Hello Oracle Community,
The documentation on the website: https://docs.oracle.com/en-us/iaas/Content/File/Tasks/securitylistsfilestorage.htm indicates that 4 sets of rules must be configured for mount a File Storage (Scenario A):
- Ingress Rules for the Mount Target with configured TCP/UDP destination ports (Necessary Rule)
- Egress Rules for the Mount Target with configured TCP/UDP source ports (Unnecessary Rule)
- Ingress Rules for the Instance with configured TCP/UDP source ports (Unnecessary Rule)
- Egress Rules for the Instance with configured TCP/UDP destination ports (Necessary Rule)
I consider that rules 2. and 3. are unnecessary since the documentation indicates that they are Stateful Rules, to verify this I made a use case (attached) and I verified that it is possible to mount an NFS without adding the mentioned set of rules, I also came across a YouTube video from 6 years ago in which explains the inbound rules to configure from the Mount Target perspective where rules with source ports are not required, the video is the following: https://www.youtube.com/watch?v=oW21K3eg_Qg My question is: Why was it not previously requested to configure Egress Rules with Source Port from the Mount Target perspective? Is it possible that ruleset 2 and 3 are not required?
Greetings from Chile!
1. Ingress Rules for the Mount Target (Necessary Rule)
2. Egress Rules for the Mount Target (Unnecessary Rule?)
3. Ingress Rules for the Instance (Unnecessary Rule?)
4. Egress Rules for the Instance (Necessary Rule)
Stateless vs Stateful.pptx