Procedure for Using Enterprise Router to Migrate the Network Set Up Through Direct Connect
Step 1: Create an Enterprise Router and a VPC Attachment
- Create an enterprise router ER-X in the same region as the service VPC.
When creating the enterprise router, enable Default Route Table Association and Default Route Table Propagation. For details, see Table 4.
For details, see Creating an Enterprise Router.
- Create a VPC attachment er-attach-VPC-X to attach the service VPC to the enterprise router.
Do not enable Auto Add Routes and manually add routes with destinations set to the large CIDR block in the VPC route table.
For details, see Creating VPC Attachments for the Enterprise Router.
- In the enterprise router route table, check the route points to the VPC attachment.
In this example, Default Route Table Association and Default Route Table Propagation are enabled for the enterprise router, and routes with destinations set to VPC CIDR blocks are automatically added when you attach the VPCs to the enterprise router.
If Default Route Table Propagation is not enabled when creating the enterprise router, you need to manually add routes with destinations set to the VPC CIDR blocks to the enterprise router route table. For details, see Creating a Static Route.
For enterprise router route details, see Table 1 and Table 3.
To view enterprise routes, see Viewing Routes.
- In the VPC route table, add a route destined for the large CIDR block with the enterprise router as the next hop.
For VPC route details, see Table 1 and Table 2.
In this example, the large CIDR block is 172.16.0.0/15, and the next hop is the enterprise router.
For details, see Adding Routes to VPC Route Tables.
Step 2: Attach Global DC Gateway DGW-B01 to the Enterprise Router
- Create a global DC gateway DGW-B01.
For details, see Creating a Global DC Gateway.
- Delete virtual interface VIF-A01 from virtual gateway VGW-A on the on-premises network device and the Direct Connect console in sequence:
- Log in to the on-premises network device and delete the configuration of VIF-A01.
Before deleting VIF-A01 on the Direct Connect console, delete the configuration of VIF-A01 on the on-premises network device to ensure that traffic does not pass through this virtual interface.
- Delete virtual interface VIF-A01 on the Direct Connect console.
For details, see Deleting a Virtual Interface.
After the virtual interface is deleted, the system route pointing to VGW-A and destined for the local and remote gateways of VIF-A01 will be deleted from the VPC route table. For VPC route details, see Table 2.
In this example, the route whose destination is 10.0.0.0/30 and next hop is the virtual gateway will be automatically deleted.
- Log in to the on-premises network device and delete the configuration of VIF-A01.
- Create a global DC gateway attachment for the enterprise router.
- On the Direct Connect console, perform the following operations:
- Create virtual interface VIF-B01.
- Attach the global DC gateway to the enterprise router.
For details, see Creating a Global DC Gateway.
- On the Enterprise Router console, view the global DC gateway attachment created for the enterprise router.
If the status of the global DC gateway attachment is Normal, the attachment has been created.
Default Route Table Association and Default Route Table Propagation are enabled when you create the enterprise router. After the global DC gateway is attached to the enterprise router, Enterprise Router will automatically:- Associate the global DC gateway attachment with the default route table of the enterprise router.
- Propagate the global DC gateway attachment to the default route table of the enterprise router. The routes to the on-premises data center are propagated to the route table.
You can view routes to the on-premises data center in the route table of the enterprise router only after taking the following steps.
- On the Direct Connect console, perform the following operations:
- (Optional) Configure the on-premises network device to enable the on-premises data center to access cloud resources through the new virtual interface VIF-B01 or a specified virtual interface.
- If virtual interface VIF-B01 uses BGP routing, the on-premises data center can access cloud resources through VIF-B01 after 3 is complete. In this case, skip this step.
- If virtual interface VIF-B01 uses static routing, the on-premises data center can access cloud resources through VIF-B01 only after the current step is complete.
- If you do not want the traffic from the on-premises data center to pass through virtual interface VIF-B01, take this step to configure a specified virtual interface.
Step 3: Verify Communications Between the VPC and On-Premises Data Center Through the Enterprise Router
- In the VPC route table, add a route destined for any on-premises server to verify communications between the VPC and on-premises data center.
For VPC route details, see Table 2.
In this example, the route destination is 172.16.0.12/32 and next hop is the enterprise router.
For details, see Adding Routes to VPC Route Tables.
- Create an ECS in the VPC subnet that needs to communicate with the on-premises data center.
For more resource details, see Table 4.
For details, see Methods of Purchasing ECSs.
- Verify communications between the VPC and on-premises data center.
