{"id":940,"date":"2026-04-17T05:16:56","date_gmt":"2026-04-17T05:16:56","guid":{"rendered":"https:\/\/www.devopsschool.com\/tutorials\/oracle-cloud-oracle-interconnect-for-google-cloud-tutorial-architecture-pricing-use-cases-and-hands-on-guide-for-multicloud\/"},"modified":"2026-04-17T05:16:56","modified_gmt":"2026-04-17T05:16:56","slug":"oracle-cloud-oracle-interconnect-for-google-cloud-tutorial-architecture-pricing-use-cases-and-hands-on-guide-for-multicloud","status":"publish","type":"post","link":"https:\/\/www.devopsschool.com\/tutorials\/oracle-cloud-oracle-interconnect-for-google-cloud-tutorial-architecture-pricing-use-cases-and-hands-on-guide-for-multicloud\/","title":{"rendered":"Oracle Cloud Oracle Interconnect for Google Cloud Tutorial: Architecture, Pricing, Use Cases, and Hands-On Guide for Multicloud"},"content":{"rendered":"\n<h2 class=\"wp-block-heading\">Category<\/h2>\n\n\n\n<p>Multicloud<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">1. Introduction<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">What this service is<\/h3>\n\n\n\n<p>Oracle Interconnect for Google Cloud is a private network connectivity service that links <strong>Oracle Cloud Infrastructure (OCI)<\/strong> and <strong>Google Cloud<\/strong> through dedicated, high-throughput connections\u2014designed for <strong>multicloud architectures<\/strong> where workloads and data span both clouds.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">One-paragraph simple explanation<\/h3>\n\n\n\n<p>If you run some applications in Google Cloud and others (or your databases) in Oracle Cloud, Oracle Interconnect for Google Cloud gives you a <strong>private, predictable network path<\/strong> between them. Instead of sending traffic over the public internet, you route it over dedicated interconnect infrastructure to improve <strong>latency, stability, and security posture<\/strong>.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">One-paragraph technical explanation<\/h3>\n\n\n\n<p>Technically, Oracle Interconnect for Google Cloud provides <strong>private Layer 3 routing between OCI VCNs and Google Cloud VPC networks<\/strong> using <strong>BGP<\/strong> (dynamic routing). On OCI you typically connect via <strong>Dynamic Routing Gateway (DRG)<\/strong> and the underlying private connectivity constructs used by OCI networking (commonly associated with <strong>FastConnect<\/strong> patterns). On Google Cloud you typically connect using <strong>Cloud Interconnect\/Cross-Cloud Interconnect<\/strong> with <strong>Cloud Router<\/strong> and <strong>VLAN attachments<\/strong>. Exact provisioning steps and resource names can vary by region pairing and the current console workflows\u2014verify in official docs for your chosen regions.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">What problem it solves<\/h3>\n\n\n\n<p>It solves the core problem of <strong>reliable, private, high-performance connectivity<\/strong> between OCI and Google Cloud for multicloud deployments\u2014reducing reliance on internet-based VPNs, improving performance consistency for latency-sensitive apps, and enabling more secure data flows between clouds.<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">2. What is Oracle Interconnect for Google Cloud?<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Official purpose (what it\u2019s for)<\/h3>\n\n\n\n<p>Oracle Interconnect for Google Cloud is intended to enable <strong>private connectivity between Oracle Cloud and Google Cloud<\/strong> so customers can build and operate <strong>multicloud<\/strong> solutions with lower latency and higher throughput than typical internet paths.<\/p>\n\n\n\n<blockquote>\n<p>Service naming and positioning can evolve (for example, Google may refer to \u201cCross-Cloud Interconnect\u201d on its side). Always confirm the latest terminology and supported region pairings in the official OCI and Google Cloud documentation.<\/p>\n<\/blockquote>\n\n\n\n<h3 class=\"wp-block-heading\">Core capabilities<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Private IP connectivity<\/strong> between OCI and Google Cloud (no public internet traversal for data plane traffic).<\/li>\n<li><strong>Dynamic routing using BGP<\/strong>, enabling route exchange and easier operations as networks evolve.<\/li>\n<li><strong>High bandwidth and low latency<\/strong> compared to internet VPNs (specific bandwidth options depend on the offering in your paired regions\u2014verify in official docs).<\/li>\n<li><strong>Redundancy design patterns<\/strong>, typically using multiple attachments\/circuits and diverse edge devices (exact redundancy model depends on region pairing and how you provision).<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Major components (conceptual building blocks)<\/h3>\n\n\n\n<p>On the <strong>Oracle Cloud (OCI)<\/strong> side, common components include:\n&#8211; <strong>VCN (Virtual Cloud Network)<\/strong>: Your OCI private network with subnets.\n&#8211; <strong>DRG (Dynamic Routing Gateway)<\/strong>: The OCI edge router for private connectivity and route distribution.\n&#8211; <strong>Route tables \/ route distributions<\/strong>: Where you control propagation and forwarding.\n&#8211; <strong>Security Lists \/ Network Security Groups (NSGs)<\/strong>: Traffic filtering in OCI.\n&#8211; <strong>Private connectivity construct<\/strong> (often aligned with <strong>FastConnect-style<\/strong> designs): The mechanism used to establish private connectivity from OCI to external networks.<\/p>\n\n\n\n<p>On the <strong>Google Cloud<\/strong> side, common components include:\n&#8211; <strong>VPC network<\/strong>: Your Google private network.\n&#8211; <strong>Cloud Router<\/strong>: BGP-speaking router used to exchange routes dynamically.\n&#8211; <strong>(Cross-Cloud) Interconnect \/ VLAN attachments<\/strong>: Google\u2019s connectivity primitives used to connect to external networks.\n&#8211; <strong>Firewall rules<\/strong>: Google VPC firewall policy allowing required flows.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Service type<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Network connectivity \/ interconnect service<\/strong> for <strong>multicloud<\/strong> architectures.<\/li>\n<li>Not a compute, storage, or application service\u2014its role is <strong>connectivity and routing<\/strong>.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Scope: regional\/global\/project\/tenancy<\/h3>\n\n\n\n<p>Oracle Interconnect for Google Cloud is typically:\n&#8211; <strong>Region-pair\u2013dependent<\/strong> (available only for certain OCI region \u2194 Google Cloud region pairings).\n&#8211; Scoped to:\n  &#8211; An <strong>OCI tenancy<\/strong> (and compartments) for resource creation and IAM.\n  &#8211; A <strong>Google Cloud project<\/strong> (and potentially specific VPC networks) for provisioning and IAM.<\/p>\n\n\n\n<p>The connectivity itself is not \u201cglobal by default\u201d\u2014it\u2019s anchored to where the interconnect exists. You can still build broader topologies (hub-and-spoke, shared services, multi-region), but you must design routing carefully.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">How it fits into the Oracle Cloud ecosystem<\/h3>\n\n\n\n<p>Oracle Interconnect for Google Cloud fits primarily into OCI\u2019s <strong>Networking<\/strong> stack:\n&#8211; It complements OCI networking constructs like <strong>VCN<\/strong>, <strong>DRG<\/strong>, and <strong>network security controls<\/strong>.\n&#8211; It supports OCI services that benefit from multicloud connectivity (for example, application tiers in Google Cloud connecting to databases or services in OCI, or Oracle services consumed from Google Cloud).<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">3. Why use Oracle Interconnect for Google Cloud?<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Business reasons<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Multicloud flexibility<\/strong>: Keep workloads where they best fit (e.g., analytics in Google Cloud, Oracle databases in Oracle Cloud).<\/li>\n<li><strong>Time-to-value<\/strong>: Reduces the need for custom carrier circuits and complex do-it-yourself colocation routing designs (exact operational model depends on region pairing).<\/li>\n<li><strong>Vendor alignment<\/strong>: Built for Oracle Cloud \u2194 Google Cloud coexistence strategies, including partner-led service integrations.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Technical reasons<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Lower latency<\/strong> and more consistent network performance than internet-based paths.<\/li>\n<li><strong>Higher bandwidth options<\/strong> than typical VPN tunnels (verify bandwidth SKUs in official docs).<\/li>\n<li><strong>BGP-based dynamic routing<\/strong>, enabling:<\/li>\n<li>Controlled route advertisement<\/li>\n<li>Failover patterns<\/li>\n<li>Reduced manual route updates<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Operational reasons<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Predictability<\/strong>: Dedicated interconnect paths are generally more stable than the public internet.<\/li>\n<li><strong>Simplified change management<\/strong> with BGP when subnets grow or new networks appear.<\/li>\n<li><strong>Standard network patterns<\/strong>: Route tables, BGP, firewall rules, monitoring\u2014concepts your network\/SRE teams already know.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Security\/compliance reasons<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Reduced internet exposure<\/strong>: Traffic can stay on private connectivity.<\/li>\n<li><strong>Better control of routing boundaries<\/strong> and route advertisement.<\/li>\n<li>Supports layering additional controls:<\/li>\n<li>TLS at the application layer<\/li>\n<li>Optional overlay encryption (e.g., IPsec over interconnect) when required by policy<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Scalability\/performance reasons<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Better suited for:<\/li>\n<li>Data replication<\/li>\n<li>High-throughput service-to-service calls<\/li>\n<li>Latency-sensitive APIs<\/li>\n<li>Hybrid-ish control planes and shared services<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">When teams should choose it<\/h3>\n\n\n\n<p>Choose Oracle Interconnect for Google Cloud when:\n&#8211; You have <strong>production traffic<\/strong> that needs stable performance between OCI and Google Cloud.