Adding Ingress Rules for a Network Load Balancer

If you are connecting to a DB system using a network load balancer, that is, using a public IP address, add ingress rules to the default security list of the public subnet.

Using the Console

Use the Console to add ingress rules to a virtual cloud network (VCN) for a network load balancer to allow traffic from authorized IP addresses.

This task requires the following:
Do the following to add ingres rules:
  1. Open the navigation menu, select Networking, and then select Virtual cloud networks.
  2. Select the compartment from the List scope.
  3. From the list of VCNs, click the name of the VCN to open the Virtual cloud network details page.
  4. In the Virtual cloud network details page, select Security lists from the Resources section.
  5. From the list of security lists, click Default security list for <VCN>.
  6. In the Security list details page, click Add ingress rules.
  7. In the Add ingress rules dialog box, provide the following information:
    • Stateless: Do not select.
    • Source type: Select CIDR.
    • Source CIDR: Specify the CIDR of the network load balancer. If required, you can narrow down the range to more specific IP addresses. For example:
      • 10.0.0.0/8: Allows traffic from 10.0.0.0 to 10.255.255.255 IP addresses, that is, a total of 16,777,216 IP addresses.
      • 10.0.0.0/16: Allows traffic from 10.0.0.0 to 10.0.255.255 IP addresses, that is, a total of 65,536 IP addresses.
      • 10.0.0.0/24: Allows traffic from 10.0.0.0 to 10.0.0.255 IP addresses, that is, a total of 256 IP addresses.
      • 10.0.2.24/32: Allows traffic from 10.0.2.24 IP address only.
    • IP protocol: Select TCP.
    • Source port range: Leave it blank.
    • Destination port range: Specify the port to which the DB system listens, 3306,33060.
    • Description: Add a descriptive string for the ingress rules.
  8. Click Add ingress rules.
The ingress rule is added to the security list of the public subnet.