Permitting Ping Requests to Oracle Cloud Infrastructure Compute Classic Instances


Options



Before You Begin

Purpose

This tutorial shows you how to allow ping requests from a particular host outside Oracle Cloud to a set of Compute Classic instances.

Time to Complete

10 minutes

Background

When you create Compute Classic instances, ping requests to the instances are not permitted by default. To allow ping requests, you must configure your Compute Classic instance to permit pings.

What Do You Need?

To perform the steps in this tutorial, you must be a service user with the Compute_Operations role. If you don't have this role, ask your service administrator to assign the role to you in Oracle Cloud My Services.

Creating a Security IP List

To allow ping requests from a host outside Oracle Cloud to your Compute Classic instances, store that external host's IP address in a security IP list in Compute Classic.

  1. Sign in to Oracle Cloud My Services and go to the Compute Classic console.
  2. Click the Network tab.
  3. On the Network page, click the Security IP Lists tab in the left pane.
  4. On the Security IP Lists page, click Create Security IP List.
  5. In the Create Security IP List dialog box, do the following:
    • Name: Enter a name for the new security IP list (for example, admin_host). Note this name. You'll use it later in this tutorial.
    • IP List: Enter the IP address of the host from which you want to allow ping requests.
    • Description: Enter a description for the new security IP list (for example, Admin host).

    Create Security IP List dialog box

  6. Click Create.

Next, create a security list to group the Compute Classic instances for which you want to permit ping requests.

Creating a Security List

A security list is a group of Compute Classic instances.

To open a port or protocol for specific instances, you must first group those instances in a security list.

  1. Click the Security Lists tab in the left pane.
  2. Click Create Security List.
  3. In the Create Security List dialog box, do the following:
    • Name: Enter a name for the new security list (for example, ping_seclist). Note this name. You'll use it later in this tutorial.
    • Leave the Inbound Policy and Outbound Policy fields at the default values.
    • Description: Enter a description for the new security list (for example, Pingable VMs).

    Create Security List dialog box

  4. Click Create.

Next, add your Compute Classic instances to the security list that you just created.

Adding Instances to the Security List

  1. Click the Instances tab.
  2. From the list of instances displayed, identify the first instance that you want to add to a security list. From the Menu icon menu, select View.
  3. On the instance details page, click Add to Security List.

    The Add to Security List dialog box is displayed.

  4. Select the security list that you created earlier.

    5. Add to Security List dialog box

  5. Click Attach.
  6. Repeat this procedure for the other Compute Classic instances for which you want to permit ping requests.

At this point, all the instances for which you want to permit ping requests have been grouped in the ping_seclist security list.

Next, create a security rule to permit ping requests from the external host to your Compute Classic instances.

Creating a Security Rule

  1. Click the Network tab.
  2. Click Create Security Rule, and do the following:
    • Name: Enter a name for the rule (for example, allow_p2vm_pings).
    • Status: Select Enabled.
    • Security Application: Select the pings security application.
    • Source: From the Security IP Lists drop-down list, select admin_host, which is the security IP list you created earlier in this tutorial.
    • Destination: Select the ping_seclist security list, to which you added your Compute Classic instances earlier in this tutorial.
    • Description: Enter a description for the rule (for example, Allow pings to VMs from a specific host).

    Create Security Rule

  3. Click Create.

You can now ping all the Compute Classic instances in the ping_seclist security list from the host you defined in the admin_host security IP list.

At any time, you can temporarily suspend security rules by disabling them. You can also delete security rules that you no longer need.

Disabling and Deleting Security Rules

Disabling a Security Rule

  1. Sign in to Oracle Cloud My Services and go to the Compute Classic console.
  2. Click the Network tab.
  3. Identify the security rule that you want to disable.
  4. From the Actions menu, select Update.
  5. In the resulting dialog box, change Status to Disabled.
  6. Click Update.

Deleting a Security Rule

  1. Sign in to Oracle Cloud My Services and navigate to the Compute Classic console.
  2. Click the Network tab.
  3. Identify the security rule that you want to delete.
  4. From the Actions menu, select Delete.
  5. At the confirmation prompt, click Yes.

Want to Learn More?

Credits

  • Lead Curriculum Developer: Kumar Dhanagopal

  • Other Contributors: Eshwar Narayan, Anamika Mukherjee