Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Understanding vSRX Virtual Firewall Deployment in Oracle Cloud Infrastructure

Overview of Oracle VM Architecture

This section provides you information on the Oracle VM architecture.

Oracle Cloud Infrastructure (OCI) is a set of complementary cloud services that enable you to build and run a wide range of applications and services in a highly available hosted environment. Oracle Cloud Infrastructure offers high-performance compute capabilities (as physical hardware instances) and storage capacity in a flexible overlay virtual network that is securely accessible from your on-premises network.

Oracle virtual machine (VM) management platform provides a fully equipped environment with all the latest benefits of virtualization technology. Oracle VM platform helps you deploy operating systems and application software within a supported virtualization environment. Oracle VM can support both 1G and 10G physical NICs.

vSRX Virtual Firewall 3.0 VM can be deployed on Oracle VM server running on X86 hardware.

vSRX Virtual Firewall with Oracle Cloud Infrastructure

vSRX Virtual Firewall 3.0 specifications for deployment in OCI are: vSRX3.0 has one RE, one virtual FPC slot, and one virtual PIC. The virtual Gigabit Ether ports (labeled as “ge-0/0/[0 – (n-1)] will be within the one PIC. The index is zero-based. Number n depends on hypervisor. The maximum number of interfaces supported on vSRX Virtual Firewall are 7.

A domain is a configurable set of resources, including memory, virtual CPUs, network devices and disk devices, in which virtual machines run. A user-domain (domU) is granted virtual resources and can be started, stopped and restarted independently of other domains and of the host server itself. vSRX Virtual Firewall as a guest virtualized operating system runs within a domain. Oracle vSRX Virtual Firewall VM guests consume resources that are allocated to the domain by the hypervisor running on the Oracle VM Server. For more information about the Oracle VM Guest Additions, see Installing and Using the Oracle VM Guest Additions.

When a virtual machine is running, it can be accessed through a console, which allows it to be used as a regular operating system. vSRX Virtual Firewall as a guest virtualized operating system runs within a VM.

OCI Glossary

This section defines some common terms used in Oracle Cloud Infrastructure (OCI) configuration. Table 1 provides a list of the common terms used in OCI.

Table 1: OCI VCN Related Terminology

Term

Description

OCI

Oracle Cloud Infrastructure, which is running Xen Hypervisor.

Oracle VM Server

A managed virtualization environment providing a lightweight, secure, server platform which runs virtual machines, also known as domains.

Oracle VM Manager

Used to manage Oracle VM Servers, virtual machines, and resources. It is comprised of a number of subcomponents, including a web browser-based user interface; and a command line interface (CLI).

Oracle Compute Shapes

A shape is a resource profile that specifies the number of OCPUs and the amount of memory to be allocated to an instance in Compute Classic.

Port

The network interface on a server. This term is used interchangeably with NIC (Network Interface Card).

VLAN

A method used to virtualize networking at the switch or router for better control over network separation. VLANs are virtual networks that use identifiers to separate traffic into different networks within the switch.

VNIC

Virtual machines are assigned VNICs or virtual network interface cards, which are allocated faux MAC addresses. This allows each virtual machine to connect to a network. The VNICs are bridged interfaces that are connected to a logical network that has the Virtual Machine channel enabled. A VNIC is only ever assigned to a virtual machine. A virtual machine can have as many VNICs as required within the limitations posed by the virtualization method used. For instance, hardware virtualized virtual machines are able to support a limited number of VNICs, while paravirtualized virtual machines can have an unlimited number of VNICs.