--- title: "How to configure a second NIC on OCI" slug: "how-to-configure-a-second-nic-on-oci" updated: 2025-12-23T14:59:08Z published: 2025-12-23T14:59:08Z canonical: "docs.swxtch.io/how-to-configure-a-second-nic-on-oci" stale: true --- > ## Documentation Index > Fetch the complete documentation index at: https://docs.swxtch.io/llms.txt > Use this file to discover all available pages before exploring further. # How to configure a second NIC on OCI **WHAT TO EXPECT** **In this article**, users will learn how to configure a second NIC in OCI so it can be used with xNIC or cloudSwXtch ## OCI Firewall rules and netplan The default configuration for a VM created in OCI using the web console usually comes with only one NIC and with the firewall rules blocking xNIC traffic. ### Set Firewall `iptables` rules for OCI Confirm that your `iptables` rules for your distro are allowing both xNIC and cloudSwXtch, control and data traffic to flow. The following is a sample `iptables` config that allows all traffic within a subnet CIDR range to flow. 1. Using `sudo`, add the following rules specifying your control and data CIDR ranges to the `/etc/iptables/rules.v4` file, just before the `-A INPUT -j —reject` with icmp-host-prohibited rule. ```pf -A INPUT -p all -s / -j ACCEPT -A INPUT -p all -s / -j ACCEPT ``` Users should replace the CIDRs with the correct CIDRs of the working environment, corresponding to the control and data subnets. These numbers can be the same if using a single-subnet configuration for both your VNICs. 2. Save the file and reboot the instance. > [!NOTE] > **PLEASE NOTE** > > xNIC Type 1 (using swx0) requires a third, similar rule for its subnet; example: > > ```pf > -A INPUT -p all -s 172.30.0.0/23 -j ACCEPT > ``` ### Set DCHP in netplan for OCI 2nd NIC on Linux If the VM needs a second NIC for data-plane, OCI will not automatically configure an IP for the adaptor using DHCP. In order to configure the IP for the second adapter, users can execute the following instructions. Prior to executing any instructions, users need to know two parameters assigned by OCI to the secondary NIC: - IP Address - MAC Address These values are available in the OCI console. To get them: 1. Go to the console 2. Go to Instances 3. Click on the desired instance 4. Click the Networking tab 5. Click the name of the secondary NIC in the Attached VNICs section 6. Take note of the MAC Address and the Private IP address fields ![](https://cdn.document360.io/84c5db44-f675-4f33-a980-5d3fc63073ca/Images/Documentation/how-to-oci-2nd-NIC-data.png) Now, with that information, follow the instructions based on the OS of the VM. #### Debian-based distros 1. Create a file called `02-datanic-static-config.yaml` in the `/etc/netplan` folder. ```yaml network:  version: 2  ethernets:    ens4:      match:        macaddress: ""      dhcp4: false      addresses:       - / ``` Where the is the net mask (or network mask) of ctrl-plane CIDR (in single-subnet configuration). Example: ```yaml network:  version: 2  ethernets:    ens4:      match:        macaddress: "02:00:17:31:7E:E8"      dhcp4: false      addresses:        - 10.0.138.84/24 ``` 2. Run the following command to apply the changes: ```shell sudo netplan apply ``` #### RHEL-based distros 1. Create a file called `ifcfg-ens4` in the `/etc/sysconfig/network-scripts` folder: ```shell DEVICE=ens4 BOOTPROTO=none ONBOOT=yes PREFIX=24 IPADDR=10.0.192.196 MTU=9000 ``` > [!WARNING] > **PLEASE NOTE** > > The file owner has to be root:root 2. Apply changes: 1. CentOS 7/RHEL7 ```shell sudo systemctl restart network ``` 2. CentPS 8/RHEL 8/9: ```shell sudo systemctl restart NetworkManager ``` #### Windows 1. Navigate to Control Panel→Network and Internet→Network and Sharing Center 2. Select the 2nd NIC to open Properties. 3. Select Internet Protocol Version 4 (TCP/IPv4) 4. Enter the IP Address, Subnet Mask, and Default gateway data. ![](https://cdn.document360.io/84c5db44-f675-4f33-a980-5d3fc63073ca/Images/Documentation/OCI%20-%20Windows%202nd%20NIC%20-%20Add%20ip%20mask%20and%20gateway.png)