Subnet Size Requirements and Security Rules for Recovery Service Subnet

The security rules are necessary to allow backup traffic between a database and Recovery Service.

Note

Select an IPv4-only subnet for Recovery Service in your database VCN. Do not select an IPv6-enabled subnet as Recovery Service does not support using an IPv6-enabled subnet. See Creating a Subnet to learn more.

Table 2-6 Subnet size requirements and ingress rules for a private subnet used by Recovery Service

Item	Requirements
Minimum subnet size	/24 (256 IP addresses)
General ingress rule 1: Allow HTTPS traffic from Anywhere	This rule allows backup traffic from your Oracle Cloud Infrastructure Database to Recovery Service. Stateless: No (all rules must be stateful) Source Type: CIDR Source CIDR: CIDR of the VCN where the database resides IP Protocol: TCP Source Port Range: All Destination Port Range: 8005
General ingress rule 2: Allows SQLNet Traffic from Anywhere	This rule allows recovery catalog connections and real-time data protection from your Oracle Cloud Infrastructure Database to Recovery Service. Stateless: No (all rules must be stateful) Source Type: CIDR Source CIDR: CIDR of the VCN where the database resides IP Protocol: TCP Source Port Range: All Destination Port Range: 2484

Note

If you use network security groups (NSG) to implement security rules or if your database VCN restricts network traffic between subnets, then ensure to add an egress rule for ports 2484 and 8005 from the database NSG or subnet to the Recovery Service NSG or subnet that you create.

Parent topic: Configuring Network Resources for Recovery Service

Oracle Cloud Infrastructure Documentation