Overview

Background

There are three VPCs in a region of Huawei Cloud, with service A and service B respectively in VPC 1 and VPC 2, and the third-party firewall in VPC 3. For security purposes, the traffic to service A and service B must be filtered by the firewall in VPC 3.

Figure 1 Traffic scrubbing for VPCs in the same region

Operation Procedure

Figure 2 shows the procedure for using an enterprise router to scrub traffic for VPCs in the same region.

Figure 2 Flowchart for scrubbing traffic between VPCs in the same region

**Table 1** Description of procedures for scrubbing traffic for VPCs in the same region
No.	Procedure	Description
1	Planning Networks and Resources	Plan required CIDR blocks and the number of resources.
2	Creating Resources	Create an enterprise router. Create three VPCs and three ECSs.
3	Configuring Networks	Configure VPC attachments for the enterprise router: Attach the three VPCs to the enterprise router. Create two custom route tables for the enterprise router. Associate and propagate VPC attachments with the route tables of the enterprise router. Add routes to the route tables of the VPCs for traffic to route through the enterprise router. Configure kernel parameters and routes for ECS 3 to allow communications between NICs eth0 and eth1.
4	Verifying Network Connectivity and Traffic Scrubbing	Log in to an ECS and run the ping command to verify the network connectivity.