\n&#8211; You want <strong>private connectivity<\/strong> rather than public internet VPN.\n&#8211; You need <strong>BGP route exchange<\/strong> and enterprise routing patterns.\n&#8211; Your workloads are in <strong>supported paired regions<\/strong> (availability is the gating factor).<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">When they should not choose it<\/h3>\n\n\n\n<p>Avoid (or delay) using it when:\n&#8211; Your workloads are small and tolerant of internet variability; <strong>IPsec VPN<\/strong> might be enough.\n&#8211; Your regions are not supported (or latency to the nearest interconnect location defeats the purpose).\n&#8211; You need connectivity quickly for a short-lived dev\/test project and procurement\/provisioning time is too high.\n&#8211; Your network plan has overlapping CIDRs or unclear routing ownership; you should fix IP planning first.<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">4. Where is Oracle Interconnect for Google Cloud used?<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Industries<\/h3>\n\n\n\n<p>Common in industries with strict security and reliability requirements:\n&#8211; Financial services and fintech\n&#8211; Healthcare and life sciences\n&#8211; Retail and e-commerce\n&#8211; SaaS and enterprise software\n&#8211; Telecom and media\n&#8211; Public sector (subject to region\/compliance constraints)<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Team types<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Cloud platform teams building standardized connectivity patterns<\/li>\n<li>Network engineering teams managing BGP and routing governance<\/li>\n<li>DevOps\/SRE teams operating multicloud services<\/li>\n<li>Security teams enforcing segmentation and auditability<\/li>\n<li>Data platform teams moving data between clouds<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Workloads<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>App tier in Google Cloud (e.g., GKE) calling databases\/services in OCI<\/li>\n<li>Data replication and backup flows<\/li>\n<li>Internal APIs between microservices split across clouds<\/li>\n<li>Batch data pipelines where private egress reduces exposure<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Architectures<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Hub-and-spoke network with shared services in one cloud and workloads in another<\/li>\n<li>Split-tier architecture: compute in GCP, database in OCI<\/li>\n<li>Dual-run migration: old system in one cloud, new in the other, with private sync<\/li>\n<li>Hybrid enterprise network: on-prem \u2194 OCI \u2194 GCP, where OCI DRG can act as a connectivity hub (design carefully to avoid unintended transitive routing)<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Production vs dev\/test usage<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Production<\/strong>: Strong fit when you need predictable performance and private routing.<\/li>\n<li><strong>Dev\/test<\/strong>: Often used when dev\/test must validate production-like network behavior; however, costs and provisioning lead time can be too high for small ad-hoc environments\u2014teams may use VPN in dev\/test and interconnect in production.<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">5. Top Use Cases and Scenarios<\/h2>\n\n\n\n<p>Below are realistic scenarios where Oracle Interconnect for Google Cloud is commonly justified.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">1) Google Kubernetes Engine (GKE) app tier + OCI database tier<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem<\/strong>: App services in GKE need low-latency access to Oracle databases hosted in OCI.<\/li>\n<li><strong>Why this service fits<\/strong>: Private, stable connectivity reduces jitter and improves response times.<\/li>\n<li><strong>Example<\/strong>: Customer runs microservices on GKE and uses Oracle Autonomous Database in OCI; services connect privately over interconnect.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">2) Oracle Database@Google Cloud\u2013adjacent connectivity patterns<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem<\/strong>: Multicloud solutions require reliable OCI\u2194GCP network paths as part of an Oracle\u2013Google integrated design.<\/li>\n<li><strong>Why this service fits<\/strong>: Oracle Interconnect for Google Cloud is the purpose-built connectivity layer for Oracle\u2013Google multicloud patterns.<\/li>\n<li><strong>Example<\/strong>: Apps in GCP call Oracle services that reside in OCI; interconnect provides private routing.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">3) High-throughput data replication between clouds<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem<\/strong>: Replicating data over internet VPN is slow and inconsistent.<\/li>\n<li><strong>Why this service fits<\/strong>: Dedicated path + higher bandwidth options (verify) improves replication windows.<\/li>\n<li><strong>Example<\/strong>: Nightly bulk transfers from GCP analytics environment to OCI storage or vice versa.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">4) Active\/active service mesh across clouds (careful design)<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem<\/strong>: Need cross-cloud service-to-service calls with predictable latency.<\/li>\n<li><strong>Why this service fits<\/strong>: Private connectivity reduces unknown internet variability.<\/li>\n<li><strong>Example<\/strong>: A shared auth service in OCI consumed by workloads in GCP.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">5) Migration with coexistence (dual-run)<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem<\/strong>: Migrating from OCI to GCP (or the reverse) needs a stable coexistence period.<\/li>\n<li><strong>Why this service fits<\/strong>: Improves reliability while systems exchange traffic and data.<\/li>\n<li><strong>Example<\/strong>: Gradually move stateless services to GCP while keeping the database in OCI temporarily.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">6) Centralized security inspection (hub firewall) for multicloud flows<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem<\/strong>: Need a controlled inspection point for traffic crossing clouds.<\/li>\n<li><strong>Why this service fits<\/strong>: Interconnect can route through a security VCN\/VPC where inspection appliances run.<\/li>\n<li><strong>Example<\/strong>: Traffic from GCP workloads to OCI passes through an OCI firewall VCN attached to a DRG.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">7) Shared internal APIs hosted in OCI for multiple GCP projects<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem<\/strong>: Several GCP teams need private access to shared services in OCI.<\/li>\n<li><strong>Why this service fits<\/strong>: DRG routing + compartment governance on OCI side, Cloud Router\/VPC controls on GCP side.<\/li>\n<li><strong>Example<\/strong>: Payments API in OCI consumed by multiple GCP business units.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">8) Private access to OCI object storage endpoints (via private networking patterns)<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem<\/strong>: Apps in GCP need to exchange objects with OCI without using public endpoints.<\/li>\n<li><strong>Why this service fits<\/strong>: Interconnect provides private network reachability; you still must design endpoint exposure properly (verify OCI private endpoint options for your service).<\/li>\n<li><strong>Example<\/strong>: Data pipeline writes results to OCI Object Storage; traffic stays private.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">9) Enterprise identity and logging split across clouds<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem<\/strong>: Central SIEM\/logging platform in one cloud needs private ingestion from the other.<\/li>\n<li><strong>Why this service fits<\/strong>: Predictable, private connectivity supports steady ingestion.<\/li>\n<li><strong>Example<\/strong>: Logging collectors in GCP forward logs to a SIEM in OCI.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">10) Latency-sensitive middleware (message bus) across clouds<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem<\/strong>: Messaging performance is inconsistent over the internet.<\/li>\n<li><strong>Why this service fits<\/strong>: Private connectivity improves stability; still consider locality and failure domains.<\/li>\n<li><strong>Example<\/strong>: Event consumers in GCP subscribe to a message bus hosted in OCI.<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">6. Core Features<\/h2>\n\n\n\n<blockquote>\n<p>Feature availability and specific configuration options can vary by region pairing and account eligibility. Verify in official docs for your OCI region and Google Cloud region.<\/p>\n<\/blockquote>\n\n\n\n<h3 class=\"wp-block-heading\">1) Private connectivity between OCI and Google Cloud<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>What it does<\/strong>: Provides a private network path for IP traffic between OCI and GCP.<\/li>\n<li><strong>Why it matters<\/strong>: Reduces exposure to public internet routing and congestion.<\/li>\n<li><strong>Practical benefit<\/strong>: More stable service-to-service traffic and improved security posture.<\/li>\n<li><strong>Caveats<\/strong>: \u201cPrivate\u201d does not automatically mean \u201cencrypted.\u201d Use TLS and\/or overlay encryption when required.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">2) BGP-based dynamic routing<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>What it does<\/strong>: Exchanges routes between OCI and GCP using BGP (via DRG and Cloud Router).<\/li>\n<li><strong>Why it matters<\/strong>: Reduces manual route updates and supports failover.<\/li>\n<li><strong>Practical benefit<\/strong>: Easier to scale networks and manage multiple subnets\/VPCs\/VCNs.<\/li>\n<li><strong>Caveats<\/strong>: Requires careful route advertisement control to avoid leaking routes or creating transitive routing unintentionally.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">3) Redundancy design patterns (multi-link \/ multi-edge)<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>What it does<\/strong>: Supports high availability by using multiple connections\/attachments and diverse routing paths (implementation details depend on the offering).