How to configure a second NIC on OCI

  • Updated on Dec 23, 2025
  • Published on Oct 21, 2025
  • 2 minute(s) read
Prev Next

WHAT TO EXPECT

In this article, users will learn how to configure a second NIC in OCI so it can be used with xNIC or cloudSwXtch

OCI Firewall rules and netplan

The default configuration for a VM created in OCI using the web console usually comes with only one NIC and with the firewall rules blocking xNIC traffic.

Set Firewall iptables rules for OCI

Confirm that your iptables rules for your distro are allowing both xNIC and cloudSwXtch, control and data traffic to flow. The following is a sample iptables config that allows all traffic within a subnet CIDR range to flow.

  1. Using sudo, add the following rules specifying your control and data CIDR ranges to the /etc/iptables/rules.v4 file, just before the -A INPUT -j —reject with icmp-host-prohibited rule.

    -A INPUT -p all -s <your Control Subnet IP Address>/<mask> -j ACCEPT
-A INPUT -p all -s <your Data Subnet IP Address>/<mask> -j ACCEPT

    Users should replace the CIDRs with the correct CIDRs of the working environment, corresponding to the control and data subnets. These numbers can be the same if using a single-subnet configuration for both your VNICs.

  2. Save the file and reboot the instance.

PLEASE NOTE

xNIC Type 1 (using swx0) requires a third, similar rule for its subnet; example:

-A INPUT -p all -s 172.30.0.0/23 -j ACCEPT

Set DCHP in netplan for OCI 2nd NIC on Linux

If the VM needs a second NIC for data-plane, OCI will not automatically configure an IP for the adaptor using DHCP.

In order to configure the IP for the second adapter, users can execute the following instructions.

Prior to executing any instructions, users need to know two parameters assigned by OCI to the secondary NIC:

  • IP Address

  • MAC Address

These values are available in the OCI console. To get them:

  1. Go to the console

  2. Go to Instances

  3. Click on the desired instance

  4. Click the Networking tab

  5. Click the name of the secondary NIC in the Attached VNICs section

  6. Take note of the MAC Address and the Private IP address fields

Now, with that information, follow the instructions based on the OS of the VM.

Debian-based distros

  1. Create a file called 02-datanic-static-config.yaml in the /etc/netplan folder.

    network:
  version: 2

  ethernets:
    ens4:
      match:
        macaddress: "<ADD macaddress of primary of 2nd VNIC>"
      dhcp4: false

      addresses:
       - <ADD Primary IP ADDRESS OF 2ND VNIC>/<XX>

    Where the <XX> is the net mask (or network mask) of ctrl-plane CIDR (in single-subnet configuration). Example:

    network:
  version: 2
  ethernets:
    ens4:
      match:
        macaddress: "02:00:17:31:7E:E8"
      dhcp4: false
      addresses:
        - 10.0.138.84/24

  2. Run the following command to apply the changes:

    sudo netplan apply

RHEL-based distros

  1. Create a file called ifcfg-ens4 in the /etc/sysconfig/network-scripts folder:

    DEVICE=ens4
BOOTPROTO=none
ONBOOT=yes
PREFIX=24
IPADDR=10.0.192.196
MTU=9000

    PLEASE NOTE

    The file owner has to be root:root

  2. Apply changes:

    1. CentOS 7/RHEL7

      sudo systemctl restart network

    2. CentPS 8/RHEL 8/9:

      sudo systemctl restart NetworkManager

Windows

  1. Navigate to Control Panel→Network and Internet→Network and Sharing Center

  2. Select the 2nd NIC to open Properties.

  3. Select Internet Protocol Version 4 (TCP/IPv4)

  4. Enter the IP Address, Subnet Mask, and Default gateway data.