My Oracle Support Banner

ExaCC gen2: Troubleshooting VPN/WSS connection from Customer Side (Doc ID 2745571.1)

Last updated on APRIL 05, 2021

Applies to:

Gen 2 Exadata Cloud at Customer - Version All Versions to All Versions [Release All Releases]
Information in this document applies to any platform.

Goal

 

Overview

At ExaCC gen2, CPS (Control Plane Servers) are deployed on customer's datacenter to connect to OCI regions.

Due to the dependencies ExaCC have on customer's network, any changes the customer can made on their side would impact the connection between ExaCC rack to OCI region.

It is important to mention that CPS are deployed on different network than ExaCC VMs (where your database runs), that means that even if you have full connection to your Database your CPS might have network issues.

This document helps to start a troubleshooting that customers can perform themselves (preferable network team) for the Secure Tunnel component as highlighted on the following diagram:

 

Solution

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Goal
Solution
 Troubleshooting VPN/WSS connection from customer side 
 Information required
 Troubleshooting steps on customer's side
 Check CPS IPs are UP
 Make sure DNS resolution works
 VPN connection
 WSS connection
 Check any packets blocked on Firewall from CPS IPs
 Check any packets blocked on Firewall to OCI VPN Endpoints
 Check any SSL/TLS (or SNI enabled) to OCI WSS Endpoints
 Next steps
 Appendix
 DNS names for VPN connections
 DNS names for WSS connections
 <Internal_Only>
 Ops Team obtaining information from customer's installation
 </Internal_Only>
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.