Cross-Cloud Networking — Oracle ↔ Azure ↔ Homelab¶
Full multi-cloud connectivity mesh via WireGuard.
Full Architecture¶
Homelab (192.168.20.0/24)
│
[WireGuard on host01] ── 10.8.0.2 ─────────────────────────┐
│ │
│ [oci-vm01 / Oracle - Toronto]
[vm-relay01 / Azure - East US 2] 10.8.0.3 / 10.2.0.0/16
10.8.0.1 / 10.1.0.0/16
│ │
└────────────── WireGuard mesh (10.8.0.0/24) ──────────┘
WireGuard Peer Table¶
| Peer | WG IP | LAN | Region | Endpoint |
|---|---|---|---|---|
| host01 (Homelab) | 10.8.0.2/24 | 192.168.20.0/24 | — | Dynamic (behind NAT) |
| vm-relay01 (Azure) | 10.8.0.1/24 | 10.1.0.0/16 | East US 2 | <azure-pip>:51820 |
| oci-vm01 (Oracle) | 10.8.0.3/24 | 10.2.0.0/16 | Toronto (ca-toronto-1) | <oci-pip>:51820 |
OCI VM WireGuard Config¶
[Interface]
PrivateKey = <oci-private-key>
Address = 10.8.0.3/24
ListenPort = 51820
PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
[Peer]
# Azure relay
PublicKey = <azure-public-key>
Endpoint = <azure-pip>:51820
AllowedIPs = 10.8.0.1/32, 10.1.0.0/16
PersistentKeepalive = 25
[Peer]
# Homelab host01
PublicKey = <homelab-public-key>
AllowedIPs = 10.8.0.2/32, 192.168.20.0/24
PersistentKeepalive = 25
Routing Notes¶
- Enable IP forwarding on all peers:
sudo sysctl -w net.ipv4.ip_forward=1 - Make permanent in
/etc/sysctl.conf:net.ipv4.ip_forward = 1 - Azure VM acts as the hub — it has a static public IP