<\/li>\n<li><strong>Why it matters<\/strong>: Single interconnect path is a reliability risk.<\/li>\n<li><strong>Practical benefit<\/strong>: Higher uptime and better maintenance tolerance.<\/li>\n<li><strong>Caveats<\/strong>: You must implement redundancy correctly (dual attachments, dual BGP sessions, route priorities).<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">4) Integration with OCI networking constructs (VCN, DRG, route tables)<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>What it does<\/strong>: Lets you attach multiple VCNs to a DRG and centrally manage routing.<\/li>\n<li><strong>Why it matters<\/strong>: Enables hub-and-spoke and shared services architectures on OCI.<\/li>\n<li><strong>Practical benefit<\/strong>: Cleaner governance and scalable network topology.<\/li>\n<li><strong>Caveats<\/strong>: DRG routing policies can be complex; document route intent and validate propagation.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">5) Integration with Google Cloud networking constructs (VPC, Cloud Router)<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>What it does<\/strong>: Uses Cloud Router for BGP and route exchange with your VPC.<\/li>\n<li><strong>Why it matters<\/strong>: Standard Google Cloud model for dynamic routing to external networks.<\/li>\n<li><strong>Practical benefit<\/strong>: Familiar operations for GCP network admins; supports route-based changes.<\/li>\n<li><strong>Caveats<\/strong>: Route export\/import policies and firewall rules must be set correctly.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">6) Compartment\/project governance and IAM control<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>What it does<\/strong>: Uses OCI IAM policies (compartments) and GCP IAM roles (projects) to control who can create\/modify interconnect resources.<\/li>\n<li><strong>Why it matters<\/strong>: Networking changes are high-risk; IAM must be tight.<\/li>\n<li><strong>Practical benefit<\/strong>: Enables separation of duties and change control.<\/li>\n<li><strong>Caveats<\/strong>: Mis-scoped IAM is a common cause of outages or misconfigurations.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">7) Observability hooks (metrics\/logs at the network edge)<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>What it does<\/strong>: Enables monitoring of link status and routing health using each cloud\u2019s monitoring stack.<\/li>\n<li><strong>Why it matters<\/strong>: Interconnect issues often appear as \u201capp timeouts.\u201d<\/li>\n<li><strong>Practical benefit<\/strong>: Faster detection of BGP down, route churn, or unexpected drops.<\/li>\n<li><strong>Caveats<\/strong>: Observability is split across two clouds; you need a combined operational view.<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">7. Architecture and How It Works<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">High-level service architecture<\/h3>\n\n\n\n<p>Oracle Interconnect for Google Cloud can be understood as:\n&#8211; <strong>OCI network edge<\/strong> (VCN + DRG) connected to\n&#8211; <strong>Interconnect infrastructure<\/strong> (private cross-cloud connectivity), connected to\n&#8211; <strong>Google Cloud network edge<\/strong> (Cloud Router + VPC)<\/p>\n\n\n\n<p>Traffic between OCI and GCP flows via private routing, typically using BGP-learned routes.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Request\/data\/control flow (practical view)<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Data plane<\/strong>: Application traffic between private IPs in OCI subnets and GCP subnets.<\/li>\n<li><strong>Control plane<\/strong>:<\/li>\n<li>BGP sessions establish adjacency between OCI edge and Google Cloud Router.<\/li>\n<li>Routes are advertised (e.g., OCI subnet CIDRs to GCP; GCP subnet CIDRs to OCI).<\/li>\n<li>Each cloud updates route tables and forwarding behavior based on BGP and your explicit route policies.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Integrations with related services<\/h3>\n\n\n\n<p>On OCI:\n&#8211; <strong>Compute instances<\/strong> and <strong>load balancers<\/strong> inside VCNs consume the connectivity.\n&#8211; <strong>Network Security Groups (NSGs)<\/strong> control east-west traffic.\n&#8211; <strong>VCN DNS<\/strong> and private endpoints (where supported) can be part of the design.<\/p>\n\n\n\n<p>On Google Cloud:\n&#8211; <strong>GCE<\/strong> and <strong>GKE<\/strong> workloads consume the connectivity.\n&#8211; <strong>Firewall rules<\/strong> control traffic.\n&#8211; <strong>Cloud DNS<\/strong> can integrate with private zones and forwarding policies.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Dependency services<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>OCI: VCN, DRG, routing tables, security constructs; underlying interconnect provisioning constructs.<\/li>\n<li>GCP: VPC, Cloud Router, interconnect attachments\/VLAN attachments, firewall rules.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Security\/authentication model<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>IAM<\/strong> controls who can create\/modify networking resources.<\/li>\n<li><strong>BGP session security<\/strong>: Depending on configuration, BGP may support MD5 authentication (verify exact options in your setup).<\/li>\n<li><strong>Traffic security<\/strong>:<\/li>\n<li>Private routing reduces exposure.<\/li>\n<li>Use <strong>TLS<\/strong> for application encryption.<\/li>\n<li>For policy requirements, consider <strong>IPsec over the interconnect<\/strong> (overlay) if supported and necessary\u2014verify in official docs and validate performance implications.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Networking model considerations<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Non-overlapping CIDR<\/strong> is mandatory for clean routing.<\/li>\n<li><strong>Routing intent<\/strong> must be explicit:<\/li>\n<li>Which subnets should be reachable cross-cloud?<\/li>\n<li>Should this interconnect be transitive to on-prem?<\/li>\n<li><strong>MTU<\/strong>: Ensure consistent MTU assumptions to avoid fragmentation issues\u2014verify recommended MTU values in the official docs.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Monitoring\/logging\/governance considerations<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Monitor:<\/li>\n<li>BGP session status<\/li>\n<li>Route counts and unexpected route changes<\/li>\n<li>Packet drops due to firewall rules\/NSGs<\/li>\n<li>Log:<\/li>\n<li>OCI Audit logs for networking changes<\/li>\n<li>GCP Admin Activity logs for route and router changes<\/li>\n<li>Governance:<\/li>\n<li>Tag\/label interconnect resources with environment, owner, cost center<\/li>\n<li>Use change management for routing updates<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Simple architecture diagram (conceptual)<\/h3>\n\n\n\n<pre><code class=\"language-mermaid\">flowchart LR\n  subgraph GCP[Google Cloud]\n    VPC[VPC Subnet(s)]\n    CR[Cloud Router (BGP)]\n    VPC --&gt; CR\n  end\n\n  subgraph LINK[Oracle Interconnect for Google Cloud]\n    IC[Private Interconnect Path]\n  end\n\n  subgraph OCI[Oracle Cloud (OCI)]\n    VCN[VCN Subnet(s)]\n    DRG[Dynamic Routing Gateway (DRG)]\n    VCN --&gt; DRG\n  end\n\n  CR &lt;-- BGP --&gt; IC &lt;-- BGP --&gt; DRG\n  VPC &lt;-- Private IP Traffic --&gt; VCN\n<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\">Production-style architecture diagram (HA + segmentation)<\/h3>\n\n\n\n<pre><code class=\"language-mermaid\">flowchart TB\n  subgraph GCP[Google Cloud]\n    subgraph GCP_NET[Networking]\n      VPC1[VPC: app-prod]\n      VPC2[VPC: shared-services]\n      CR1[Cloud Router A]\n      CR2[Cloud Router B]\n      VPC1 --&gt; CR1\n      VPC1 --&gt; CR2\n      VPC2 --&gt; CR1\n      VPC2 --&gt; CR2\n    end\n    GKE[GKE \/ GCE Workloads]\n    GKE --&gt; VPC1\n  end\n\n  subgraph OCI[Oracle Cloud (OCI)]\n    subgraph OCI_NET[Networking]\n      DRG[DRG (hub)]\n      VCN_APP[VCN: app-prod]\n      VCN_SEC[VCN: security-inspection]\n      VCN_DB[VCN: database]\n      VCN_APP --&gt; DRG\n      VCN_SEC --&gt; DRG\n      VCN_DB --&gt; DRG\n      FW[Firewall \/ Inspection Appliances]\n      VCN_SEC --&gt; FW\n    end\n    DB[DB Workloads \/ Services]\n    DB --&gt; VCN_DB\n  end\n\n  subgraph INTERCONNECT[Oracle Interconnect for Google Cloud]\n    IC1[Interconnect Path A]\n    IC2[Interconnect Path B]\n  end\n\n  CR1 &lt;-- BGP --&gt; IC1 &lt;-- BGP --&gt; DRG\n  CR2 &lt;-- BGP --&gt; IC2 &lt;-- BGP --&gt; DRG\n\n  %% Policy routing concept\n  VPC1 -. \"Routes to OCI via Cloud Router\" .-&gt; CR1\n  DRG -. \"Route tables \/ distributions\" .-&gt; VCN_APP\n  DRG -. \"Inspection routing (optional)\" .-&gt; VCN_SEC\n  DRG -. \"DB subnets advertised to GCP\" .-&gt; VCN_DB\n<\/code><\/pre>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">8. Prerequisites<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Accounts\/tenancy\/project requirements<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Oracle Cloud (OCI) tenancy<\/strong> with permissions to manage networking resources.<\/li>\n<li><strong>Google Cloud project<\/strong> with permissions to manage networking, Cloud Router, and interconnect-related resources.<\/li>\n<li>Access to <strong>supported OCI region<\/strong> and <strong>supported Google Cloud region pairing<\/strong> for Oracle Interconnect for Google Cloud (verify availability in official docs).<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Permissions \/ IAM roles<\/h3>\n\n\n\n<p><strong>OCI IAM (examples; adjust to your compartment model):<\/strong>\n&#8211; Ability to manage VCN\/DRG\/network resources in a compartment (commonly via policies covering the virtual networking family).\n&#8211; Ability to create\/attach route tables, subnets, NSGs, and DRG attachments.<\/p>\n\n\n\n<p><strong>Google Cloud IAM (typical roles; verify least-privilege needs):<\/strong>\n&#8211; <code>Compute Network Admin<\/code> (or more narrowly scoped roles) to manage VPC networks, routes, firewall rules.\n&#8211; Permissions to manage <strong>Cloud Router<\/strong> and <strong>Interconnect<\/strong> resources (exact roles depend on whether you use Cross-Cloud Interconnect or Cloud Interconnect constructs).<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Billing requirements<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Billing must be enabled in both OCI and Google Cloud.