OCI has introduced a powerful new feature that enhances routing flexibility by allowing you to assign a custom VCN route table to individual VNICs or specific IP addresses on a VNIC. This update eliminates the need to create separate subnets for instances requiring different traffic routing policies.
Overview:
Previously, VCN route tables could only be assigned at the subnet level. This meant that if different instances within the same subnet required distinct routing rules, separate subnets had to be created, adding complexity to network design.
With this new feature, you can now:
• Assign a custom VCN route table to a VNIC or a specific IP address on a VNIC.
• Apply routing policies to both primary and secondary IP addresses.
• Enable hierarchical route table preferences, where the system follows a structured approach in determining which route table to use.
Routing Considerations:
• Only one route table is used to determine traffic routing at a time.
• If a route table is associated with an IP address, it takes precedence over any other route table.
• If an IP address/VNIC does not have a route table, the next available route table in the hierarchy (VNIC-level or subnet-level) is used.
Selection Process in Detail:
1. If an IP address on a VNIC has an associated route table, that table is used for routing traffic from the IP address.
2. If an IP address does not have its own route table, the VNIC-level route table is applied.
3. If a VNIC has an associated route table, all IP addresses on the VNIC that do not have an assigned route table inherit the VNIC-level route table.
4. If neither the IP address nor the VNIC has an assigned route table, the subnet-level route table is used.
How instance looks like before and after this feature:
Before this feature enablement, there was no option to associate a route table with a VNIC or IP address, as shown in the image below:
Since this feature has reached General Availability (GA), by default, the VNICs and the IP addresses associated with these VNICs inherit the same route table as the instance, which is part of the subnet route table.
Once we click on the instance VNIC, this is how it shows:
Similarly with the IP address of the VNIC it is associated with:
Related Links:
Associating a Route Table with a VNIC or VNIC IP address: https://docs.oracle.com/en-us/iaas/Content/Network/Tasks/managingroutetables.htm#Overview_of_Routing_for_Your_VCN__source_routing
Refer this blog to enhance traffic control with source based routing: https://blogs.oracle.com/ateam/post/enhancing-traffic-control-with-sourcebased-routing-in-oci
Conclusion:
This enhancement significantly improves routing flexibility in OCI, allowing more granular control over traffic routing without the need to restructure your subnet architecture. By leveraging source-based routing at the VNIC and IP address level, you can optimize network configurations and simplify management.