Does this tool connect to my OCI account?

No. This tool runs entirely in your browser and generates configuration JSON that you can copy and paste into your infrastructure-as-code templates, CLI commands, or cloud console. It never connects to any cloud account or sends data externally.

Are the generated configurations production-ready?

The tool produces syntactically valid configurations based on current OCI service specifications. Always review generated configs against your organization security policies and test in a non-production environment before deploying.

OCI VTAP Config Builder

NetworkingOCI

Build VTAP packet mirroring configurations with capture filters for network traffic analysis.

Last verified: May 2026

OCI Virtual Test Access Point Configuration

Build VTAP packet mirroring configurations with capture filters for network traffic analysis and IDS.

Required Fields

compartmentIdvcnIddisplayNamesourceIdsourceTypetargetIdtargetType

{
  "compartmentId": "ocid1.compartment.oc1..aaaaaaaexample",
  "vcnId": "ocid1.vcn.oc1.iad.aaaaaaaexample",
  "displayName": "prod-packet-mirror-vtap",
  "description": "VTAP for mirroring production web-tier traffic to IDS appliance",
  "sourceId": "ocid1.vnic.oc1.iad.aaaaaaaexample-source",
  "sourceType": "VNIC",
  "targetId": "ocid1.networklb.oc1.iad.aaaaaaaexample-ids",
  "targetType": "NETWORK_LOAD_BALANCER",
  "targetIp": "10.0.5.50",
  "captureFilterId": "ocid1.capturefilter.oc1.iad.aaaaaaaexample",
  "captureFilter": {
    "displayName": "web-traffic-capture-filter",
    "filterType": "VTAP",
    "vtapCaptureFilterRules": [
      {
        "trafficDirection": "INGRESS",
        "ruleAction": "INCLUDE",
        "protocol": "6",
        "sourceCidr": "0.0.0.0/0",
        "destinationCidr": "10.0.1.0/24",
        "tcpOptions": {
          "destinationPortRange": {
            "min": 443,
            "max": 443
          }
        }
      },
      {
        "trafficDirection": "EGRESS",
        "ruleAction": "INCLUDE",
        "protocol": "6",
        "sourceCidr": "10.0.1.0/24",
        "destinationCidr": "0.0.0.0/0"
      },
      {
        "trafficDirection": "INGRESS",
        "ruleAction": "EXCLUDE",
        "protocol": "17",
        "sourceCidr": "10.0.0.2/32",
        "udpOptions": {
          "destinationPortRange": {
            "min": 53,
            "max": 53
          }
        }
      }
    ]
  },
  "encapsulationProtocol": "VXLAN",
  "vxlanNetworkIdentifier": 12345,
  "maxPacketSize": 9000,
  "isVtapEnabled": true,
  "trafficMode": "DEFAULT",
  "freeformTags": {
    "purpose": "network-forensics",
    "team": "security"
  }
}

Generated Output

Output will appear here...

About This Tool

Build VTAP packet mirroring configurations with capture filters for network traffic analysis. This tool helps OCI engineers generate valid configurations quickly without consulting documentation, reducing errors and accelerating infrastructure deployment. All processing runs in your browser with no data sent to external servers.

Real-World Scenario

Your team's production app is intermittently dropping connections — issue not reproducible in staging. The builder generates a temporary VTAP: source = the affected production VM, target = a Wireshark analysis VM in a separate subnet, capture filter narrowing to TCP traffic on the affected port. Within an hour of investigation, the team identifies the issue: a downstream service is sending TCP RST packets due to misconfigured idle timeout. Without VTAP, this would have required deploying tcpdump on the production VM (security risk + performance impact). With VTAP, traffic mirroring is invisible to the production workload.

When to Use This Tool

•Generating oci vtap configurations for new infrastructure deployments.
•Validating existing configurations against best practices before applying changes.
•Learning OCI service configuration patterns through interactive examples.
•Accelerating infrastructure-as-code development by producing correct JSON/YAML starting points.

Pro Tips

TIP

VTAP (Virtual Test Access Point) mirrors network traffic to a target without affecting the original flow — invaluable for security forensics, IDS/IPS deployment, and troubleshooting hard-to-reproduce network issues. The original traffic continues normally; the mirror is a copy for analysis.

TIP

VTAP capture filters dramatically reduce mirror volume. Without filters, you'd capture ALL traffic from the source — overwhelming both bandwidth and analysis tools. Filter by protocol, source/destination CIDR, or port range to capture only traffic relevant to your investigation.

TIP

VTAP targets can be Network Load Balancer or specific instances. For long-running monitoring (IDS/IPS deployment), target an NLB pool of analysis VMs for redundancy and load distribution. For short-term troubleshooting, target a single instance to keep cost minimal.

How It Works Under the Hood

The builder constructs OCI VTAP configurations: VTAP resource (compartment, VCN, source resource OCID — the resource whose traffic to mirror, target type: NetworkLoadBalancer/Instance, target OCID, capture filter selecting which traffic to mirror by protocol/source/dest/ports, traffic mode: DEFAULT or PRIORITY, max packet size). Output is generated as oci network vtap commands and Terraform oci_core_vtap + oci_core_capture_filter resources.

Frequently Asked Questions

Does this tool connect to my OCI account?: No. This tool runs entirely in your browser and generates configuration JSON that you can copy and paste into your infrastructure-as-code templates, CLI commands, or cloud console. It never connects to any cloud account or sends data externally.
Are the generated configurations production-ready?: The tool produces syntactically valid configurations based on current OCI service specifications. Always review generated configs against your organization security policies and test in a non-production environment before deploying.

Related Learning Guides

OCI VCN Networking Deep Dive25 min read
OCI DNS & Traffic Management22 min read

Was this tool helpful?

Disclaimer: This tool runs entirely in your browser. No data is sent to our servers. Always verify outputs before using them in production. AWS, Azure, and GCP are trademarks of their respective owners.