37.OCI: N W‐ Create a DRG and attach it to public and private vcn - pavankumarchittajallu/OCI_DOC GitHub Wiki

step-by-step approach in Oracle Cloud Infrastructure (OCI) to create a Dynamic Routing Gateway (DRG) and attach it to both a public and a private VCN:

1. Create the DRG

  • Navigate to Networking > Dynamic Routing Gateways (DRGs) in the OCI Console.
  • Click Create Dynamic Routing Gateway.
  • Enter a name and select the appropriate compartment.
  • (Optional) Add tags if you wish.
  • Click Create Dynamic Routing Gateway. The DRG will be provisioned in under a minute.

2. Attach DRG to the Public VCN

  • Go to Networking > Virtual Cloud Networks (VCN).
  • Select your public VCN from the list.
  • In the VCN details, look for Dynamic Routing Gateway Attachments (might be under the "Gateways" or "Resources" section).
  • Click Create DRG Attachment or Attach to DRG.
  • Select the DRG you just created from the dropdown.
  • Give the attachment a name (optional).
  • Click Create DRG Attachment.
  • Wait a moment for the attachment to move to "Available".

3. Attach DRG to the Private VCN

  • Repeat the previous steps for your private VCN:
    • Select the private VCN.
    • Go to the Dynamic Routing Gateway Attachments section.
    • Click Create DRG Attachment or Attach to DRG.
    • Select the same DRG as above.
    • Name it (optional) and attach.
  • When done, both VCNs will appear as attachments on your DRG.

4. Update Route Tables for Subnets

  • For each subnet (public and private) in the VCNs that should use the DRG, update their route tables:
    • Add a route rule so that relevant traffic is directed to the Dynamic Routing Gateway as the target.
    • Example: Route all traffic to 0.0.0.0/0 (for on-premises, other VCNs, etc.) via the DRG.
  • Save the route table.

5. (Optional) Additional Configurations

  • Security Lists/Network Security Groups (NSGs): Ensure security rules allow intended traffic.
  • DRG Route Tables: By default, needed tables are created, but review and update if necessary for advanced routing requirements.
  • DRG Route Distribution: Adjust for propagating and importing routes as needed for your design.

CLI Alternative (Optional)

You can perform these actions with the OCI CLI:

  • Create DRG: 
    oci network drg create --compartment-id
  • Attach VCN to DRG: 
    oci network drg-attachment create --drg-id  --vcn-id

Summary Table

Step Action
Create DRG Networking > DRGs > Create Dynamic Routing Gateway
Attach to Public VCN > Select Public VCN > Attach to DRG
Attach to Private VCN > Select Private VCN > Attach to DRG
Update Routes Subnet Route Tables > Add rule via DRG