IPv6 Connectivity Across OCI VCNs via Dynamic Routing Gateway

In the past articles, we discussed the IPv6 address format and how the communication can happen via Internet Gateway. In this article, we will explore how IPv6 communication can be set up via Dynamic Routing Gateway (DRG).

IPv6 address includes a VCN-specific identifier, which ensures global uniqueness. Because of this uniqueness, interconnectivity between networks is possible even when their IPv4 CIDR ranges overlap. If the VCN, Subnets and Compute instances are enabled with IPv6 then please move to DRG section.

First, we create two VCNs with the same IPv4 CIDR range. Next, we enable IPv6 CIDR ranges for both VCNs to allow seamless communication over IPv6. In this exercise VCNs are created in the same region.

The VCN has only IPv4 CIDR Range.

Lets enable IPv6 CIDR range to the VCN.

After enable, we could see IPv6 CIDR range now.

Right now, only VCN got enabled with IPv6 and we need to enable IPv6 CIDR range at Subnet level.

In the Subnet -> IP Administration page, add IPv6 prefix.

Perform the above steps for Second VCN and subnets within the second vcn.

At this stage VCNs and Subnets are configured with IPv6. Lets test the communication among them by creating VM compute instance in each VCN and try to communicate through IPv6.

After instance creation, we can check their IPv4 and IPv6 address.

Dynamic Routing Gateway

Create a Dynamic Routing Gateway (DRG) in the OCI console.

Attach the VCNs into the DRG.

The DRG attachement has default route table. Check the route rules.

Click “Get all route rules” button. We could see IPv4 CIDR are showing conflict and IPv6 routes are clean.

Security rules and Route tables configuration

At the network side, we need to enable rules to allow communication among them. Add Security list and Route rule to allow communication between the instances. Specify IPv6 CIDR range of other VCN as Source CIDR (Ingress) and Destination CIDR (Egress) and use “IPv6-ICMP” protocol.

First_VCN