OCI Networking

Question 1

What is CIDR

Answer 1

CIDR is Classless inter-domain routing

Question 2

What is a subnet mask?

Answer 2

A subnet mask separates the IP address into the network and host addresses ().

Subnetting further devides the host part of an IP address into a subnet and host address ()

Question 3

What is a Virtual Cloud Network?

Answer 3

A private network that you set up in the Oracle data centers, with firewall rules and specific types of communication gateways that you can choose to use.

A VCN resides within a single region.

Question 4

Which are the allowed OCI VCN size ranges?

Answer 4

The allowed range is /16 to /30. /8 and /32 are not supported.

Question 5

Which are the IP adresses reserved in a VCN?

Answer 5

Thre IP addresses are reserved in an OCI VCN
The first two and last one.
This is different from a classic network where the first and last are reserved.

Question 6

What is a VNIC?

Answer 6

Virtual Network Interface Card
VNIC is a component that enables a compute instance to connect to a VCN.
The VNIC determines how the instance connects with endpoints inside and outside the VCN.

Question 7

How many private IP addresses has an Instance?

Answer 7

At least ONE primary private IP address

Question 8

How many VNICs can an Instance have?

Answer 8

Each Instance can have 2 or more Virtual Network Interface cards (one primary and one secondary).

Question 9

What is a public IP?

Answer 9

Public IP is a IPv4 address that is reachable from the internet; assigned to a private IP object on the resource (Instance, load balancer).

You can assign a given resource multiple public IPs across one or more VNICs.

Question 10

How many types of Public IP Addresses are in the OCI?

Answer 10

2 Types of Public IPs:

• Ephemeral
• Reserved

Question 11

What is a Ephemeral Public IP Address

Answer 11

A Ephemeral Public IP Address is Temporary and exists only for the lifetime of the instance.

Can be assigned only to primary Private IP only.

Question 12

What is a Reserved Public IP?

Answer 12

A Rserved Public IP is a persistent and existing beyond the lifetime of the Instance it’s assigned to (can be unassigned and then reassigned to another instance)

Question 13

What is a route table?

Answer 13

Contains rules about how IP packets can travel to different IP addresses out of the VCN.

Question 14

Of which a Route Table consists?

Answer 14

A rout table consists of a set of rules; each rule specifies:

• Destination CIDR block
• Route target (the next hop) for the traffic that matches that CIDR (classless inter-domain routing)

Question 15

How many route tables a subnet has?

Answer 15

Each subnet has only One route table.

The route table is specified at the creation of the Subnet. But it can be edited later.

Question 16

When is a route table used?

Answer 16

Route table is used only if the destination IP address is not in the VCN’s CIDR block.

Question 17

What is a NAT gateway?

Answer 17

NAT Gateway - Network Address Translation - gives an entire private network access to the internet without assigning wach host a public IP.

Hosts can initiate outbound connections to the internet and receive responses, but not receive inbound connections initiated from the internet.
Use cases: patches, updates.

Question 18

What is a Service Gateway?

Answer 18

The Service Gateway lets resources in VCN access public OCI services such as Object Storage, but without using internet or NAT gateway.

Question 19

What is a CIDR Service

Answer 19

Service CIDR label represent all the public CIDRs for a given Oracle Service or a group of Oracle services
E.g.: OCI Object Storage
All Services

Question 20

What is a Dynamic Routing Gateway?

Answer 20

A virtual router that provides a path for private traffic between your VCN and destinations other than the internet (example OCI - customer datacenters).

Question 21

What are the types of Peering supported by the OCI?

Answer 21

Local Peering

Remote peering

Question 22

What is Local Peering?

Answer 22

VCN peering is the process of connecting multiple VCNs

Local VCN peering is the process of connecting two VCNs in the same region so that their resources can communicate using private IP addresses.

Question 23

What is a Local Peering Gateway (LPG)

Answer 23

A local peering gateway is a component on a VCN for routing traffic to a loccaly peered VCN.

Question 24

Can two peered VCNs have overlapping CIDRs?

Answer 24

No

Question 25

What is Remote VCN peering?

Answer 25

Remote VCN peering is the process of connecting two VCNs in different regions so that their resources can communicate using private IP addresses.

Requires a remote peering connection (RPC) to be created on the DRGs. RPC’s job is to act as a connection point for a remotely peered VCN.

Question 26

What is a Security List

Answer 26

A Security List is a set of firewall rules associated with a subnet and applied to all instances launched inside the subnet.

Security lists consists of rules that specify the types of traffic allowed in and out of the subnet.

Question 27

What is a Network Security Group (NSG)?

Answer 27

A Network Security Group (NSG) provides a virtual firewall for a set of cloud resources that all have the same security posture.

NSG consists of a set of rules that apply only to a set of VNICs of your choice in a single VCN.

Question 28

What is a Stateful Security Rule?

Answer 28

A Statefull Security Rule allows automatically for any incomming traffic a response, regardless of any egress rule

Question 29

What is a Stateless Security Rule?

Answer 29

A Stateless Security Rule does not allow outgoing traffic automattically based on the incoming traffic.

Question 30

What are the Default Components with which the VCN comes?

Answer 30

Default Route Table
Default Security List
Default set of DHCP options

You cannot delete these resources, but you can modify them