How is Exadata Secure RDMA Fabric isolation used in X9M-2 with virtualization enabled?

Exadata Secure RDMA Fabric isolation is a feature that allows you to use virtualization on the X9M-2 platform while maintaining security and isolation between multiple tenants or VM clusters. Secure Fabric isolation works by creating a dedicated network partition and VLAN ID for each Database VM cluster, which is used for cluster networking between the database servers in the VM Cluster. This ensures that the network traffic of each VM cluster is isolated from the others, and it prevents unauthorized access to the data or resources of other VM clusters. Secure Fabric isolation can also be used for other purposes such as client networking, Data Guard traffic, but it's mainly used to provide security and isolation between multiple tenants or VM clusters.

According to Oracle’s documentation1, Exadata Secure RDMA Fabric Isolation is a feature that enables strict network isolation for Oracle Real Application Clusters (Oracle RAC) clusters on Exadata Database Machine systems that use RDMA over Converged Ethernet (RoCE). Exadata Secure RDMA Fabric Isolation uses RoCE VLANs to ensure that network packets from one VM cluster cannot be seen by another VM cluster. VLAN tag enforcement is done at the KVM host level, which means that security cannot be bypassed by any software exploits or misconfiguration on the database server VMs1.

Therefore, the statement that is true about how Exadata Secure RDMA Fabric isolation is used in X9M-2 with virtualization enabled is:

With Secure Fabric isolation, each Database VM cluster uses a dedicated network partition and VLAN ID for cluster networking between the database servers in the VM Cluster. This provides security and isolation between multiple tenants or VM clusters.