Share via

In express route setup ADF can connect on-premise without SHIR

Brijesh Bajpai 20 Reputation points
2025-02-09T18:38:08.5466667+00:00

I have on-premises Oracle databases and have established an ExpressRoute connection between my on-premises network and Azure. I want to use Azure Data Factory to migrate these databases. Do I need a Self-Hosted Integration Runtime (SHIR)? Can ADF connect to my on-premises servers without a SHIR? If so, how?

Azure Data Factory
Azure Data Factory
An Azure service for ingesting, preparing, and transforming data at scale.
11,237 questions
0 comments
Accepted answer
  1. Vinodh247 27,791 Reputation points MVP
    2025-02-10T01:08:23.7833333+00:00

    Hi ,

    Thanks for reaching out to Microsoft Q&A.

    Yes, ADF can connect to your onprem oracle dbs over an expressRoute connection without requiring a SHIR, if and only if the following conditions are met:

    How ADF Connects to onprem via ExpressRoute Without SHIR

    1. Private Endpoint for Data Factory:
      • Set up a Private Endpoint for your ADF. This ensures that ADF communicates over a private network (ExpressRoute) rather than the public internet.
    2. Network Configuration:
      • Your onprem oracle server must be reachable over the ExpressRoute connection. This involves:
      • Proper DNS resolution for your on-premises oracle server (either via private DNS zones or on-premises DNS configuration).
      • Necessary routing configurations between your on-premises network and Azure to allow traffic from the ADF Private Endpoint to your Oracle server.
      Oracle Database Firewall: 
      - The firewall on your Oracle database server must allow incoming traffic from the ADF Private Endpoint's IP address (as routed through ExpressRoute).
    3. ADF Managed VNET (Optional):
      • You can enable Managed Virtual Network Integration for your adf. This allows ADF to securely access your on-premises network over ExpressRoute without requiring public IP addresses or SHIR.
      Native Oracle Connector in ADF:
      • Use the Oracle database connector in ADF. This connector supports connecting directly over TCP/IP when your Oracle database is accessible via a private network (such as ExpressRoute).
      Oracle Listener Port: 
        - Ensure that the Oracle Listener port (default: 1521) is open and accessible from Azure Data Factory over the private network.

    When SHIR Is Required?

    A shir is required only if:

    • You do not have ExpressRoute or private connectivity in place.
    • The Oracle server is not reachable directly over the private network (behind a firewall that blocks direct connectivity).
    • You need additional data transformations or encryption that shir provides.

    Steps to Verify:

    1. Test connectivity between the ADF Private Endpoint and the on-premises Oracle server using tools like telnet.
    2. Configure the Oracle linked service in ADF, specifying the Oracle server's private IP/DNS name and credentials.
    3. Run a test pipeline to validate the connection.

    Please feel free to click the 'Upvote' (Thumbs-up) button and 'Accept as Answer'. This helps the community by allowing others with similar queries to easily find the solution.

    0 comments

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.