in this example, DRG-MCR).
g. Click Save.
10. Create a FastConnect Virtual Circuit
The final step on Oracle Cloud Infrastructure is to configure the FastConnect Circuit that the DRG will be using for reaching the AWS VPC. For these step you need to know the Border Gateway Protocol (BGP) IP Addresses, and the Autonomous System Number (ASN). Megaport will provide this information.
a. Go back to the Networking section.
b. Under Networking, click FastConnect.
c. Click Create Connection.
d. In the Create Connection dialog box, select Connect Through a Provider, and then select Megaport Service.
e. Click Continue.
f. In the new Create Connection dialog box, provide the following information. The values provided here are specific to this example.
-Name: Give the connection a name (in this example, OCI).
-Compartment: Select the same compartment that you’ve been using throughout this exercise (in this example, Megaport).
-Virtual Circuit Type: Private Virtual Circuit
-Dynamic Routing Gateway Compartment: Megaport
-Dynamic Routing Gateway: DRG-MCR
-Provisioned Bandwidth: 1 GBPS
-Customer BGP IP Address: 10.0.0.22/30
-Oracle BGP IP Address: 10.0.0.21/30
-Customer BGP ASN: 133937
g. Click Continue.
The connection is created from Oracle Cloud Infrastructure.
11. On the details page for the connection, copy the OCID. You need it to provision the virtual connection from Megaport in the next section. You can also click the Megaport link, which takes you to their main site, where you can log in to their portal (for the next section).
Creating an MCR
1. In your Megaport portal under Services, click Create MCR.
2. Select a location where you want to connect to OCI and AWS.
To have the lowest costs with Megaport, this location should be in the same metropolitan area as a Cloud Interconnect location serving the regions you want to connect. Click Next.
3. In the Configure section, complete the following fields, and then click Next.
a. Add a Rate Limit for the router. The rate limit determines the speed for all connections through the MCR.
b. In the MCR Name field, enter a name, for example, MCR.
c. In the MCR ASN field, enter the default Megaport ASN 133937.
4. To add the MCR to your cart, click Add MCR.
5. To add a connection to OCI, click Oracle Cloud.
1. In the OCID field, enter the pairing key you copied from the previous section.
2. In the Choose from available OCI Ports window, select the zone where you want to provision the VLAN attachment. Choose a location that is close to your region in OCI, your location for the other cloud provider, and the MCR location. Click Next.
3. In the Connection Details window, complete the following steps, and then click Next.
a. In the Name your connection field, enter a name for your MCR connection, for example, OCI.
b. In the Rate limit field, enter a rate limit that doesn’t exceed the total rate limit for the MCR. Allow bandwidth for any additional connections you might add to other cloud service providers.
To complete the request, click Order, and then click Order Now in the dialog.
After a few minutes, you have a fully deployed Megaport Cloud Router with a VLAN attachment to OCI. Your connection and MC are deployed when both icons change to green in the Megaport portal.
Add connections to other cloud service providers
Now that you have a functioning MCR connected to OCI, you can add connections to other cloud service providers to your MCR. The following steps are for an AWS Direct Connect.
1. In the Megaport portal, under Services, click + Connection next to MCR.
2. Click Cloud, and then click Next.
3. Click AWS. In the Select Destination Port list, select the AWS region and the interconnection point that’s close to your MCR, and then click Next.
4. Enter a name for your connection, for example, AWS. In the Rate limit field, enter the same rate as you did for the GCP connection. Click Next.
5. Click Next. The MCR Connection detail page is informational.
6. In the Connection details for AWS Service window, complete the following fields, and then click Next.
a. Give the connection a name, for example, megaport-aws. This name is visible in AWS Direct Connect.
b. Enter your AWS account ID.
c. In the Amazon ASN field, enter the AWS ASN of the virtual private gateway or direct connect gateway that you want to connect to. For the purpose of this tutorial, use the AWS default ASN of 64512.
7. Click Add VXC. Click Order, and then click Order Now to deploy this connection.
After a few minutes, the VXC shows up in the Megaport Portal. When you see the green icon, the connection is deployed.
Configuring AWS Direct Connect
This section provides instructions for working with AWS Direct Connect. These steps and screenshots are subject to change without notice. For more information, read What is AWS Direct Connect.
1. In the AWS Management Console, switch to the region in which your connection terminates.
2. Go to Services > Direct Connect > Virtual Interfaces. Your connection is listed with a status of confirming. You accept the connection later in the tutorial.
3. Go to Services > VPC > Virtual Private Gateways.
4. Click Create Virtual Private Gateway.
5. In the Name tag field, enter a name, for example, vpg-megaport. The name is for display purposes only.
6. Click Amazon default ASN, and then click Create Virtual Private Gateway.
7. Click Close.
8. To attach the virtual private gateway to the VPC, complete the following steps:
a. Select the checkbox next to the newly created virtual private gateway, vpg-megaport.
b. Click Actions, and then click Attach to VPC.
c. Select the VPC you want to connect to and click Yes, Attach. Wait until the Virtual Private Gateway is attached to the VPC.
9. Click Route Tables, and then select the Route Table that is associated with the subnets you want to use.
10. At the bottom of the page, click the Route Propagation tab, and then click Edit route propagation.
11. Select the Propagate checkbox, and then click Save.
12. Go to Services > Direct Connect > Virtual Interfaces. Click the ID next to the megaport-aws name. Click Accept.
13. In the dialog, click Virtual Private Gateway. In the Virtual Private Gateway list, select the ID of the gateway you just created, and then click Accept virtual interface.
After a few minutes, your virtual interface is available and there is direct connectivity between AWS and GCP.