Adding Ingress Rules for a Network Load Balancer
If you are connecting to a DB system using a network load balancer, that is, using a public IP address, add ingress rules to the default security list of the public subnet.
Using the Console
Use the Console to add ingress rules to a virtual cloud network (VCN) for a network load balancer to allow traffic from authorized IP addresses.
This task requires the following:
- A properly configured VCN. See Creating a Virtual Cloud Network.
Do the following to add ingres rules:
- Open the navigation menu, select Networking, and then select Virtual cloud networks.
- Select the compartment from the List scope.
- From the list of VCNs, click the name of the VCN to open the Virtual cloud network details page.
- In the Virtual cloud network details page, select Security lists from the Resources section.
- From the list of security lists, click Default security list for <VCN>.
- In the Security list details page, click Add ingress rules.
- In the Add ingress rules dialog box, provide the following
information:
- Stateless: Do not select.
- Source type: Select CIDR.
- Source CIDR: Specify the CIDR of the network load
balancer. If required, you can narrow down the range to more specific IP
addresses. For example:
- 10.0.0.0/8: Allows traffic from 10.0.0.0 to 10.255.255.255 IP addresses, that is, a total of 16,777,216 IP addresses.
- 10.0.0.0/16: Allows traffic from 10.0.0.0 to 10.0.255.255 IP addresses, that is, a total of 65,536 IP addresses.
- 10.0.0.0/24: Allows traffic from 10.0.0.0 to 10.0.0.255 IP addresses, that is, a total of 256 IP addresses.
- 10.0.2.24/32: Allows traffic from 10.0.2.24 IP address only.
- IP protocol: Select TCP.
- Source port range: Leave it blank.
- Destination port range: Specify the port to which the
DB system listens,
3306,33060
. - Description: Add a descriptive string for the ingress rules.
- Click Add ingress rules.
The ingress rule is added to the security list of the public
subnet.