Multiple methods are available for logging in to an ECS. For details, see Logging In to an ECS.
ping <IP-address-of-an-on-premises-server>
Add the IP address of an on-premises server to the VPC route table and run the following command:
ping 172.16.0.12
If information similar to the following is displayed, VPC-X can communicate with the on-premises data center through the enterprise router:[root@ecs-X ~]# ping 172.16.0.12 PING 172.16.0.12 (172.16.0.12) 56(84) bytes of data. 64 bytes from 172.16.0.12: icmp_seq=1 ttl=64 time=0.849 ms 64 bytes from 172.16.0.12: icmp_seq=2 ttl=64 time=0.455 ms 64 bytes from 172.16.0.12: icmp_seq=3 ttl=64 time=0.385 ms 64 bytes from 172.16.0.12: icmp_seq=4 ttl=64 time=0.372 ms ... --- 172.16.0.12 ping statistics ---
- Delete the route and ECS used for verifying communications.
- Delete the route from the VPC route table.
To delete a route, refer to Deleting a Route.
- Delete the ECS.
To delete an ECS, refer to How Can I Delete or Restart an ECS?
- Delete the route from the VPC route table.
Step 4: Attach Global DC Gateway DGW-B02 to the Enterprise Router
- Create a global DC gateway DGW-B02.
For details, see Creating a Global DC Gateway.
- Delete virtual interface VIF-A02 from virtual gateway VGW-A on the on-premises network device and the Direct Connect console in sequence:
- Log in to the on-premises network device and delete the configuration of VIF-A02.
Before deleting VIF-A02 on the Direct Connect console, delete the configuration of VIF-A02 on the on-premises network device to ensure that traffic does not pass through this virtual interface.
- Delete virtual interface VIF-A02 on the Direct Connect console.
For details, see Deleting a Virtual Interface.
After the virtual interface is deleted, the two routes pointing to virtual gateway VGW-A are deleted from the VPC route table. For VPC route details, see Table 2.- The system route whose destination is the local and remote gateways of virtual interface VIF-A02.
In this example, the route whose destination is 10.1.0.0/30 and next hop is the virtual gateway will be automatically deleted.
- The system route destined for the on-premises data center.
In this example, the route whose destination is 172.16.0.0/16 and next hop is the virtual gateway will be automatically deleted.
- The system route whose destination is the local and remote gateways of virtual interface VIF-A02.
- Log in to the on-premises network device and delete the configuration of VIF-A02.
- Create a global DC gateway attachment for the enterprise router.
- On the Direct Connect console, perform the following operations:
- Create virtual interface VIF-B02.
- Attach the global DC gateway to the enterprise router.
For details, see Creating a Global DC Gateway.
- On the Enterprise Router console, view the global DC gateway attachment created for the enterprise router.
If the status of the global DC gateway attachment is Normal, the attachment has been created.
Default Route Table Association and Default Route Table Propagation are enabled when you create the enterprise router. After the global DC gateway is attached to the enterprise router, Enterprise Router will automatically:- Associate the global DC gateway attachment with the default route table of the enterprise router.
- Propagate the global DC gateway attachment to the default route table of the enterprise router. The routes to the on-premises data center are propagated to the route table.
You can view routes to the on-premises data center in the route table of the enterprise router only after taking the following steps.
- On the Direct Connect console, perform the following operations:
- (Optional) Configure the on-premises network device to enable the on-premises data center to access cloud resources through the new virtual interface VIF-B02 or a specified virtual interface.
- If virtual interface VIF-B02 uses BGP routing, the on-premises data center can access cloud resources through VIF-B02 after 3 is complete. In this case, skip this step.
- If virtual interface VIF-B02 uses static routing, the on-premises data center can access cloud resources through VIF-B02 only after the current step is complete.
- If you do not want the traffic from the on-premises data center to pass through virtual interface VIF-B02, take this step to configure a specified virtual interface.
Step 5: Configure the Working Mode of the Connections
- Configure a route policy to make the two connections to work in load balancing or active/standby mode based on site requirements.
- Load balancing mode: For details, see Setting Up a Hybrid Cloud Network Using Enterprise Router and a Pair of Direct Connect Connections (Global DC Gateway).
- Active/Standby mode: For details, see Setting Up a Hybrid Cloud Network Using Enterprise Router and a Pair of Active/Standby Direct Connect Connections (Global DC Gateway).
Step 6: Delete the Virtual Gateway
When the on-premises data center can access the VPC through the enterprise router, delete virtual gateway VGW-A.
- Delete virtual gateway VGW-A.
For details, see Deleting a Virtual Gateway.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.