<\/li>\n<li>Network connectivity services are typically billable; expect charges for:<\/li>\n<li>Interconnect\/attachment resources<\/li>\n<li>Data transfer\/egress on one or both sides<\/li>\n<li>Test compute instances for validation<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">CLI\/SDK\/tools needed<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>OCI:<\/li>\n<li>OCI Console access<\/li>\n<li>Optional: <a href=\"https:\/\/docs.oracle.com\/en-us\/iaas\/Content\/API\/Concepts\/cliconcepts.htm\">OCI CLI<\/a><\/li>\n<li>Google Cloud:<\/li>\n<li>Google Cloud Console<\/li>\n<li>Optional: <code>gcloud<\/code> via Cloud Shell or local install<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Region availability<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Oracle Interconnect for Google Cloud is not universally available in all regions.<\/li>\n<li>Confirm:<\/li>\n<li>Supported OCI region(s)<\/li>\n<li>Supported Google Cloud region(s)<\/li>\n<li>Supported region pairings and interconnect locations<br\/>\n<strong>Verify in official docs<\/strong> before committing to an architecture.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Quotas\/limits (common ones to consider)<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Number of DRGs and DRG attachments per tenancy\/region<\/li>\n<li>Number of route rules per route table<\/li>\n<li>BGP route limits on Cloud Router \/ OCI DRG (route scale limits exist; verify current values in docs)<\/li>\n<li>Interconnect attachment counts and bandwidth SKUs (verify)<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Prerequisite services<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>OCI VCN and DRG must exist (or be created).<\/li>\n<li>GCP VPC and Cloud Router must exist (or be created).<\/li>\n<li>IP planning (non-overlapping CIDRs) must be completed.<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">9. Pricing \/ Cost<\/h2>\n\n\n\n<blockquote>\n<p>Do not treat this section as a quote. Prices vary by region, SKU, and sometimes contract terms. Always validate with the official pricing pages and your account team.<\/p>\n<\/blockquote>\n\n\n\n<h3 class=\"wp-block-heading\">Pricing dimensions (what you pay for)<\/h3>\n\n\n\n<p>You typically pay for a combination of:<\/p>\n\n\n\n<p><strong>On Oracle Cloud (OCI) side (commonly aligned with FastConnect-like pricing dimensions):<\/strong>\n&#8211; Port\/connection resources (where applicable)\n&#8211; Virtual circuit \/ attachment constructs (where applicable)\n&#8211; <strong>Data transfer (egress)<\/strong> from OCI to external networks (interconnect pricing may differ from public internet egress\u2014verify current OCI price list)<\/p>\n\n\n\n<p><strong>On Google Cloud side:<\/strong>\n&#8211; Interconnect and VLAN attachment charges (varies by product: Dedicated Interconnect, Partner Interconnect, Cross-Cloud Interconnect\u2014verify which one applies)\n&#8211; <strong>Data transfer (egress)<\/strong> from Google Cloud\n&#8211; Cloud Router-related costs (Cloud Router itself is typically billed by usage\/attachment depending on Google\u2019s current model\u2014verify in Google\u2019s pricing docs)<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Free tier<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Oracle Interconnect for Google Cloud is generally <strong>not<\/strong> a free-tier service.<\/li>\n<li>You may use always-free compute resources for testing in OCI or GCP (subject to each cloud\u2019s free tier rules), but the interconnect itself typically incurs costs.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Main cost drivers<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Data egress volume<\/strong>: Usually the largest cost over time.<\/li>\n<li><strong>Provisioned bandwidth \/ attachment type<\/strong>: Higher capacity generally costs more.<\/li>\n<li><strong>Redundancy<\/strong>: Production HA patterns often require multiple attachments\/circuits (increasing fixed monthly costs).<\/li>\n<li><strong>Cross-cloud traffic patterns<\/strong>: Chatty microservices can generate more cross-cloud traffic than expected.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Hidden or indirect costs<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>NAT gateways, load balancers, and firewalls you deploy for routing\/inspection<\/li>\n<li>Logging and monitoring ingestion\/retention costs in both clouds<\/li>\n<li>DNS architectures (private DNS resolvers, forwarding, etc.)<\/li>\n<li>Operational staffing\/time: network troubleshooting across two clouds<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Network\/data transfer implications<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Understand the directionality:<\/li>\n<li>OCI \u2192 GCP egress may be billed by OCI<\/li>\n<li>GCP \u2192 OCI egress may be billed by GCP  <\/li>\n<li>In multicloud, teams sometimes underestimate <strong>east-west<\/strong> traffic across clouds. Track it early with flow logs\/metrics.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">How to optimize cost<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Minimize cross-cloud chatter:<\/li>\n<li>Keep latency-sensitive and chatty components in the same cloud where feasible.<\/li>\n<li>Use caching and batching for cross-cloud calls.<\/li>\n<li>Advertise only required routes to limit unintended traffic flows.<\/li>\n<li>Use HA thoughtfully: two links is normal; more than that should be justified by SLOs.<\/li>\n<li>Monitor egress daily\/weekly and set budgets\/alerts in both clouds.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Example low-cost starter estimate (model, not numbers)<\/h3>\n\n\n\n<p>A low-cost pilot typically includes:\n&#8211; 1 small OCI test VCN + 1 small GCP test VPC\n&#8211; 1 test VM in each cloud\n&#8211; Minimal set of advertised subnets (one \/24 each)\n&#8211; Short test window<br\/>\nCosts will be driven primarily by:\n&#8211; Any fixed attachment\/port charges\n&#8211; A small amount of data transfer for validation<\/p>\n\n\n\n<p>Because rates vary, <strong>use official calculators<\/strong>:\n&#8211; OCI cost estimator: https:\/\/www.oracle.com\/cloud\/costestimator.html\n&#8211; Google Cloud pricing calculator: https:\/\/cloud.google.com\/products\/calculator<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Example production cost considerations (what to model)<\/h3>\n\n\n\n<p>For production, model:\n&#8211; Two independent connectivity paths (HA)\n&#8211; Expected peak and average cross-cloud data transfer\n&#8211; Growth rate of traffic\n&#8211; Monitoring\/logging retention\n&#8211; Backup\/replication flows (often large and spiky)<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Official pricing pages (start here)<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>OCI pricing (price list landing): https:\/\/www.oracle.com\/cloud\/price-list\/<\/li>\n<li>OCI networking documentation hub (for service-specific pricing references): https:\/\/docs.oracle.com\/en-us\/iaas\/Content\/home.htm<\/li>\n<li>Google Cloud Interconnect pricing (verify correct product page for your setup): https:\/\/cloud.google.com\/network-connectivity\/docs\/interconnect\/pricing<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">10. Step-by-Step Hands-On Tutorial<\/h2>\n\n\n\n<blockquote>\n<p>Reality check: provisioning Oracle Interconnect for Google Cloud may require <strong>region pairing availability<\/strong> and may not be instant for all accounts. This lab is written to be executable <strong>if your account is eligible and the service is available in your regions<\/strong>. If you cannot complete the interconnect provisioning steps, you can still complete the network setup steps and learn the routing\/security workflow.<\/p>\n<\/blockquote>\n\n\n\n<h3 class=\"wp-block-heading\">Objective<\/h3>\n\n\n\n<p>Create private network connectivity between:\n&#8211; An <strong>OCI VCN subnet<\/strong> and\n&#8211; A <strong>Google Cloud VPC subnet<\/strong><br\/>\nusing <strong>Oracle Interconnect for Google Cloud<\/strong>, then validate end-to-end private IP reachability with ICMP and TCP tests.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Lab Overview<\/h3>\n\n\n\n<p>You will:\n1. Create an OCI VCN, subnet, and DRG attachment.\n2. Create a GCP VPC, subnet, and Cloud Router.\n3. Provision\/configure the Oracle Interconnect for Google Cloud connection (BGP).\n4. Update routes and firewall\/NSG rules on both sides.\n5. Validate connectivity with test VMs.\n6. Clean up all resources.<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h3 class=\"wp-block-heading\">Step 1: Plan IP ranges and ASNs (do this first)<\/h3>\n\n\n\n<p><strong>Choose non-overlapping RFC1918 ranges<\/strong>, for example:\n&#8211; OCI VCN: <code>10.10.0.0\/16<\/code>\n  &#8211; OCI test subnet: <code>10.10.10.0\/24<\/code>\n&#8211; GCP VPC: <code>10.20.0.0\/16<\/code>\n  &#8211; GCP test subnet: <code>10.20.10.0\/24<\/code><\/p>\n\n\n\n<p><strong>Choose BGP ASNs<\/strong>\n&#8211; OCI side: you will use a DRG ASN (or BGP ASN) depending on OCI configuration.\n&#8211; GCP side: Cloud Router ASN (private ASN recommended).<\/p>\n\n\n\n<p>ASNs must not conflict with existing BGP peers in your network.<br\/>\n<strong>Expected outcome:<\/strong> You have documented CIDRs and ASNs and confirmed they do not overlap.<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h3 class=\"wp-block-heading\">Step 2: Create the OCI network (VCN + subnet)<\/h3>\n\n\n\n<h4 class=\"wp-block-heading\">Option A: OCI Console (beginner-friendly)<\/h4>\n\n\n\n<ol class=\"wp-block-list\">\n<li>In OCI Console, select your region.<\/li>\n<li>Go to <strong>Networking<\/strong> \u2192 <strong>Virtual cloud networks<\/strong>.<\/li>\n<li>Create a VCN with:\n   &#8211; VCN CIDR: <code>10.10.0.0\/16<\/code>\n   &#8211; Create at least one subnet:<ul>\n<li>Subnet CIDR: <code>10.10.10.0\/24<\/code><\/li>\n<li>Choose <strong>Private subnet<\/strong> if you want all tests to remain private (recommended).<\/li>\n<\/ul>\n<\/li>\n<li>Create or select a <strong>Network Security Group (NSG)<\/strong> for your test VM.<\/li>\n<\/ol>\n\n\n\n<h4 class=\"wp-block-heading\">Option B: OCI CLI (example)<\/h4>\n\n\n\n<p>If you prefer CLI, verify syntax in OCI CLI docs and adapt compartment OCIDs:<\/p>\n\n\n\n<pre><code class=\"language-bash\">oci network vcn create \\\n  --compartment-id &lt;COMPARTMENT_OCID&gt; \\\n  --display-name oci-vcn-multicloud-lab \\\n  --cidr-block 10.10.0.0\/16\n<\/code><\/pre>\n\n\n\n<p><strong>Expected outcome:<\/strong> OCI VCN and a subnet exist.