Connect from on-premise to Object Storage via FastConnect
October 7, 2019 | 3 minute read
This blog covers the connectivity from on-prem to the OCI Object Storage using the DRG v1 (attached to a single VCN no transitive routing capabilities). If you do not have DRG v1, this blog is obsolete.The current blog covering this is located here |
In this article, we will focus on the connectivity between a host from on-premise and service in OCI (for example Object Storage) via FastConnect.
Traditionally the Object Storage was accessible via the Internet. With the online threats growing every day, enterprises want to “hide” the connections to Object Storage from the Internet attackers.
A prerequisite for moving forward is a BGP connection from on-premise to OCI, the cloud artifacts: VCN, DRG, Service Gateway.
The network topology that will be used is depicted in the following picture:
We will try to connect from on-premise via the FastConnect to the VCN and from the VCN via the SGW to the Object Storage.
First, we will create the bucket and upload a file (I uploaded a pdf with a presentation on OCI).
Create a Pre-Authenticated request in order to access the file.
Create a route-table and attach it to the DRG. In that route-table create an entry that will add routes via the Service Gateway for the Object Storage.
Create a route-table and associate it with the Service gateway. In that table add routes for the on-premise subnets.
Verify that on-premise there are routes received.
Resolve the Object Storage endpoint address and verify that it is included in the subnets received via BGP.
Transfer the file from Object Storage to the on-premise via FastConnect.
With this, we successfully proved the connectivity between Object Storage and on-premise is working via FastConnect.