OCI-Azure interconnect using Equinix's FCR

Introduction
In today’s multi-cloud environments, organizations are continuously looking for different ways of seamless connectivity from OCI to other cloud providers. One common way of achieving this is by leveraging partner connectivity. 

This is the third part of our interconnect using Equinix FCR series, following our previous blog on connecting OCI to AWS and OCI to GCP Here, we’ll walk you through the process of interconnecting OCI with Azure using Equinix Fabric Cloud Router (FCR).

Architecture
To guide you through the setup, we’ll reference the architecture diagram below, illustrating the steps required to connect OCI to Azure using Equinix FCR.

Pre-requisites 
In this blog, we will configure Equinix FCR to establish an interconnection between OCI and Azure. To achieve this, you must have the following OCI and Azure resources deployed and configured, as shown in the architecture diagram above.

OCI Resources
             •    VCN and Private subnet in Ashburn region.
             •    DRG in Ashburn and VCN attachment.
             •    VM in private subnet with appropriate routing and security list configurations to enable access to Azure's 10.2.0.0/16 network.

•    Create a FastConnect connection to Equinix and keep the OCID readily available.

Azure Resources
          •    VNET in US East region with 10.2.0.0/16 CIDR
          •    Subnets:
               o    Server subnet: 10.2.2.0/24
               o    Gateway subnet: 10.2.1.0/28
         •    VM in private subnet with appropriate routing and NSG rules to enable access to OCI's 10.1.0.0/16 network
         •    ExpressRoute virtual network gateways in the Gateway subnet within VNET 10.2.0.0/16.

Step 1: Setup Equinix Fabric Connect Router (FCR)

Create Fabric cloud router in Equinix portal.
 

Step 2: Create connections to OCI and Azure.

Quick Connect to OCI

• Select the Connection Type (Redundant or Primary).
• Enter the OCID information.
• From the Oracle Cloud Destination drop-down list, select the region where your FastConnect circuit and Fabric Cloud Router are located.

From the Origin Asset Type drop-down list, select Cloud Router and choose the FCR you created in the previous step.

Provide the connection name and select the desired bandwidth.

Click on Configure Routing Details, update the BGP details, and then click Next.

Quick connect to Azure 

• To configure the connection in Equinix, you need the Service Key from Azure.
• Log in to the Azure portal and navigate to the Networking section.
• Create an ExpressRoute circuit:
  • In the Azure portal, search for ExpressRoute in the search bar.
  • Select ExpressRoute Circuits from the results.
  • Click Create under ExpressRoute Circuits.
  • Select your subscription, enter or create a resource group, and enter a name for your ExpressRoute. 

Select Oracle Cloud FastConnect as the service provider and select your peering location.

Select the bandwidth.

Select Review + create to create your ExpressRoute.

After creating the ExpressRoute circuit, retrieve the Service Key.

This Service Key will be used when configuring the connection from Equinix to Azure.

Create connection to Azure

• Navigate back to the Equinix portal to create the connection to Azure.
• Select the Connection Type (Redundant, Primary, or Secondary).
• Enter the Service Key copied from Azure.

Configure your connection

After successful deployment we will see the connection created.

Configure Private Peering from Azure to Equinix

•   Use Equinix ASN 13531 as the peer ASN.

•  Click Create Peering to initiate the setup. The peering will be provisioned and ready for use.

Create Connection between Virtual network gateway and Expressroute circuit.

•  Now let’s go back to Equinix portal and verify the connection status.  The circuit and BGP status should now show as Provisioned.

Step 4: Verify the route tables

 Verify the route tables in the Azure portal to confirm the presence of 10.1.0.0/16 (OCI VCN address space) and in the OCI console to confirm 10.2.0.0/16 (Azure VNet address space).

Step 5: Test end-to-end connectivity

With subnet-level routing, security lists, and firewall rules correctly configured in OCI and Azure, bidirectional ping should be successful.

OCI to Azure

Azure to OCI

Conclusion

In this blog, we demonstrated how to establish a seamless interconnection between OCI and Azure using Equinix Fabric Cloud Router. This approach provides a reliable and scalable solution for multi-cloud connectivity.

Oracle offers multiple options for multi-cloud interconnectivity, each designed to meet different use cases. To explore more solutions, check out Oracle LiveLabs.

Reference links.

OCI-GCP interconnect - https://www.ateam-oracle.com/post/ocigcp-interconnect-using-equinixs-fcr

OCI-AWS interconnect - https://blogs.oracle.com/ateam/post/ociaws-interconnect-using-equinix-fcr

Equinix FCR - https://docs.equinix.com/en-us/Content/Interconnection/FCR/FCR-intro.html

Oracle livelabs - https://apexapps.oracle.com/pls/apex/r/dbpm/livelabs/run-workshop?p210_wid=3759&p210_wec=&session=101787246919008