<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h3 class=\"wp-block-heading\">Step 3: Create an OCI DRG and attach it to the VCN<\/h3>\n\n\n\n<ol class=\"wp-block-list\">\n<li>In OCI Console, go to <strong>Networking<\/strong> \u2192 <strong>Dynamic Routing Gateways<\/strong>.<\/li>\n<li>Create a DRG (name it like <code>drg-oci-gcp-lab<\/code>).<\/li>\n<li>Attach the DRG to your VCN.<\/li>\n<\/ol>\n\n\n\n<p>Then configure routing:\n&#8211; In the subnet route table (or DRG route table model depending on OCI routing mode), ensure routes exist so that traffic destined to the GCP CIDR (<code>10.20.0.0\/16<\/code>) is routed to the DRG.<\/p>\n\n\n\n<p><strong>Expected outcome:<\/strong> DRG exists and is attached; OCI routing has a path toward GCP via DRG.<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h3 class=\"wp-block-heading\">Step 4: Create the Google Cloud network (VPC + subnet)<\/h3>\n\n\n\n<p>In Google Cloud Console:\n1. Select your project.\n2. Go to <strong>VPC network<\/strong> \u2192 <strong>VPC networks<\/strong> \u2192 <strong>Create VPC network<\/strong>.\n3. Create:\n   &#8211; Name: <code>gcp-vpc-multicloud-lab<\/code>\n   &#8211; Subnet: <code>10.20.10.0\/24<\/code> in your chosen region<\/p>\n\n\n\n<p>Create firewall rules to allow test traffic:\n&#8211; Allow <strong>ICMP<\/strong> from <code>10.10.0.0\/16<\/code>\n&#8211; Allow <strong>TCP:22<\/strong> (SSH) from your admin IP (for management)\n&#8211; Optionally allow a test TCP port (e.g., 80\/443) between subnets as needed<\/p>\n\n\n\n<p>Using <code>gcloud<\/code> (optional example):<\/p>\n\n\n\n<pre><code class=\"language-bash\">gcloud compute firewall-rules create allow-icmp-from-oci \\\n  --network gcp-vpc-multicloud-lab \\\n  --allow icmp \\\n  --source-ranges 10.10.0.0\/16\n<\/code><\/pre>\n\n\n\n<p><strong>Expected outcome:<\/strong> GCP VPC and subnet exist; firewall rules allow basic validation traffic.<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h3 class=\"wp-block-heading\">Step 5: Create a Cloud Router on Google Cloud<\/h3>\n\n\n\n<ol class=\"wp-block-list\">\n<li>Go to <strong>Network Connectivity<\/strong> (or <strong>Hybrid Connectivity<\/strong>) \u2192 <strong>Cloud Routers<\/strong> (navigation can vary).<\/li>\n<li>Create a Cloud Router:\n   &#8211; Name: <code>cr-oci-interconnect-lab<\/code>\n   &#8211; Region: same as your VPC subnet region\n   &#8211; ASN: choose a private ASN (e.g., 64512). Use your planned value.<\/li>\n<\/ol>\n\n\n\n<p><strong>Expected outcome:<\/strong> Cloud Router exists and is ready for interconnect\/VLAN attachments.<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h3 class=\"wp-block-heading\">Step 6: Provision Oracle Interconnect for Google Cloud connectivity<\/h3>\n\n\n\n<p>This is the step that depends most on:\n&#8211; region pairing availability,\n&#8211; account eligibility,\n&#8211; and current provisioning workflow.<\/p>\n\n\n\n<p>At a high level, you will create:\n&#8211; On OCI: an interconnect-related attachment\/virtual circuit associated with your DRG\n&#8211; On GCP: an interconnect attachment (VLAN attachment) associated with your Cloud Router\n&#8211; Establish BGP sessions and exchange routes<\/p>\n\n\n\n<p>Because the exact UI labels and required identifiers can vary, follow the official setup guide for your region pairing and ensure you capture:\n&#8211; BGP peer IPs (link-local or allocated addresses, depending on model)\n&#8211; BGP ASN values on both sides\n&#8211; Redundancy requirements (usually at least two BGP sessions)<\/p>\n\n\n\n<p><strong>OCI side (conceptual):<\/strong>\n&#8211; Create the Oracle Interconnect for Google Cloud connection\/attachment and associate it with your <strong>DRG<\/strong>.\n&#8211; Configure route import\/export policies (DRG route tables) so only intended OCI subnets are advertised.<\/p>\n\n\n\n<p><strong>GCP side (conceptual):<\/strong>\n&#8211; Create VLAN attachment(s) and associate them with <strong>Cloud Router<\/strong>.\n&#8211; Configure BGP peers and ensure routes from OCI are learned.<\/p>\n\n\n\n<p><strong>Expected outcome:<\/strong>\n&#8211; BGP session(s) show <strong>Established<\/strong> (or equivalent) on both clouds.\n&#8211; Each side learns the other side\u2019s subnet routes (OCI learns <code>10.20.10.0\/24<\/code>; GCP learns <code>10.10.10.0\/24<\/code>), subject to your route policies.<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h3 class=\"wp-block-heading\">Step 7: Create one test VM in each cloud<\/h3>\n\n\n\n<h4 class=\"wp-block-heading\">OCI test VM<\/h4>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Create a small compute instance in subnet <code>10.10.10.0\/24<\/code>.<\/li>\n<li>Place it in an NSG that allows:<\/li>\n<li>ICMP from <code>10.20.0.0\/16<\/code><\/li>\n<li>SSH from your admin IP (optional; recommended for troubleshooting)<\/li>\n<\/ul>\n\n\n\n<h4 class=\"wp-block-heading\">GCP test VM<\/h4>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Create a small <code>e2-micro<\/code>-class VM (or smallest appropriate) in subnet <code>10.20.10.0\/24<\/code>.<\/li>\n<li>Ensure firewall rules allow ICMP from OCI subnet range.<\/li>\n<\/ul>\n\n\n\n<p><strong>Expected outcome:<\/strong> You have:\n&#8211; OCI VM private IP (e.g., <code>10.10.10.10<\/code>)\n&#8211; GCP VM private IP (e.g., <code>10.20.10.10<\/code>)<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h3 class=\"wp-block-heading\">Step 8: Confirm routes on both sides<\/h3>\n\n\n\n<h4 class=\"wp-block-heading\">On Google Cloud<\/h4>\n\n\n\n<p>Check that Cloud Router learned OCI routes and that VPC route tables include paths toward OCI.<\/p>\n\n\n\n<p>Using <code>gcloud<\/code> (example; adjust for your environment):<\/p>\n\n\n\n<pre><code class=\"language-bash\">gcloud compute routers get-status cr-oci-interconnect-lab --region &lt;REGION&gt;\n<\/code><\/pre>\n\n\n\n<p>Look for:\n&#8211; BGP peer status = <code>Established<\/code>\n&#8211; Learned routes include <code>10.10.10.0\/24<\/code> or <code>10.10.0.0\/16<\/code> (depending on what you advertised)<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">On OCI<\/h4>\n\n\n\n<p>Confirm DRG route tables and route distributions show GCP routes are imported and VCN route tables send GCP CIDR to DRG.<\/p>\n\n\n\n<p>OCI has multiple DRG routing models; verify using the OCI Console DRG route tables view.<\/p>\n\n\n\n<p><strong>Expected outcome:<\/strong> Each cloud has a route to the other cloud\u2019s subnet CIDR via the interconnect.<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h3 class=\"wp-block-heading\">Step 9: Validate end-to-end connectivity<\/h3>\n\n\n\n<p>From the <strong>GCP VM<\/strong>, ping the <strong>OCI VM<\/strong> private IP:<\/p>\n\n\n\n<pre><code class=\"language-bash\">ping -c 4 10.10.10.10\n<\/code><\/pre>\n\n\n\n<p>From the <strong>OCI VM<\/strong>, ping the <strong>GCP VM<\/strong> private IP:<\/p>\n\n\n\n<pre><code class=\"language-bash\">ping -c 4 10.20.10.10\n<\/code><\/pre>\n\n\n\n<p>Optional TCP test (from GCP VM to OCI VM, if you enable SSH\/HTTP accordingly):<\/p>\n\n\n\n<pre><code class=\"language-bash\">nc -vz 10.10.10.10 22\n<\/code><\/pre>\n\n\n\n<p>Traceroute (useful to confirm private path):<\/p>\n\n\n\n<pre><code class=\"language-bash\">traceroute 10.10.10.10\n<\/code><\/pre>\n\n\n\n<p><strong>Expected outcome:<\/strong>\n&#8211; ICMP ping succeeds both directions (if allowed by firewall\/NSG rules).\n&#8211; TCP checks succeed for allowed ports.\n&#8211; Traceroute shows a small number of hops (exact hops depend on implementation; do not expect public internet hops).<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h3 class=\"wp-block-heading\">Validation<\/h3>\n\n\n\n<p>Use this checklist:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>BGP peers<\/strong>: Established on GCP Cloud Router and OCI DRG side.<\/li>\n<li><strong>Routes<\/strong>:<\/li>\n<li>GCP has routes to <code>10.10.0.0\/16<\/code> (or subnet routes) via interconnect.<\/li>\n<li>OCI has routes to <code>10.20.0.0\/16<\/code> (or subnet routes) via DRG.<\/li>\n<li><strong>Security<\/strong>:<\/li>\n<li>GCP firewall allows ICMP (and test ports) from OCI CIDR.<\/li>\n<li>OCI NSG\/Security List allows ICMP (and test ports) from GCP CIDR.<\/li>\n<li><strong>Connectivity<\/strong>:<\/li>\n<li>Ping works both ways.<\/li>\n<li>Optional app test (HTTP\/DB) works across clouds.<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h3 class=\"wp-block-heading\">Troubleshooting<\/h3>\n\n\n\n<h4 class=\"wp-block-heading\">1) BGP session is down<\/h4>\n\n\n\n<p>Common causes:\n&#8211; ASN mismatch between peer configuration\n&#8211; Incorrect peer IPs or link-local addressing mismatch\n&#8211; Missing VLAN attachment association with Cloud Router\n&#8211; Route policy denies BGP peer or required routes<\/p>\n\n\n\n<p>Fix:\n&#8211; Re-check BGP peer parameters on both sides against the official setup guide for your interconnect model.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">2) BGP is up, but no routes learned<\/h4>\n\n\n\n<p>Common causes:\n&#8211; You are not exporting any prefixes (advertisement missing)\n&#8211; Import\/export policy filters are too strict\n&#8211; DRG route distribution not configured as expected<\/p>\n\n\n\n<p>Fix:\n&#8211; Explicitly advertise the intended subnet CIDRs on both sides.\n&#8211; Verify DRG route table associations and route distribution statements in OCI.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">3) Routes exist, but ping fails<\/h4>\n\n\n\n<p>Common causes:\n&#8211; Firewall rules \/ NSGs block ICMP\n&#8211; OS firewall (iptables\/ufw) blocks ICMP\n&#8211; Asymmetric routing due to conflicting routes<\/p>\n\n\n\n<p>Fix:\n&#8211; Temporarily allow ICMP between the two CIDR ranges.\n&#8211; Confirm both directions have routes and next-hops correct.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">4) Overlapping CIDR blocks<\/h4>\n\n\n\n<p>Symptom:\n&#8211; Routes are ignored or traffic blackholes.<\/p>\n\n\n\n<p>Fix:\n&#8211; Re-IP one side. Overlapping RFC1918 ranges are a frequent multicloud blocker.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">5) DNS issues<\/h4>\n\n\n\n<p>Symptom:\n&#8211; IP connectivity works, but service name resolution fails.