Multicloud

Your Options for Multicloud Network Connectivity

Introduction

In previous blog posts, we talked about the benefits and considerations of multicloud. As cross-cloud network connectivity is a crucial part of multicloud deployments, this blog post discusses the options to connect Oracle Cloud to other Public Clouds. It highlights their latency, bandwidth, availability, reliability, costs, and more characteristics.

Site-to-Site IPsec VPN

Site-to-site Virtual Private Network (VPN) connects multiple networks via a permanent encrypted (IPsec) connection over the public internet.

Advantages:

  • Connects any clouds across any geographic region.
  • Easy and quick setup without involving a 3rd party network service provider.
  • No additional Gateway port charges in the cloud.

Considerations:

  • Network latency mainly depends on distance and is usually higher than private connections over the same distance, as it uses a shared network over the public internet.
  • Bandwidth is usually low as it’s over the shared public internet.
  • The connection is as reliable as the public internet is. There is no SLA or SLO provided.
  • Cloud provider charge for egress traffic over the public internet. In OCI, the first 10TB/month are free for each regional zone. Azure and AWS offer the first 100GB/month for free.

Considering the shared and usually unreliable connection over the public internet, VPN is commonly used for Proof of Concepts (PoCs) for a quick start and where no production data are involved.

3rd Party Network Service Provider

Network service providers like Oracle’s partner Colt, Equinix, and Megaport provide the option to connect customers’ public cloud networks over their network infrastructure.

Advantages:

  • Private, dedicated, and reliable connection. Encryption can be added if needed.
  • High bandwidth that can be increased or decreased on demand.
  • Available across many (if not even all) clouds and regions. Contact the network service provider for availability.
  • No network egress charges over FastConnect private connections in OCI.

Considerations:

  • As the name reveals, a 3rd party network service provider is involved, which adds (some) complexity and costs.
  • Setup depends on 3rd party network service provider.
  • FastConnect port charges occur on OCI. Azure and AWS also charge for ExpressRoute and Direct Connect, respectively.
  • Additional costs occur for the 3rd party network service provider.
  • Network egress charges might occur depending on the Non-Oracle public cloud provider and configuration used.
  • Latency depends on the distance of the cloud regions. It should be (a bit) lower than over the public internet due to a dedicated connection.
  • SLA/SLO depends on 3rd party network service provider.

Oracle Interconnect for Azure

Oracle Interconnect for Azure is part of Oracle and Microsoft’s collaboration that started in 2019. Customers can establish a private dedicated connection in 12 cloud regions using only OCI and Azure network resources.

Advantages:

  • Private, dedicated, and reliable connection. Encryption can be added if needed.
  • Easy, quick, and automated setup. No 3rd party network service provider is involved. You just login into the OCI Console and Azure Portal and establish the connection within minutes.
  • Less complexity and fewer costs than connections over 3rd party network service providers.
  • Sub 2ms low latency as OCI and Azure regions are very close.
  • High dedicated bandwidth that can be increased or decreased on demand.
  • No network egress charges over FastConnect private connections in OCI.
  • Collaborative support between Oracle and Microsoft. You can open a service request at either cloud provider if any issue occurs.
  • Service Level Agreement (SLA) of 99,9% for FastConnect Availability provided by Oracle. Azure provides a 99.95% Availability SLA for ExpressRoute.

Considerations:

  • Available only for OCI and Azure 12 interconnected regions. For other clouds, consider a 3rd party network service provider.
  • FastConnect port charges occur on OCI. Azure also charges for ExpressRoute.
  • Depending on ExpressRoute SKU, network egress charges might occur in Azure.

Oracle Database Service for Azure (ODSA)

Oracle Database Service for Azure (ODSA) further simplifies multicloud deployments using an Oracle-managed Azure Interconnect. Customers can link their Azure and OCI accounts and get a dedicated network tunnel over the Oracle-managed Interconnect. Furthermore, ODSA provides an Azure-like portal for provisioning Oracle Databases in OCI.

Advantages:

  • Private, dedicated, and reliable connection. Encryption can be added if needed.
  • The interconnection is already established by Oracle. Customers easily and quickly link their cloud accounts and use the existing connection.
  • No 3rd party network service provider is involved.
  • Low latency as OCI and Azure regions are very close.
  • Bandwidth is scaled automatically as needed.
  • No FastConnect and ExpressRoute port charges in OCI and Azure.
  • No network egress charges in OCI and Azure over the Interconnect.
  • Collaborative support between Oracle and Microsoft. If any issue regarding network connectivity occurs, you can open a service request at either cloud provider. Issues related to the ODSA portal are handled by Oracle.
  • Service Level Objective (SLO) of 99.9% for Availability.

Considerations

  • Available only for OCI and Azure 12 interconnected regions. For other clouds, consider a 3rd party network service provider.
  • Azure bills for the virtual network peering required by ODSA. See VNET Peering within the same region in Azure.
  • You can only connect Azure resources to Oracle Databases in OCI. If you want to connect any resources across both clouds, use Oracle Interconnect for Azure.

Conclusion

Network connectivity is a crucial part of multicloud environments. Site-to-Site VPN provides an easy way to connect to any cloud and region. However, it’s built over the public internet, which is usually unreliable. For private, dedicated, and reliable connections, 3rd party network service providers enable customers to connect their cloud networks over the provider’s network infrastructure.

Oracle and Microsoft simplify the connectivity between OCI and Azure by providing the Oracle Interconnect for Azure and Oracle Database Service for Azure (ODSA). Customer can connect their cloud accounts in 12 cloud regions worldwide quickly and easily without involving a 3rd party network service provider.

Each option has its benefits and considerations:

Site-to-Site VPN 3rd party providerAzure Interconnect
ODSA
ConnectivityPublic internet (shared)Private connection (dedicated)Private connection (dedicated)Private connection (dedicated)
EncryptionIPsecCan be addedCan be addedCan be added
LatencyDepends
on distance		Depends
on distance		Low latency <2msLow latency
BandwidthUsually low
(shared)		High
(shared)		High
(dedicated)		High
(shared, Auto Scale)
Availability Broad geographic reachBroad geographic reach12 regions globally12 regions globally
Requires 3rd
party providers		NoYesNoNo
SetupEasy and quickDepends on 3rd party providerEasy, quick,
and automated		Oracle-managed
FastConnect
port charges		NoYesYesNo
OCI egress chargesYes (First 10TB/month free)NoNoNo
3rd party cloud
egress charges		Depends on cloud providerDepends on cloud providerDepends on ExpressRoute SKUAzure VNet
peering cost
ReliabilityDepends on public internetReliableReliableReliable
SLA/SLONoDepends on 3rd party provider99.9% SLA for availability99.9% SLO for availability
Support
for Connectivity		NoOracle and 3rd party providerCollaborative, Microsoft
and Oracle		Collaborative, Microsoft
and Oracle
Connecting CloudsOracle
to any cloud		Oracle
to any cloud		Oracle to AzureOracle to Azure

Further Reading

Would you like to get notified when the next post is published?