Technical Architecture
1. Local VCN Peering (LPGs):
-
Uses Local Peering Gateways to connect two VCNs within the same region - Think of two playgrounds in the same neighborhood
-
Traffic stays inside Oracle’s regional backbone, not traversing the internet.
-
Routes must be configured in each VCN’s route table to send traffic through its LPG.
-
Security rules and Network Security Groups (NSGs) apply to control access.
Example Use Cases:
-
A “hub-and-spoke” network model within one region.
-
Centralized network services (DNS, NAT, firewalls) accessed by other VCNs.
Key Points:
-
Cannot connect VCNs in different regions.
-
Simple, cost-effective, and low-latency.
-
Each LPG can peer with one VCN at a time (one-to-one).
2. Remote VCN Peering:
-
Uses Remote Peering Gateways (RPGs) to connect VCNs across regions - two playgrounds in different cities
-
Communication occurs via OCI’s private backbone, not over the public internet.
-
You set up an RPG in each VCN and establish a remote peering connection between them.
Example Use Cases:
-
Multi-region deployments for disaster recovery.
-
Cross-region data replication or centralized monitoring.
Key Points:
-
Traffic remains private (never goes over the public internet).
-
Slightly higher latency than local peering (due to inter-region distance).
-
Each RPG can peer with only one other RPG.
| Feature | Local VCN Peering (LPG) | Remote VCN Peering |
|---|---|---|
| Purpose | Connect VCNs within the same region | Connect VCNs across regions |
| Connection Type | Via Local Peering Gateways (LPGs) | Via Remote Peering Gateways (RPGs) |
| Latency | Lower latency (same-region routing) | Higher latency (cross-region routing) |
| Bandwidth | Uses regional network — typically higher | Limited by inter-region connectivity |
| Use Case | For multi-VCN architectures in a single region (e.g., shared services, segmentation) | For multi-region architectures (e.g., DR, cross-region data access) |
| Aspect | Local Peering | Remote Peering |
|---|---|---|
| Security Lists/NSGs | Required for traffic control between VCNs | Required for traffic control between VCNs |
| Route Tables | Must add route to LPG | Must add route to RPG |
| Policies (IAM) | Required if peering VCNs in different compartments | Required if VCNs are in different tenancies or compartments |
| Criteria | Local Peering (LPG) | Remote Peering (RPG) |
|---|---|---|
| Regions | Same | Different |
| Gateway Type | Local Peering Gateway (LPG) | Remote Peering Gateway (RPG) |
| Traffic Path | Regional backbone | OCI inter-region backbone |
| Performance | High (low latency) | Moderate (depends on distance) |
| Cost | No egress cost within region | Inter-region data transfer charges may apply |
| Setup Complexity | Simple | Slightly more complex |
| Common Use Case | Hub-and-spoke within region | Multi-region DR or replication |
