1. Introduction
The Dynamic Routing Gateway (DRG) is the heart of hybrid networking in OCI.
If you're connecting an on-prem network, another cloud provider, or multiple VCNs — the DRG is the router that ties it all together.
In this guide, I’ll show you exactly how to set it up, test it, and validate routing end-to-end.
2. What Problem This Solves
Without the DRG:
❌ On-prem cannot reach OCI
❌ Site-to-site VPN won’t work
❌ FastConnect can’t attach
❌ Cross-VCN routing becomes messy
❌ VCN peering becomes inconsistent
With a DRG:
✅ Centralized routing
✅ Multiple VCN attachments
✅ VPN or FastConnect integration
✅ Inspection and monitoring
Let's build it properly.
3. Step-by-Step Guide
Step 1 — Create DRG
OCI Console → Networking → Dynamic Routing Gateways → Create DRG
CLI:
Step 2 — Attach VCN to DRG
Console → DRG → Attachments → Create Attachment
CLI:
Step 3 — Create and Configure Route Tables
VCN → Route Tables → Create New Route Table
Add rule:
CLI:
Step 4 — Configure IPSec VPN (Optional)
Create Customer-Premise Equipment (CPE):
Create IPSec tunnel:
Step 5 — Validate Routing with Traceroute
From on-prem:
From OCI compute:
4. Architecture Diagram
(Generated in next message)
Placeholder:
5. Best Practices
-
Use separate DRG route tables for each VCN attachment
-
Avoid overlapping CIDRs
-
Use HA VPN (tunnel 1 + tunnel 2)
-
Consider FastConnect for production
-
Enable logging on the DRG
-
Use Network Path Analyzer for troubleshooting
6. Troubleshooting
| Issue | Cause | Fix |
|---|---|---|
| Ping not working | ICMP blocked | Enable ICMP in NSG |
| VPN down | Phase 1 mismatch | Adjust IKE settings |
| Route unreachable | Wrong RT target | Point to DRG attachment |
| Slow performance | MTU mismatch | Adjust MTU to 1500/1400 |
7. Summary
The DRG allows you to build reliable hybrid networks in OCI.
With the configuration above, you can connect multiple VCNs and even full on-prem infrastructure using VPN or FastConnect.
👉 Download the free guide: “7 OCI Networking Mistakes to Avoid”
https://dmcloudarchitect.com/c/7_oci_mistakes_to_avoid.html