We'd love to hear from you! Provide  feedback  to earn a badge today. Take our quick survey
You're almost there! Please answer a few more questions for access to the Applications content. Complete registration
Interested in joining? Complete your registration by providing Areas of Interest here. Register

Why do I need an additional ICMP type 8 as part of Egress Rules for private subnet

Accepted answer
13
Views
3
Comments
edited Aug 19, 2020 10:01AM in Oracle Cloud Infrastructure - General 3 comments

Summary

Why do I need an additional ICMP type 8 as part of Egress Rules for private subnet when I already have Ingress Rule which is stateful

Content

Hello Experts,

I have been troubleshooting this issue for a while -

1. A VCN is created with 2 subnets, private and public.

2. Private subnet is attached with nat gateway. A custom route table is created with no additional route rules.

3. Custom security list created with ingress rule as follow -

  • Stateless: No (all rules must be stateful)
  • Source Type: CIDR
  • Source CIDR: Your VCN's CIDR
  • IP Protocol: ICMP
  • Type: 8
  • Code: All

4. Created 1 compute instance and 1 db system in private subnet, however they are only pingable when adding Egress rule as follows -

Howdy, Stranger!

Log In

To view full details, sign in.

Register

Don't have an account? Click here to get started!