Traffic Management in Oracle Cloud Infrastructure

by Harish KM

What is OCI Traffic Management?

  • A service to guide traffic to endpoints based on conditions like:
    • Endpoint health.
    • Geographic origin of DNS request.
  • Configure policies to serve intelligent responses to DNS queries.
  • Capabilities:
    • Failover based on endpoint health.
    • Load balance across resources.
    • Steer traffic to physically closest endpoint.

Components of OCI Traffic Management

  • Steering Policy: Intelligent rules to control responses to DNS queries.
  • Attachment:
    • Links steering policy to zone.
    • Max 1 attachment per DNS record type.
    • Attachment overrides DNS records, e.g., if DNS A record points domain to IP 1.2.3.4 & attached steering policy points domain to IP 2.3.4.5, policy wins.
  • Rule:
    • Contained inside steering policy.
    • Filters DNS responses based on properties of DNS request.
  • Answer: The DNS response.
  • Template:
    • Predefined rule sequence for a policy type & its intended behavior.
    • eg FAILOVER template checks FILTER, HEALTH, PRIORITY & LIMIT rules.
  • Case (like switch case):
    • Optionally included in rules.
    • Case = Condition + Action
    • Condition behavior:
      • Case with no caseCondition always matches.
      • Case with caseCondition matches when expression evaluates to true.
    • Rule behavior:
      • Rule with no cases is always evaluated with same config.
      • Rule with empty sequence of cases is always ignored.
      • Rule with cases behaves according to first matching case in sequence.

Limits of OCI Traffic Management

  • 100 policies per tenant.
  • 1K attachments per tenant.

Types of Steering Policies in OCI Traffic Management

  • Failover:
    • Uses Health Checks service to determine endpoint health.
    • If primary endpoint is unhealthy, fails over to secondary endpoint.
  • Load Balancer:
    • Distributes traffic across multiple endpoints.
    • Assign weights to endpoints to control distribution.
      • Assign equal weights to distribute traffic evenly.
      • Unequal Weights = Ratio Load Balancing
      • e.g. if endpoint A has weight 1 & endpoint B has weight 2, one-third of incoming traffic is sent to A & two-thirds to B.
    • Health checks monitor endpoint health.
      • If an endpoint is unhealthy, traffic goes to others.
  • Geolocation:
    • Direct traffic based on location of end user.
    • You can define geographic regions & endpoint(s) for each region.
    • Geographic regions are composed of originating continent, countries & states/provinces (North America).
  • ASN: Steer based on Autonomous System Numbers.
  • IP Prefix: Steer based on IP prefix of caller.

Traffic Steering Scenarios in OCI Traffic Management

  • Failover: Automate failover between primary & secondary servers.
  • Cloud Migration: Use weighted load balancing to gradually migrate traffic from data center to OCI.
  • Load Balancing for Scale: Distribute traffic across (health checked) server pools.
  • Hybrid Environments: Distribute traffic across OCI, data center, other clouds (AWS, Azure, GCP) & public resources on the internet.
  • Worldwide Geolocation:
    • Divide global users into geographic regions & steer them to specific resources.
    • Supports “ring fencing” e.g. keep traffic from China in China & block traffic from outside China into China.
  • Canary Testing: Determine internal users using IP prefix & serve them differently than external users.
  • Zero-Rating Services: Determine originating enterprise, mobile operator, etc using ASN & serve them according to commercial agreements you may have.