<\/p>\n\n\n\n<p>Fix:\n&#8211; Use private DNS zones and forwarding rules appropriate for each cloud.\n&#8211; Validate resolvers and search domains; consider conditional forwarding.<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h3 class=\"wp-block-heading\">Cleanup<\/h3>\n\n\n\n<p>In reverse order, delete:\n1. Test VMs in OCI and GCP\n2. GCP firewall rules created for the lab (if not needed)\n3. GCP VLAN attachments \/ interconnect resources\n4. OCI interconnect attachment\/virtual circuit resources\n5. DRG attachment to VCN and DRG (if dedicated to the lab)\n6. OCI VCN and subnets\n7. GCP VPC and subnet (if dedicated to the lab)<\/p>\n\n\n\n<p><strong>Expected outcome:<\/strong> No ongoing interconnect attachments or test compute resources remain, minimizing cost.<\/p>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">11. Best Practices<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Architecture best practices<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Design with <strong>clear routing intent<\/strong>:<\/li>\n<li>Which networks are reachable cross-cloud?<\/li>\n<li>Which must remain isolated?<\/li>\n<li>Prefer <strong>hub-and-spoke<\/strong>:<\/li>\n<li>OCI DRG as hub for multiple VCNs<\/li>\n<li>GCP shared VPC patterns (if applicable)<\/li>\n<li>Avoid accidental transitive routing:<\/li>\n<li>If OCI is connected to on-prem and GCP, be explicit about whether GCP can reach on-prem via OCI (and vice versa).<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">IAM\/security best practices<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Least privilege:<\/li>\n<li>Separate \u201cnetwork provisioning\u201d from \u201capp deployment.\u201d<\/li>\n<li>Use compartments\/projects per environment (dev\/test\/prod).<\/li>\n<li>Require change approval for routing and firewall policy changes.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Cost best practices<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Track and alert on <strong>egress<\/strong> in both clouds.<\/li>\n<li>Minimize cross-cloud \u201cchatty\u201d calls; keep high-volume internal calls intra-cloud when possible.<\/li>\n<li>Use <strong>budgets<\/strong> and <strong>anomaly detection<\/strong> where available.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Performance best practices<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Keep workloads in <strong>paired regions<\/strong> with lowest latency.<\/li>\n<li>Validate MTU and avoid fragmentation issues (verify recommended MTU).<\/li>\n<li>Batch data transfers; use compression where appropriate.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Reliability best practices<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Use redundant attachments\/paths and test failover.<\/li>\n<li>Document failover behavior:<\/li>\n<li>Which routes are preferred?<\/li>\n<li>What happens during maintenance?<\/li>\n<li>Run periodic game days: disable one BGP peer and verify traffic continues.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Operations best practices<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Centralize observability:<\/li>\n<li>BGP status dashboards<\/li>\n<li>Route count dashboards<\/li>\n<li>Cross-cloud latency probes<\/li>\n<li>Implement runbooks:<\/li>\n<li>\u201cBGP down\u201d<\/li>\n<li>\u201cRoutes missing\u201d<\/li>\n<li>\u201cPacket loss\u201d<\/li>\n<li>Standardize tags\/labels:<\/li>\n<li><code>env<\/code>, <code>owner<\/code>, <code>cost-center<\/code>, <code>service<\/code>, <code>ticket<\/code><\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Governance\/tagging\/naming best practices<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Use consistent names:<\/li>\n<li><code>drg-prod-gcp-interconnect<\/code><\/li>\n<li><code>cr-prod-oci-interconnect<\/code><\/li>\n<li>Tag all networking resources; missing tags often lead to orphaned, billable resources.<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">12. Security Considerations<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Identity and access model<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>OCI: IAM policies determine who can manage DRGs, VCNs, route tables, and interconnect constructs.<\/li>\n<li>GCP: IAM roles determine who can manage VPC, Cloud Router, firewall, interconnect attachments.<\/li>\n<\/ul>\n\n\n\n<p>Security recommendation:\n&#8211; Separate duties:\n  &#8211; Network admins manage routing\/interconnect\n  &#8211; App teams manage compute and application configuration<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Encryption<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Interconnect provides private connectivity, but <strong>encryption-in-transit<\/strong> may still be required:<\/li>\n<li>Use TLS for app protocols<\/li>\n<li>Consider IPsec overlay when mandated (verify performance and support)<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Network exposure<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Treat cross-cloud as a high-trust boundary only if your policy allows it.<\/li>\n<li>Use segmentation:<\/li>\n<li>Only advertise required routes<\/li>\n<li>Apply NSGs\/firewalls tightly<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Secrets handling<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Don\u2019t hardcode credentials in cross-cloud scripts.<\/li>\n<li>Use each cloud\u2019s secret manager:<\/li>\n<li>OCI Vault<\/li>\n<li>Google Secret Manager<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Audit\/logging<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>OCI Audit: track networking changes (route tables, DRG changes).<\/li>\n<li>GCP Cloud Audit Logs: track router, interconnect, and firewall changes.<\/li>\n<li>Centralize logs into your SIEM with retention policies.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Compliance considerations<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Confirm data residency and region pairing constraints.<\/li>\n<li>Validate that cross-cloud data flows meet regulatory requirements (HIPAA, PCI, etc.)\u2014this is architecture and governance work, not just networking.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Common security mistakes<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Advertising broad CIDRs (<code>10.0.0.0\/8<\/code>) by accident<\/li>\n<li>Allowing <code>0.0.0.0\/0<\/code> in firewall rules for troubleshooting and forgetting to revert<\/li>\n<li>Creating transitive routing between on-prem and the other cloud unintentionally<\/li>\n<li>Assuming \u201cprivate\u201d means \u201cencrypted\u201d and skipping TLS<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Secure deployment recommendations<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Advertise only specific subnet prefixes.<\/li>\n<li>Use layered security:<\/li>\n<li>NSGs + firewalls + application auth<\/li>\n<li>Use continuous validation:<\/li>\n<li>Periodic route audits<\/li>\n<li>Connectivity tests from controlled probes<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">13. Limitations and Gotchas<\/h2>\n\n\n\n<blockquote>\n<p>Limits and behaviors vary; verify exact values in official docs.<\/p>\n<\/blockquote>\n\n\n\n<h3 class=\"wp-block-heading\">Known limitations \/ constraints<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Region pairing availability<\/strong>: Not all OCI regions connect to all GCP regions.<\/li>\n<li><strong>Provisioning constraints<\/strong>: Some setups require coordination and may not be instantly available for all accounts.<\/li>\n<li><strong>Route scale limits<\/strong>: BGP route limits exist on routers; do not assume unlimited prefixes.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Quotas<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>OCI quotas on DRGs, attachments, route rules.<\/li>\n<li>GCP quotas on interconnect attachments, Cloud Routers, learned routes.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Regional constraints<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Latency and throughput depend on the physical interconnect path.<\/li>\n<li>Disaster recovery design must consider if the interconnect is region-pair specific.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Pricing surprises<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Egress charges in both clouds can grow quickly.<\/li>\n<li>Redundant attachments cost more but are often required for production.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Compatibility issues<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Overlapping RFC1918 CIDRs break routing.<\/li>\n<li>MTU mismatches can cause hard-to-debug performance issues.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Operational gotchas<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Split ownership: Network teams need access\/visibility in both clouds.<\/li>\n<li>Troubleshooting is two-sided:<\/li>\n<li>A route missing in GCP can look like an OCI problem (and vice versa).<\/li>\n<li>Asymmetric routing:<\/li>\n<li>Can occur with incorrect route priorities or propagation settings.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Migration challenges<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Existing environments often have overlapping CIDRs.<\/li>\n<li>Legacy apps may depend on hard-coded IPs or DNS assumptions.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Vendor-specific nuances<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>OCI DRG routing and route distribution is powerful but can be complex.<\/li>\n<li>GCP Cloud Router behavior is BGP-centric; you must understand import\/export and learned routes.