Oracle Cloud Infrastructure Documentation

Attaching a VCN to a DRG

Attach a virtual cloud network (VCN) to a Dynamic Routing Gateway (DRG).

A VCN can be attached to only one DRG at a time, but a DRG can be attached to more than one VCN. The attachment is automatically created in the compartment that holds the VCN. The VCN and DRG do not need to be in the same compartment. You may optionally specify a display name for the attachment itself, otherwise a default is provided. You can choose to connect VCNs in the same region using a single DRG instead of local peering gateways (see Local VCN Peering Through an Upgraded DRG for more information about that use case). If left unmodified, the default routing policies in a DRG allow traffic to be routed between all VCNs attached to it. If you are attaching a DRG to a VCN in another tenancy, you need to have IAM configurations in both tenancies as described in IAM Policies for Routing Between VCNs.

When you create an attachment to a DRG (the DRG can be in another tenancy in the same OCI region), attachments on both the DRG and VCN are created and connected in one step. Attaching a DRG to a VCN results in a DrgAttachment object with its own OCID.

    This task can't be performed using the Console.

    1. Open the navigation menu, click Networking, and then click Virtual cloud networks.
    2. Click the name of the VCN that you want to update. You might need to change the compartment to find the VCN that you want.
    3. Under Resources, click Dynamic Routing Gateways Attachments.
    4. Click Create DRG Attachment and enter the following information:
      • (Optional) Give the attachment point a friendly name. If you don't specify a name, one is created for you.
      • Select a VCN from the list. You can also click Change compartment and choose a different compartment that contains a VCN you want to attach to your DRG, then select a VCN from the list.
    5. (Optional) (Optional) If you're setting up an advanced scenario for transit routing, you can associate a VCN route table with the DRG attachment (you can do this later):
      1. Click Show Advanced Options.
      2. Click the VCN route table tab.
      3. (Optional) Select a VCN route table that you want to associate with the VCN attachment on the DRG. If you select None, the default VCN route table is used.
    6. When you are finished, click Create DRG attachment.

    The attachment is in the "Attaching" state for a short period.

    When the attachment is ready, create a route rule in the subnet's route table directing subnet traffic to the DRG. See To route a subnet's traffic to a DRG.

  • Use the network drg-attachment create command and required parameters to attach a VCN to a DRG:

    oci network drg-attachment create --drg-id drg-ocid --network-details [complex type] ...[OPTIONS]

    For a complete list of parameters and values for CLI commands, see the CLI Command Reference.

  • Run the CreateDrgAttachment operation to create a DRG attachment to a VCN.