Help Center> Direct Connect> Best Practices> Accessing a VPC over a Connection That Uses BGP Routing
View PDF

Accessing a VPC over a Connection That Uses BGP Routing

Overview

Connect your on-premises network that uses BGP routing so that your on-premises network can access the VPC.

Prerequisites

  • Your on-premises network uses a single-mode fiber with a 1GE or 10GE optical module to connect to the access device in the cloud.
  • Auto-negotiation for the port must be disabled. Port speed and full-duplex mode must be manually configured.
  • 802.1Q VLAN encapsulation is supported on your network.
  • Your device supports BGP and does not use ASN 64512, which is used by HUAWEI CLOUD.

Typical Topology

Your on-premises network is connected to a VPC in the CN North-Beijing4 region over a single connection. For details about how to create a VPC, see the Virtual Private Cloud User Guide.

The following is the network topology used in this solution:
Table 1 CIDR blocks

Item

CIDR Block

Your network

10.1.123.0/24

Remote and local gateways (addresses for interconnection)

10.0.0.0/30

VPC

192.168.0.0/16
Figure 1 Accessing a VPC over a connection that uses BGP routing

Procedure

  1. Create a connection.

    1. Log in to the management console.
    2. On the console homepage, click in the upper left corner and select the desired region and project.
    3. Hover on to display Service List and choose Networking > Direct Connect.
    4. In the navigation pane on the left, choose Direct Connect > Connections.
    5. Click Create Connection. Select Self Service Installation.
    6. On the Create Connection page, enter information about the equipment room and select the Direct Connect location and port based on Table 2.
      Figure 2 Creating a connection
      Table 2 Parameter description

      Parameter

      Description

      Example Value

      Region

      Specifies the region where the connection resides. You can also change the region in the upper left corner of the console.

      CN North-Beijing4

      Connection Name

      Specifies the name of your connection.

      dc-test12

      Location

      Specifies the Direct Connect location where your leased line can be connected to.

      Beijing-Yizhuang-Centrin

      Carrier

      Specifies the carrier that provides the leased line.

      China Telecom

      Port Type

      Specifies the type of the port used by the connection. There are two types of ports: 1GE single-mode optical port and 10GE single-mode optical port.

      1GE

      Leased Line Bandwidth

      Specifies the bandwidth of the connection in the unit of Mbit/s. This is the bandwidth of the leased line you bought from the carrier.

      1,000 Mbit/s

      Your Equipment Room Address

      Specifies the address of your equipment room. The address must be specific to the floor on which your equipment room is located, for example, XX Equipment Room, XX Building, No. XX, Huajing Road, Pudong District, Shanghai.

      -

      Description

      Provides supplementary information about the connection.

      -

      Billing Mode

      Specifies the billing model of the connection. Currently, only Yearly/Monthly is supported.

      Yearly/Monthly

      Required Duration

      Specifies how long the connection will be used.

      5 months

      Auto-renew

      Specifies whether to automatically renew the subscription to ensure service continuity.

      For example, if the required duration is three months, the system automatically renews the subscription for another three months.

      5 months

      Contact Person Name/Contact Number/Contact Email

      Specifies information about the person who is responsible for your connection.

      If the contact information is not provided, your account information will be queried. This will increase the review period.

      Tom

      +086 13912345678 (Chinese mainland)

      Tom@mail.com
    7. Click Next.
    8. Confirm the order and click Pay.
    9. Click Pay.

  2. Create a virtual gateway.

    1. In the navigation pane on the left, choose Direct Connect > Virtual Gateways.
    2. Click Create Virtual Gateway.
    3. Configure the parameters based on Table 3.
      Figure 3 Creating a virtual gateway
      Table 3 Parameter description

      Parameter

      Description

      Example Value

      Name

      Specifies the virtual gateway name.

      The name can contain 1 to 64 characters.

      vgw-test

      VPC

      Specifies the VPC to be associated with the virtual gateway.

      VPC-001

      Local Subnet

      Specifies the CIDR blocks of the subnets in the VPC to be accessed using Direct Connect.

      You can add one or more CIDR blocks. Separate every entry with a comma (,) if there are multiple CIDR blocks.

      192.168.0.0/16

      Description

      Provides supplementary information about the virtual gateway.

      -
    4. Click OK.

  3. Create a virtual interface.

    1. In the navigation pane on the left, choose Direct Connect > Virtual Interfaces.
    2. Click Create Virtual Interface.
    3. Configure the parameters based on Table 4.
      Figure 4 Create Virtual Interface
      Table 4 Parameter description

      Parameter

      Description

      Example Value

      Region

      Specifies the region where the connection resides. You can also change the region in the upper left corner of the console.

      CN North-Beijing4

      Name

      Specifies the virtual interface name.

      The name can contain 1 to 64 characters.

      vif-test

      Connection

      Specifies the connection you can use to connect your environment to HUAWEI CLOUD.

      dc-test12

      Virtual Gateway

      Specifies the virtual gateway to which the virtual interface connects.

      vgw-test

      VLAN

      Specifies the ID of the VLAN in which the virtual interface works.

      You need to configure the VLAN if you create a connection through self-service.

      The VLAN of the virtual interface of the hosting private line uses the VLAN allocated by the carrier or partner for the hosting private line. You do not need to configure the VLAN.

      30

      Bandwidth

      Specifies the bandwidth that can be used by the virtual interface in the unit of Mbit/s. The bandwidth cannot exceed that of the connection.

      1,000 Mbit/s

      Local Gateway

      Specifies the IP address used to connect HUAWEI CLOUD to a connection.

      10.0.0.1/30

      Remote Gateway

      Specifies the IP address for connecting to your network.

      The remote gateway must be in the same IP address range as the local gateway. Generally, a subnet with a 30-bit mask is recommended.

      10.0.0.2/30

      Remote Subnet

      Specifies the subnets and masks of your network. If there are multiple subnets, use commas (,) to separate them.

      10.1.123.0/24

      Routing Mode

      Specifies the routing mode. Two options are available, static routing and BGP routing.

      If there are two connections or you want to have another connection in the future, select BGP routing.

      BGP

      BGP ASN

      Specifies the ASN of the BGP peer.

      This parameter is required when BGP routing is selected.

      64510

      BGP MD5 Authentication Key

      Specifies the password used to authenticate the BGP peer using MD5.

      This parameter is required when BGP routing is selected.

      1234567

      Description

      Provides supplementary information about the virtual interface.

      -
    4. Click Create Now.

  4. Wait for route advertisement on the cloud.

    The Direct Connect device automatically advertises the routes after network connectivity is established.

  5. Advertise the routes on your device.

    Example configuration (on a Huawei device):

    bgp 64510
peer 10.0.0.1 as-number 64512
peer 10.0.0.1 password simple 1234567
network 10.1.123.0 255.255.255.0