<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">14. Comparison with Alternatives<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Alternatives to consider<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>IPsec VPN between OCI and GCP<\/strong> (over public internet)<\/li>\n<li><strong>Self-managed carrier connectivity<\/strong> via colocation and third-party routing<\/li>\n<li><strong>OCI FastConnect to a colocation + GCP Dedicated\/Partner Interconnect<\/strong> (DIY)<\/li>\n<li><strong>Public internet connectivity<\/strong> with strict TLS and WAFs (not ideal for private east-west)<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Comparison table<\/h3>\n\n\n\n<figure class=\"wp-block-table\"><table>\n<thead>\n<tr>\n<th>Option<\/th>\n<th>Best For<\/th>\n<th>Strengths<\/th>\n<th>Weaknesses<\/th>\n<th>When to Choose<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td>Oracle Interconnect for Google Cloud<\/td>\n<td>Production multicloud OCI\u2194GCP with private routing<\/td>\n<td>Private connectivity, BGP routing, predictable performance<\/td>\n<td>Region pairing constraints; provisioning complexity; cost<\/td>\n<td>When you need stable private connectivity between OCI and GCP<\/td>\n<\/tr>\n<tr>\n<td>IPsec VPN (OCI\u2194GCP)<\/td>\n<td>Dev\/test, low-throughput production, quick setup<\/td>\n<td>Fast to deploy; widely available<\/td>\n<td>Internet variability; throughput limits; more jitter<\/td>\n<td>When interconnect is unavailable or not justified yet<\/td>\n<\/tr>\n<tr>\n<td>DIY colocation (FastConnect + Interconnect)<\/td>\n<td>Large enterprises with network teams and carrier contracts<\/td>\n<td>Full control over topology<\/td>\n<td>Operational complexity; longer lead time<\/td>\n<td>When you need custom global connectivity beyond supported pairings<\/td>\n<\/tr>\n<tr>\n<td>Public internet + TLS<\/td>\n<td>Public-facing APIs only<\/td>\n<td>Lowest setup complexity<\/td>\n<td>Not private; depends on internet; security posture depends on app controls<\/td>\n<td>When traffic is inherently public and not east-west private networking<\/td>\n<\/tr>\n<\/tbody>\n<\/table><\/figure>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">15. Real-World Example<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Enterprise example: regulated financial services multicloud<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem<\/strong>: A bank runs customer-facing apps on Google Cloud (GKE) but needs Oracle database services and certain compliance tooling in Oracle Cloud. Internet VPN latency variability causes timeouts and operational incidents.<\/li>\n<li><strong>Proposed architecture<\/strong>:<\/li>\n<li>GCP: GKE in a dedicated VPC<\/li>\n<li>OCI: Database VCN + security inspection VCN<\/li>\n<li>Oracle Interconnect for Google Cloud with redundant BGP sessions<\/li>\n<li>Tight route advertisement: only app and DB subnets<\/li>\n<li>Centralized logging: both clouds feed a SIEM<\/li>\n<li><strong>Why this service was chosen<\/strong>:<\/li>\n<li>Private connectivity and predictable latency for transactional workloads<\/li>\n<li>BGP for scalable routing across multiple subnets<\/li>\n<li>Stronger security boundary than internet-based VPN alone<\/li>\n<li><strong>Expected outcomes<\/strong>:<\/li>\n<li>Reduced cross-cloud API latency and fewer timeouts<\/li>\n<li>Improved operational stability (fewer routing incidents)<\/li>\n<li>Clear audit trail and governance for network changes<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Startup\/small-team example: SaaS with split compute and data<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Problem<\/strong>: A startup uses Google Cloud for rapid app iteration and managed services, but relies on Oracle Cloud for Oracle-compatible database capabilities and cost\/performance characteristics. VPN throughput is too low for nightly sync jobs.<\/li>\n<li><strong>Proposed architecture<\/strong>:<\/li>\n<li>One OCI VCN hosting database and a small bastion\/admin subnet<\/li>\n<li>One GCP VPC hosting application services<\/li>\n<li>Oracle Interconnect for Google Cloud for private data sync and app-to-db traffic<\/li>\n<li>Budget alerts on both clouds to track egress<\/li>\n<li><strong>Why this service was chosen<\/strong>:<\/li>\n<li>Improved throughput and reliability without building a DIY colocation network<\/li>\n<li>Keeps sensitive data flows off the public internet path<\/li>\n<li><strong>Expected outcomes<\/strong>:<\/li>\n<li>Nightly jobs complete within window<\/li>\n<li>Better user latency for app-to-db calls<\/li>\n<li>Simplified networking compared to custom carrier approaches<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">16. FAQ<\/h2>\n\n\n\n<ol class=\"wp-block-list\">\n<li>\n<p><strong>Is Oracle Interconnect for Google Cloud the same as a VPN?<\/strong><br\/>\n   No. VPN typically runs over the public internet with encryption. Oracle Interconnect for Google Cloud is designed for <strong>private connectivity<\/strong> using interconnect infrastructure and BGP routing.<\/p>\n<\/li>\n<li>\n<p><strong>Does \u201cprivate interconnect\u201d mean traffic is encrypted?<\/strong><br\/>\n   Not necessarily. Private routing reduces exposure to the public internet, but you should still use <strong>TLS<\/strong> and consider overlay encryption if required by policy.<\/p>\n<\/li>\n<li>\n<p><strong>Do I need BGP knowledge to use this service?<\/strong><br\/>\n   Yes, at least basic BGP and routing knowledge is strongly recommended. Your network team should own route advertisement and failover design.<\/p>\n<\/li>\n<li>\n<p><strong>Which regions are supported?<\/strong><br\/>\n   Support is based on <strong>OCI\u2194GCP region pairings<\/strong>. Check the official Oracle and Google Cloud documentation for the current list.<\/p>\n<\/li>\n<li>\n<p><strong>How long does provisioning take?<\/strong><br\/>\n   It depends on region pairing and workflow. Some components can be created quickly, while others may require additional provisioning steps. Verify in official docs.<\/p>\n<\/li>\n<li>\n<p><strong>Can I connect multiple OCI VCNs to one Google Cloud VPC?<\/strong><br\/>\n   Often yes using DRG hub patterns and careful route policies, but design complexity increases. Validate route limits and governance.<\/p>\n<\/li>\n<li>\n<p><strong>Can I connect multiple GCP VPCs to OCI?<\/strong><br\/>\n   Yes, typically via Cloud Router and VPC design patterns (including Shared VPC). Ensure route advertisement and firewall rules are correct.<\/p>\n<\/li>\n<li>\n<p><strong>What are the most common causes of outages?<\/strong><br\/>\n   Route leaks, accidental broad advertisements, firewall\/NSG changes, and BGP session misconfiguration.<\/p>\n<\/li>\n<li>\n<p><strong>How do I prevent transitive routing (GCP \u2194 OCI \u2194 on-prem)?<\/strong><br\/>\n   Use strict route import\/export filters and DRG route tables. Only advertise intended prefixes.<\/p>\n<\/li>\n<li>\n<p><strong>Is this service appropriate for dev\/test?<\/strong><br\/>\n   It can be, but cost and setup complexity may make VPN a better fit for ephemeral environments.<\/p>\n<\/li>\n<li>\n<p><strong>How do I monitor connectivity health?<\/strong><br\/>\n   Monitor BGP session status, learned route counts, and run synthetic probes (ping\/TCP) between dedicated test endpoints.<\/p>\n<\/li>\n<li>\n<p><strong>Can I use private DNS across clouds?<\/strong><br\/>\n   Yes, but DNS requires explicit design (forwarding, conditional zones, resolvers). Do not assume private IP connectivity solves DNS automatically.<\/p>\n<\/li>\n<li>\n<p><strong>What about MTU and jumbo frames?<\/strong><br\/>\n   MTU mismatches can cause fragmentation\/performance issues. Follow official recommendations and test with realistic payload sizes.<\/p>\n<\/li>\n<li>\n<p><strong>Do I need overlapping security controls in both clouds?<\/strong><br\/>\n   Yes. Enforce least privilege at multiple layers: route advertisements, firewall\/NSG rules, and application authentication.<\/p>\n<\/li>\n<li>\n<p><strong>How do I estimate cost before production?<\/strong><br\/>\n   Model fixed connectivity charges and expected data egress in both directions. Use OCI and Google pricing calculators and add monitoring\/logging costs.<\/p>\n<\/li>\n<\/ol>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">17. Top Online Resources to Learn Oracle Interconnect for Google Cloud<\/h2>\n\n\n\n<figure class=\"wp-block-table\"><table>\n<thead>\n<tr>\n<th>Resource Type<\/th>\n<th>Name<\/th>\n<th>Why It Is Useful<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td>Official documentation<\/td>\n<td>OCI Documentation (Networking) \u2013 https:\/\/docs.oracle.com\/en-us\/iaas\/Content\/home.htm<\/td>\n<td>Starting point for OCI networking concepts (VCN, DRG, routing, FastConnect patterns). Use it to find the latest interconnect-specific guide.<\/td>\n<\/tr>\n<tr>\n<td>Official documentation<\/td>\n<td>OCI FastConnect docs \u2013 https:\/\/docs.oracle.com\/en-us\/iaas\/Content\/Network\/Concepts\/fastconnect.htm<\/td>\n<td>Oracle Interconnect for Google Cloud commonly aligns with private connectivity patterns; FastConnect concepts help understand private circuits and DRG routing.<\/td>\n<\/tr>\n<tr>\n<td>Official pricing<\/td>\n<td>OCI Price List \u2013 https:\/\/www.oracle.com\/cloud\/price-list\/<\/td>\n<td>Official source for OCI networking pricing dimensions and regional price lists.<\/td>\n<\/tr>\n<tr>\n<td>Official calculator<\/td>\n<td>OCI Cost Estimator \u2013 https:\/\/www.oracle.com\/cloud\/costestimator.html<\/td>\n<td>Estimate OCI-side costs (compute, networking, egress).<\/td>\n<\/tr>\n<tr>\n<td>Official documentation<\/td>\n<td>Google Cloud Interconnect overview \u2013 https:\/\/cloud.google.com\/network-connectivity\/docs\/interconnect<\/td>\n<td>Understand Google\u2019s interconnect constructs and how Cloud Router interacts with them.<\/td>\n<\/tr>\n<tr>\n<td>Official pricing<\/td>\n<td>Google Cloud Interconnect pricing \u2013 https:\/\/cloud.google.com\/network-connectivity\/docs\/interconnect\/pricing<\/td>\n<td>Official pricing model for interconnect and attachments.<\/td>\n<\/tr>\n<tr>\n<td>Official documentation<\/td>\n<td>Google Cloud Router docs \u2013 https:\/\/cloud.google.com\/network-connectivity\/docs\/router<\/td>\n<td>Essential for BGP configuration, learned routes, and troubleshooting on GCP.<\/td>\n<\/tr>\n<tr>\n<td>Architecture references<\/td>\n<td>OCI Architecture Center \u2013 https:\/\/docs.oracle.com\/en\/solutions\/<\/td>\n<td>Reference architectures and design patterns (search within for multicloud networking).<\/td>\n<\/tr>\n<tr>\n<td>Hands-on labs<\/td>\n<td>OCI Hands-on Labs (official GitHub) \u2013 https:\/\/oracle-labs.github.io\/<\/td>\n<td>Practical labs for OCI networking and related services; useful for foundational skills used in interconnect setups.<\/td>\n<\/tr>\n<tr>\n<td>Training (official)<\/td>\n<td>Google Cloud Training \u2013 https:\/\/cloud.google.com\/training<\/td>\n<td>Foundational and advanced networking courses relevant to Cloud Router and Interconnect.