Views:

Set up your VCN networks to enable traffic mirroring to your Virtual Network Sensor data port.

Procedure

  1. Go to https://www.oracle.com/cloud/sign-in.html and sign in to Oracle Cloud Infrastructure.
  2. Create a network load balancer for sending mirrored traffic to the Virtual Network Sensor.
    Due to current Oracle Cloud Infrastructure restrictions, mirrored traffic can only be sent from a network load balancer to the Virtual Network Sensor. For details, see VTAP sources and targets.
    1. Click the navigation menu icon (OracleOCI_navigation_menu=20250922030811.png) on the top left and go to NetworkingNetwork load balancer.
    2. Click Create network load balancer.
    3. Specify a name for the network load balancer.
    4. Select a compartment.
      For simplicity and ease of management, keep the network load balancer in the same compartment as the Virtual Network Sensor instance.
    5. Select Private for the visibility type.
    6. Under Header preservation, enable Source/destination header (IP, port) preservation (network load balancer).
    7. Turn on Enable symmetric hashing.
    8. Under Choose networking, select the virtual cloud network as well as the compartment where the network load balancer resides.
      For simplicity and ease of management, keep the network load balancer in the same compartment and virtual cloud network as the Virtual Network Sensor instance.
    9. Select the subnet as well as the compartment where the network load balancer resides.
      Select the subnet used by the Virtual Network Sensor management port.
    10. Enable Use network security groups to control traffic and select the compartment and network security group for the Virtual Network Sensor data port.
    11. Add security attributes and tags as needed and click Next.
    12. Specify a name for your listener.
    13. Select UDP/TCP/ICMP for the type of traffic your listener handles and click Next.
    14. Add backends for the network load balancer.
      1. Specify a name for the backend set.
      2. Click Add backends.
      3. Select Compute instances for the backend type.
      4. Select the compartment where your Virtual Network Sensor instance resides and select the Virtual Network Sensor instance.
      5. Specify the IP address of the Virtual Network Sensor instance.
        The IP address is the one you recorded in step 19.
      6. Click Add backends.
    15. Under Specify health check policy, select TCP for the protocol and specify 14789 for the port.
    16. Enable Fail open.
    17. Click Next, review the settings, and click Create network load balancer.
      When the creation is complete, the network load balancer details screen is displayed.
      Note
      Note
      Currently, the Virtual Network Sensor instance does not answer the health checks from the network load balancer, which causes the backend set status to appear as Critical. This status can be safely ignored, as the network load balancer can still move traffic to the Virtual Network Sensor for monitoring, provided that Fail open is enabled.
    18. Record the IP Address on the Details tab.
  3. Create a Virtual Test Access Point (VTAP) for mirroring traffic to the network load balancer.
    1. Click the navigation menu icon (OracleOCI_navigation_menu=20250922030811.png) on the top left and go to NetworkingVTAPs.
    2. Click Create VTAP.
    3. Specify a name for your VTAP.
    4. Select a compartment.
      For simplicity and ease of management, keep the VTAP in the same compartment as the Virtual Network Sensor instance.
    5. Select the VCN where the Virtual Network Sensor instance resides.
    6. In the Source section, select your traffic mirroring source.
    7. In the Target section, select the subnet and the network load balancer created in step 2 as your traffic mirroring target.
    8. Click Select a capture filter and select Create new capture filter.
    9. Specify a name for your capture filter.
    10. Select a compartment.
      For simplicity and ease of management, keep the capture filter in the same compartment as the Virtual Network Sensor instance.
    11. Create a rule for inbound traffic.
      • Traffic direction: Ingress
      • Include/Exclude: Include
      • Source IPv4 CIDR or IPv6 prefix: 0.0.0.0/0
      • Destination IPv4 CIDR or IPv6 prefix: 0.0.0.0/0
      • IP protocol: All
    12. Click +Another rule and create a rule for outbound traffic.
      • Traffic direction: Egress
      • Include/Exclude: Include
      • Source IPv4 CIDR or IPv6 prefix: 0.0.0.0/0
      • Destination IPv4 CIDR or IPv6 prefix: 0.0.0.0/0
      • IP protocol: All
    13. Click Create capture filter.
    14. Click Create VTAP.
      The VTAP details screen is displayed.
    15. Click Start to start the VTAP.
  4. Configure the Virtual Network Sensor to accept health check traffic from your network load balancer.
    1. Click the navigation menu icon (OracleOCI_navigation_menu=20250922030811.png) on the top left and go to NetworkingVirtual cloud networks.
    2. Click the VCN where you have deployed the Virtual Network Sensor instance.
    3. On the details page, perform one of the following actions depending on the option that you see:
      • On the Security tab, go to the Network Security Groups section.
      • Under Resources, select Network Security Groups.
    4. Click the network security group you created for the Virtual Network Sensor management port.
    5. Click the Security rules tab and then click Add Rules to add a rule for accepting traffic from the network load balancer:
      Direction
      Source Type
      Source CIDR
      IP Protocols
      Source Port Range
      Destination Port Range
      Purpose
      Ingress
      CIDR
      Specify the IP address in CIDR notation of your NLB. The IP address is recorded in step 18.
      TCP
      All
      14789
      For answering NLB health check