Help Center> Cloud Container Engine> Best Practices> Networking> Allowing Containers and IDCs to Communicate with Each Other Through VPC and Direct Connect
Allowing Containers and IDCs to Communicate with Each Other Through VPC and Direct Connect
Scenario
By using VPC and Direct Connect, IP addresses in the container CIDR block (172.56.0.0/16) and IDC CIDR block (20.227.0.0/16) can communicate with each other in the VPC network model.
Figure 1 Example network topology
Prerequisites
An IDC is available, and the Direct Connect service has been applied for.
Procedure
- Create a Direct Connect connection.
- Log in to the management console, click
in the upper left corner, and select the desired region and project. Click 
at the upper left corner and choose Network > Direct Connect in the expanded list. 
- In the navigation pane on the left of the console, choose Direct Connect > Connections. On the displayed page, click Create Connection.
- On the Create Connection page, click Full Service Installation.
- Log in to the management console, click
- Create a virtual gateway. Choose Direct Connect > Virtual Gateways, and click Create Virtual Gateway on the right. Add the VPC CIDR block and the container CIDR block in the VPC network model.Figure 2 Creating a virtual gateway
- Create a Cloud Connect connection.
- In the navigation pane on the left of the console, choose Cloud Connect > Cloud Connections. On the displayed page, click Create Cloud Connection.
- After the connection is created, click the cloud connection name to go to its details page. On the Network Instances tab page, click Load Network Instance to add VPC information.
- Check the VPC CIDR blocks on the Cloud Connect VPC and ensure that the VPC and container CIDR blocks have been added.
- Add the VGW CIDR blocks on the Direct Connect gateway.
- Check the VGW CIDR blocks on the Direct Connect gateway and ensure that the remote subnets are correctly added.
- In the navigation pane on the left of the console, choose Cloud Connect > Cloud Connections. On the displayed page, click Create Cloud Connection.
- Test the connectivity.
- On an IDC host, traceroute the IP address of the container node or container on the cloud to check whether the route to the cloud gateway of Direct Connect is normal.
- If the route is normal, Direct Connect has a return route.
- If the route to the cloud gateway of Direct Connect is abnormal, check whether the route settings at both ends of Direct Connect are correct.
- If the IP address cannot be tracerouted, try the ping or telnet operation. Before using ping, ensure that the ICMP policy has been enabled for the security group if the target is a HUAWEI CLOUD ECS.
- On an IDC host, traceroute the IP address of the container node or container on the cloud to check whether the route to the cloud gateway of Direct Connect is normal.
Parent topic: Networking
Last Article: Solution 2: Changing the CoreDNS Configurations
Next Article: Obtaining the Client Source IP Address for a Container
Did this article solve your problem?
Thank you for your score!Your feedback would help us improve the website.