Summary
A VCN is the basic building block for Oracle Cloud Infrastructure.
Reference
CIDR Blocks
Minimum IPv4 CIDR prefix length is 16 which gives 65,533 host addresses. Maximum is 30 which gives one (1) host address. One (1) IP address each, in each subnet, is reserved for:
- Subnetwork address
- Subnet router
- Broadcast address
IPv6 address provided by OCI has a /56 prefix
VCN
Resides in a single region but can span multiple Availability Domians. Can have multiple CIDR blocks.
Components of a VCN are:
- Subnet (has a single CIDR block)
- Route Table
- DHCP Options (needed for DNS)
- Gateways: Internet, NAT, Service, Local Peering, Dynamic Routing.
- Network Security Group
- Security List
Run the following commands to list all VCNs in the Sandbox compartment:
sandbox_comp_ocid=$( \
oci iam compartment list \
--name 'Sandbox' \
--query 'data[0].id' \
--raw-output \
)
oci network vcn list \
--compartment-id ${sandbox_comp_ocid} \
--query 'data[*].{"Display Name":"display-name","CIDR Blocks":"cidr-blocks"}' \
--output table
The sample output is:
+-----------------+--------------+ | CIDR Blocks | Display Name | +-----------------+--------------+ | ['10.0.0.0/16'] | sandbox-vcn | | ['10.0.0.0/16'] | sandbox-vcn | +-----------------+--------------+
Note: The display name and CIDR Blocks are duplicates.
Create VCN
The easiest way to create a VCN is to the wizard under the Networking menu.
The Terraform code to create a VCN is:
resource "oci_core_vcn" "sandbox_vcn" {
compartment_id = local.sandbox_comp_ocid
cidr_blocks = ["10.0.0.0/16"]
display_name = "sandbox-vcn"
dns_label = "sandbox"
}
The equivalent OCI CLI command is:
oci network vcn create \
--compartment-id ${sandbox_comp_ocid} \
--cidr-blocks '["10.0.0.0/16"]' \
--display-name "sandbox-vcn" \
--dns-label "sandbox"'
Sample output is:
{
"data": {
"byoipv6-cidr-blocks": null,
"cidr-block": "10.0.0.0/16",
"cidr-blocks": [
"10.0.0.0/16"
],
"compartment-id": "ocid1.compartment.oc1..aaaaaaaamoo6uz2qmix2adls2cgoqxxhdt4wuam3wbcrw6co6z4osweos6da",
"default-dhcp-options-id": "ocid1.dhcpoptions.oc1.ap-sydney-1.aaaaaaaajs3e534mob23c33ccdbwerpj6bia2ue2tnrtb3xv7xgloc5dm7sa",
"default-route-table-id": "ocid1.routetable.oc1.ap-sydney-1.aaaaaaaaw2dcufmlxjnqsg6n6avg3ofgbjvhn7rq2h7o5d2kxtxraozw3yia",
"default-security-list-id": "ocid1.securitylist.oc1.ap-sydney-1.aaaaaaaaav2gpqwu22jggxg7is7oqpk3mv23ib3weefq6kzjh5n3dz63ukna",
"defined-tags": {
"Oracle-Tags": {
"CreatedBy": "default/tenancy_admin",
"CreatedOn": "2024-07-15T18:02:30.948Z"
}
},
"display-name": "sandbox-vcn",
"dns-label": "sandbox",
"freeform-tags": {},
"id": "ocid1.vcn.oc1.ap-sydney-1.amaaaaaa63mv4jyaj5mtika6dmntjldwgucszjglov34ko43itr6uusiw65q",
"ipv6-cidr-blocks": null,
"ipv6-private-cidr-blocks": null,
"lifecycle-state": "AVAILABLE",
"time-created": "2024-07-15T18:02:31.059000+00:00",
"vcn-domain-name": "sandbox.oraclevcn.com"
},
"etag": "9b6e3874"
}
Manage VCN
According to the help text for the oci network vcn command, the following verbs are available to manage VCNs:
add-ipv6-vcn-cidradd-vcn-cidrchange-compartmentcreatedeletemodify-vcn-cidrremove-ipv6-vcn-cidrremove-vcn-cidrupdate
Lab
This topic is covered by Lab 3-1: Networking - Virtual Cloud Network: Create and Configure a Virtual Cloud Network.
A VCN is a software-defined network specific to OCI tenancy or a compartment in a specified region.
Upon creation, a VCN automatically includes route tables, security lists (with default security rules), and a set of DHCP options. The VCN also has access to a DNS resolver.
A VCN that is launched with the OCI VCN Wizard tool automatically creates the following:
- Public and Private subnets
- Internet Gateway (IG)
- NAT Gateway (NAT)
- service Gateway (SG)
- Two Route Tables (RT)
- Two Security Lists (SL)