Oracle Cloud Infrastructure Documentation

FastConnect Public Peering Advertised Routes

This topic discusses the public IP address ranges (routes) that BGP advertises to your on-premises network over FastConnect public peering (a public virtual circuit). You may need this information when configuring firewall allow lists for your on-premises network.

By default, when you connect with FastConnect to Oracle Cloud Infrastructure (OCI) in a particular region, the routes advertised over the public virtual circuit include routes for other OCI regions in the same market, and for specific Oracle Cloud Infrastructure Classic regions. For more information about regions, see About Regions and Availability Domains.

If you do not own a Public ASN or Public IP Address, you might need to review this section: To use FastConnect if you do not own a Public ASN or Public IP Address.

Using route filtering you can also choose to advertise public routes used by ephemeral IP address ranges, reserved IP address ranges, and Oracle Services Network (OSN) to your on-premises network at the region, market, or global (all regions in all markets) scope. You can also choose to only advertise routes to OSN from the local region. The following map and tables show which regions are in the same market group.

You can select route filtering options when you set up a FastConnect virtual circuit. The details vary depending on whether you are using a FastConnect partner, a third-party provider, or colocation.

Downloading the JSON File

Use this link to download the current list of all public IP ranges in all commercial regions. This list is formatted in JSON, and provides the most current list of the actual public routes advertised by a region. If necessary, you can concatenate several regional lists into market lists.

You can poll the published file to check for new IP address ranges as frequently as every 24 hours. We recommend that you poll the published file at least weekly. More information on reading and using this JSON file is at IP Address Ranges.

Security considerations for FastConnect public peering

Always consider FastConnect public peering as an untrusted interface, and put in place firewalls and other access controls as you would for any network interface connected to the Internet.

When your on-premises network is connected to OCI using FastConnect public peering without access controls or route filtering, your on-premises network can potentially receive packets from:

  • All VCNs in the same market in your tenancy (or tenancies, if you have more than one) with internet access
  • Any VCN resources with internet access operated by other OCI customers in the same market
  • OCI public services such as Object Storage, the Console, or APIs

When your on-premises network is connected to OCI using FastConnect public peering without access controls, your on-premises network cannot receive packets from:

  • Routers used by other OCI customers' on-premises networks that are also connected with FastConnect public peering
  • Internet users and resources

Markets

Markets are groupings of OCI regions that are in the same general part of the world. The following map shows the OCI regions grouped into the four existing markets. It also indicates which regions interconnect with Azure ExpressRoute.

Regions in each market:

Map showing which regions are in each market.

The following table shows the OCI regions grouped into the four existing markets. If you use FastConnect public peering to connect to one of the following OCI regions, and you set route filtering to the market scope, BGP advertises routes from the region to which you are directly connected and also the other regions in the market to your on-premises network.

Links are also provided to lists of Oracle Cloud Infrastructure Classic regional routes that can be advertised over the public virtual circuit.

The Microsoft Logo Microsoft logo() shown on the map indicates regions that allow direct Interconnect for Azure.

Market OCI regions in the market - region keys Oracle Cloud Infrastructure Classic regions in the market
Asia Pacific (APAC)

Australia East (Sydney) - SYD

Australia Southeast (Melbourne) - MEL

India South (Hyderabad) - HYD

India West (Mumbai) - BOM

Japan Central (Osaka) - KIX

Japan East (Tokyo) - NRT

Singapore (Singapore) - SIN

Singapore West (Singapore) - XSP

South Korea Central (Seoul) - ICN

South Korea North (Chuncheon) - YNY

 Sydney-Classic
Europe, Middle East, Africa (EMEA)

France Central (Paris) - CDG

France South (Marseille) - MRS

Germany Central (Frankfurt) - FRA

Israel Central (Jerusalem) - MTZ

Italy Northwest (Milan) - LIN

Netherlands Northwest (Amsterdam) - AMS

Saudi Arabia Central (Riyadh) - RUH

Saudi Arabia West (Jeddah) - JED

South Africa Central (Johannesburg) - JNB

Spain Central (Madrid) - MAD

Sweden Central (Stockholm) - ARN

Switzerland North (Zurich) - ZRH

UAE Central (Abu Dhabi) - AUH

UAE East (Dubai) - DXB

UK South (London) - LHR

UK West (Newport) - CWL

Amsterdam-Classic

Slough-Classic

Serbia

Serbia Central (Jovanovac) - BEG *

North America (NA)

Canada Southeast (Montreal) - YUL

Canada Southeast (Toronto) - YYZ

Mexico Central (Queretaro) - QRO

Mexico Northeast (Monterrey) - MTY

US East (Ashburn) - IAD

US Midwest (Chicago) - ORD

US West (Phoenix) - PHX

US West (San Jose) - SJC

Ashburn-Classic

Chicago-Classic

Latin America Division (LAD)

Brazil East (Sao Paulo) - GRU

Brazil Southeast (Vinhedo) - VCP

Chile Central (Santiago) - SCL

Chile West (Valparaiso) - VAP

Colombia Central (Bogota) - BOG

 Sao Paulo-Classic
* BGP route sharing of routes in other commercial regions to on-premises networks is not available for Serbia Central (Jovanovac).

Oracle Cloud Infrastructure Classic Regional Routes