<\/td>\n<\/tr>\n<\/tbody>\n<\/table><\/figure>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">18. Training and Certification Providers<\/h2>\n\n\n\n<figure class=\"wp-block-table\"><table>\n<thead>\n<tr>\n<th>Institute<\/th>\n<th>Suitable Audience<\/th>\n<th>Likely Learning Focus<\/th>\n<th>Mode<\/th>\n<th>Website URL<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td>DevOpsSchool.com<\/td>\n<td>DevOps engineers, SREs, cloud engineers<\/td>\n<td>DevOps + cloud operations; may include multicloud connectivity concepts<\/td>\n<td>Check website<\/td>\n<td>https:\/\/www.devopsschool.com\/<\/td>\n<\/tr>\n<tr>\n<td>ScmGalaxy.com<\/td>\n<td>Beginners to intermediate engineers<\/td>\n<td>DevOps fundamentals, tooling, CI\/CD; complementary skills for multicloud operations<\/td>\n<td>Check website<\/td>\n<td>https:\/\/www.scmgalaxy.com\/<\/td>\n<\/tr>\n<tr>\n<td>CLoudOpsNow.in<\/td>\n<td>Cloud ops and platform teams<\/td>\n<td>Cloud operations practices, monitoring, cost awareness<\/td>\n<td>Check website<\/td>\n<td>https:\/\/cloudopsnow.in\/<\/td>\n<\/tr>\n<tr>\n<td>SreSchool.com<\/td>\n<td>SREs and reliability-focused engineers<\/td>\n<td>Reliability engineering, observability, incident response<\/td>\n<td>Check website<\/td>\n<td>https:\/\/sreschool.com\/<\/td>\n<\/tr>\n<tr>\n<td>AiOpsSchool.com<\/td>\n<td>Ops teams adopting AIOps<\/td>\n<td>AIOps concepts, event correlation, automated remediation<\/td>\n<td>Check website<\/td>\n<td>https:\/\/aiopsschool.com\/<\/td>\n<\/tr>\n<\/tbody>\n<\/table><\/figure>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">19. Top Trainers<\/h2>\n\n\n\n<figure class=\"wp-block-table\"><table>\n<thead>\n<tr>\n<th>Platform\/Site<\/th>\n<th>Likely Specialization<\/th>\n<th>Suitable Audience<\/th>\n<th>Website URL<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td>RajeshKumar.xyz<\/td>\n<td>DevOps\/cloud training content (verify offerings)<\/td>\n<td>Individuals and teams seeking guided learning<\/td>\n<td>https:\/\/rajeshkumar.xyz\/<\/td>\n<\/tr>\n<tr>\n<td>devopstrainer.in<\/td>\n<td>DevOps training (verify course catalog)<\/td>\n<td>Beginners to advanced DevOps practitioners<\/td>\n<td>https:\/\/devopstrainer.in\/<\/td>\n<\/tr>\n<tr>\n<td>devopsfreelancer.com<\/td>\n<td>DevOps consulting\/training services marketplace style (verify)<\/td>\n<td>Teams needing short-term expertise<\/td>\n<td>https:\/\/devopsfreelancer.com\/<\/td>\n<\/tr>\n<tr>\n<td>devopssupport.in<\/td>\n<td>DevOps support and training (verify services)<\/td>\n<td>Ops teams needing practical support<\/td>\n<td>https:\/\/devopssupport.in\/<\/td>\n<\/tr>\n<\/tbody>\n<\/table><\/figure>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">20. Top Consulting Companies<\/h2>\n\n\n\n<figure class=\"wp-block-table\"><table>\n<thead>\n<tr>\n<th>Company Name<\/th>\n<th>Likely Service Area<\/th>\n<th>Where They May Help<\/th>\n<th>Consulting Use Case Examples<\/th>\n<th>Website URL<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td>cotocus.com<\/td>\n<td>Cloud\/DevOps consulting (verify specialization)<\/td>\n<td>Architecture, automation, cloud operations<\/td>\n<td>Multicloud network design reviews; CI\/CD integration for multicloud apps<\/td>\n<td>https:\/\/cotocus.com\/<\/td>\n<\/tr>\n<tr>\n<td>DevOpsSchool.com<\/td>\n<td>DevOps and cloud consulting\/training<\/td>\n<td>Skills enablement, implementation support<\/td>\n<td>Building runbooks\/observability for interconnect operations; platform team coaching<\/td>\n<td>https:\/\/www.devopsschool.com\/<\/td>\n<\/tr>\n<tr>\n<td>DEVOPSCONSULTING.IN<\/td>\n<td>DevOps consulting (verify offerings)<\/td>\n<td>DevOps transformation and support<\/td>\n<td>Network automation, IaC pipelines, operational readiness assessments<\/td>\n<td>https:\/\/devopsconsulting.in\/<\/td>\n<\/tr>\n<\/tbody>\n<\/table><\/figure>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">21. Career and Learning Roadmap<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">What to learn before this service<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Networking fundamentals:<\/li>\n<li>CIDR, subnets, routing tables<\/li>\n<li>Firewalls and security groups<\/li>\n<li>BGP basics:<\/li>\n<li>ASN, neighbors, route advertisement<\/li>\n<li>route filtering, MED\/local preference concepts (as applicable)<\/li>\n<li>OCI fundamentals:<\/li>\n<li>VCNs, subnets, NSGs<\/li>\n<li>DRG concepts and routing<\/li>\n<li>Google Cloud fundamentals:<\/li>\n<li>VPC, firewall rules<\/li>\n<li>Cloud Router and dynamic routing<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">What to learn after this service<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Advanced multicloud network patterns:<\/li>\n<li>Segmentation, inspection, and zero trust<\/li>\n<li>Multi-region DR and failover testing<\/li>\n<li>Infrastructure as Code:<\/li>\n<li>Terraform for OCI and Google Cloud<\/li>\n<li>Observability:<\/li>\n<li>SLOs, synthetic probes, combined dashboards<\/li>\n<li>Security:<\/li>\n<li>Threat modeling for multicloud<\/li>\n<li>Key management and secret rotation<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Job roles that use it<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Cloud Network Engineer<\/li>\n<li>Cloud Solutions Architect<\/li>\n<li>Platform Engineer<\/li>\n<li>SRE \/ Reliability Engineer (network-heavy)<\/li>\n<li>DevOps Engineer (in multicloud orgs)<\/li>\n<li>Security Engineer (network segmentation and controls)<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Certification path (if available)<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>OCI certifications (networking-focused) and Google Cloud networking certifications are both relevant.<\/li>\n<li>Specific certifications for Oracle Interconnect for Google Cloud may not exist as standalone; verify current certification catalogs:<\/li>\n<li>OCI training\/certifications: https:\/\/education.oracle.com\/<\/li>\n<li>Google Cloud certifications: https:\/\/cloud.google.com\/learn\/certification<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Project ideas for practice<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Build a hub-and-spoke OCI DRG network and simulate route propagation rules.<\/li>\n<li>Create a dual-cloud connectivity runbook: BGP down, route leak, firewall block.<\/li>\n<li>Implement synthetic probes that measure latency and packet loss across clouds and alert on thresholds.<\/li>\n<li>Design a multicloud DNS solution with private zones and conditional forwarding.<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">22. Glossary<\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>OCI (Oracle Cloud Infrastructure)<\/strong>: Oracle Cloud platform providing compute, networking, storage, and managed services.<\/li>\n<li><strong>Google Cloud (GCP)<\/strong>: Google\u2019s cloud platform including VPC networking and Cloud Router.<\/li>\n<li><strong>Multicloud<\/strong>: Using two or more cloud providers in a single architecture.<\/li>\n<li><strong>VCN (Virtual Cloud Network)<\/strong>: OCI private network construct.<\/li>\n<li><strong>VPC (Virtual Private Cloud)<\/strong>: Google Cloud private network construct.<\/li>\n<li><strong>DRG (Dynamic Routing Gateway)<\/strong>: OCI virtual router for connecting VCNs to external networks (including other clouds).<\/li>\n<li><strong>Cloud Router<\/strong>: Google Cloud managed BGP router for dynamic route exchange.<\/li>\n<li><strong>BGP (Border Gateway Protocol)<\/strong>: Routing protocol used to exchange IP routes between networks.<\/li>\n<li><strong>ASN (Autonomous System Number)<\/strong>: Identifier used in BGP to represent a routing domain.<\/li>\n<li><strong>CIDR<\/strong>: Notation for IP ranges (e.g., <code>10.10.0.0\/16<\/code>).<\/li>\n<li><strong>Route advertisement<\/strong>: The prefixes a router announces to a BGP peer.<\/li>\n<li><strong>Learned routes<\/strong>: Routes received from a BGP peer.<\/li>\n<li><strong>NSG (Network Security Group)<\/strong>: OCI virtual firewall construct applied to VNICs.<\/li>\n<li><strong>Firewall rules (GCP)<\/strong>: VPC firewall policies controlling traffic to\/from instances.<\/li>\n<li><strong>Egress<\/strong>: Outbound data transfer from a cloud network (often billed).<\/li>\n<li><strong>Transitive routing<\/strong>: Using one network as a pass-through to reach another network (can be accidental and risky).<\/li>\n<\/ul>\n\n\n\n<hr class=\"wp-block-separator\" \/>\n\n\n\n<h2 class=\"wp-block-heading\">23. Summary<\/h2>\n\n\n\n<p>Oracle Interconnect for Google Cloud (Oracle Cloud) is a <strong>multicloud private connectivity<\/strong> service that enables <strong>private, BGP-routed networking<\/strong> between OCI and Google Cloud. It matters because it gives architects and operators a more predictable, governable alternative to internet VPN for cross-cloud traffic\u2014especially for production systems where latency, throughput, and route control are critical.<\/p>\n\n\n\n<p>From a cost perspective, the biggest drivers are <strong>data egress<\/strong> and the number\/type of interconnect attachments needed for HA. From a security perspective, the key points are strict <strong>route advertisement control<\/strong>, layered firewall\/NSG policies, and remembering that private connectivity does not automatically equal encryption\u2014use TLS (and overlay encryption when required).<\/p>\n\n\n\n<p>Use Oracle Interconnect for Google Cloud when you have supported region pairings and a real need for private, stable cross-cloud networking. Your next learning step should be to master <strong>OCI DRG routing<\/strong> and <strong>Google Cloud Router BGP operations<\/strong>, then implement an operational playbook for monitoring, troubleshooting, and cost control across both clouds.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Multicloud<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[73,62],"tags":[],"class_list":["post-940","post","type-post","status-publish","format-standard","hentry","category-multicloud","category-oracle-cloud"],"_links":{"self":[{"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/posts\/940","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/comments?post=940"}],"version-history":[{"count":0,"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/posts\/940\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/media?parent=940"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/categories?post=940"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.devopsschool.com\/tutorials\/wp-json\/wp\/v2\/tags?post=940"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}