00:00welcome back to this lesson on oci routing as you can see from this graphic here we have this
00:12concept of a route table vcn uses route tables to send traffic out of the vcn to the internet
00:19to on-premises networks or to peered vcn and we look at each of these scenarios route tables
00:25consist of a set of route rules each rule specifies a destination cider block and a route target think
00:33about route target as the next hop for the traffic that matches that destination cider block now one
00:41thing to keep in mind is traffic within the vcn subnet is automatically handled by the vcn local
00:48routing so you see a public subnet and a private subnet here there is no routing needed for routing
00:53that data there is no entry in a route table needed for routing that data between the public subnet
00:58and the private subnet that's taken care by vcn itself so how does this work in reality as you can
01:06see here i have a private subnet and a public subnet and i'm showing you the route table only for the
01:12private subnet just for illustration purposes and as you can see here there are two kinds of
01:18data movement happening from the private subnet we are leveraging the nat gateway probably there
01:24is a database running here so you are using a nat gateway to go and get some patches from the internet
01:30so you can see that green arrow going all the way from the nat gateway to the internet and then the
01:35second path is you are using a dynamic routing gateway that's kind of a virtual router you use for on-premises
01:41communication and it's going to the on-premises environment maybe you are running a dns server on-premises
01:47where the database needs to get its dns resolved now if you look at the route table entries we have
01:54two entries there there is a cider notation destination cider and there is a route target
01:59the first one says 0 dot 0 dot 0 dot slash 0 goes to nat gateway the second one has a cider block
02:06for the on-premises network so how does this work in reality well what happens is the route table looks
02:13at both the routes and the route which is more specific or gets priority we also sometimes refer
02:21to as the longest prefix match so if you look at these two cider blocks the slash 16 is bigger or
02:30more specific than slash 0 so so that takes priority so first the traffic goes through the dynamic routing
02:37gateway to your on-premises environments your dns servers and then the traffic which is not destined for
02:43your on-premises environments goes to the internet through the nat gateway hopefully to get a patch
02:49in this example so this is a very quick illustration but hopefully it shows you how the route table
02:56works now there is also one scenario we haven't talked about earlier which is peering if you have
03:03multiple networks how do they talk to each other so there are two scenarios which are possible here
03:08if the networks are within the same oci region they can talk to each other through a mechanism called
03:14local peering and you can see here we have this concept of a local peering gateway that's kind of a virtual router
03:20which lets you manage that communication if the two networks are in two different oci data center regions
03:29then you have the same concept a similar concept but it's a remote peering now and instead of using local peering
03:36now you are using the dynamic routing gateways remember we talked about dynamic routing gateways used for
03:42on-premises communication anything which is not for internet so this is also a use case for dynamic routing gateway
03:51enabling communication between networks in different regions now one thing you might look at that picture
03:59and say this is great if there are two networks talking to each other within a region pretty straightforward
04:04use something like a local peering gateway what happens if you have let's say 10 of those VCNs or god forbid if you have
04:11300 of those VCNs how are you going to communicate in a real complex environment this is a possibility this is a reality
04:18many customers struggle with you know a lot lot of networks and so how does that communication happen in case you have
04:26large number of networks so in this case what we have done is we have launched a newer version of DRG
04:34it's called DRG V2 and what it does is you no longer need to maintain point to point connectivity using a local peering gateway
04:42instead the VCNs can communicate using DRG and this feature also lets you scale up to 300 VCNs on a single DRG if this option is not enough you can always
04:55connect an extra DRG through a remote peering connection so the idea is to simplify and scale this experience
05:04using this DRG V2 so to wrap up in this section we looked at OCI routing and how VCN uses route tables
05:14so to send traffic out of the VCN to the internet to on premises network or to a peered VCN
05:20thanks for watching
Comments