🔗 How to Configure VNet Peering for Azure Data Factory and Oracle Integration
This guide walks you through securely connecting Azure Data Factory (ADF) to an Oracle Virtual Machine hosted in a different Virtual Network. By setting up VNet Peering and configuring a Managed Virtual Network Integration Runtime (IR), you can enable private, secure data transfer.
🧭 Step-by-Step Overview
1. Create or Identify Your VNets
You will need two Virtual Networks:
VNet-Oracle– Where your Oracle VM is locatedVNet-DWH-IR– Where your ADF Managed Integration Runtime will be injected
2. Set Up VNet Peering
🔁 Peering from VNet-Oracle to VNet-DWH-IR
- In the Azure Portal, go to Virtual Networks.
- Select
VNet-Oracle. - Under Settings, choose Peerings > + Add.
- Enter:
- Name: e.g.
OracleToADFIR - Virtual Network: Select
VNet-DWH-IR - Enable traffic forwarding or gateway transit as required.
- Name: e.g.
- Click Add.
🔁 Peering from VNet-DWH-IR to VNet-Oracle
- Repeat the steps from the
VNet-DWH-IRside. - Choose
VNet-Oracleas the remote VNet. - Match any traffic forwarding settings.
- Click Add.
✅ Peering must be bidirectional for full communication.
3. Configure Network Security Groups (NSGs)
Ensure that both VNets permit traffic between each other:
- VNet-Oracle NSG:
Allow inbound traffic from theVNet-DWH-IRsubnet to Oracle DB ports (typically TCP port 1521). - VNet-DWH-IR NSG:
Allow outbound traffic to theVNet-Oraclesubnet on those same ports.
🔐 Firewall Reminder: If your Oracle VM has an OS-level firewall (e.g., iptables), ensure it also allows inbound traffic on the necessary ports.
4. Create the Managed VNet Integration Runtime
- Open Azure Data Factory Studio.
- Go to Manage > Integration Runtimes > + New.
- Select Azure, and enable Managed Virtual Network.
- Under networking, link the IR to
VNet-DWH-IR.
ℹ️ ADF’s Managed VNet uses its own internal subnet. By linking it to
VNet-DWH-IR, it can route traffic across your peered VNets.Requires: Data Factory Contributor
5. Create Linked Service for Oracle Database
- In ADF Studio, go to Manage > Linked Services > + New.
- Choose Oracle or the appropriate connector.
- Configure the connection:
- Server Name: Use the private IP of the Oracle VM, or its FQDN if DNS is set up.
- Authentication: Provide username and password.
- Integration Runtime: Select the Managed VNet IR created earlier and linked to
VNet-DWH-IR.
6. Configure DNS (If Required)
If you’re using a fully qualified domain name (FQDN) instead of an IP:
- Ensure DNS resolution is possible across peered VNets.
- Use an Azure Private DNS Zone to register your Oracle VM’s name.
- Optionally, set up DNS forwarding to route requests between VNets or to on-premises DNS if needed.
7. Test and Validate
- Use the Test Connection button in the Linked Service.
- Confirm that the Integration Runtime in
VNet-DWH-IRcan reach the Oracle VM inVNet-Oracle.
🧪 If issues arise, consider deploying a temporary test VM in
VNet-DWH-IRto manually verify connectivity.
🛠 Build the Pipeline
- Create the Source Dataset for Oracle.
- Create the Sink Dataset (e.g. Azure Data Lake or Table Storage).
- Set up a Copy Activity Pipeline to extract data from Oracle and load it into your Azure service.
🔒 Monitor & Secure the Integration
- Azure Network Watcher: Use to monitor network traffic and packet flow.
- NSG Flow Logs: Enable diagnostic settings for logging.
- Azure Monitor Alerts: Set up alerts to detect unusual traffic or failed pipeline runs.
✅ Summary
By setting up VNet Peering, configuring NSGs, optionally managing DNS, and using a Managed Integration Runtime connected to VNet-DWH-IR, you can:
- Enable secure, private connectivity between ADF and Oracle
- Avoid exposure to the public internet
- Maintain compliance with your internal network architecture
📌 Need help with troubleshooting this setup? Contact the Data Engineering team or log a ticket via the Service Desk.