When to Use Enterprise Routers

Multiple service networks communicate or do not communicate with each other on the cloud but communicate with the on-premises data center. Suppose you require three VPCs for running services (Service A in VPC 1, Service B in VPC 2, and Service C in VPC 3) on Huawei Cloud, and the three VPCs need to access public services in VPC 4 and your on-premises data center.

• VPC peering connections are required for communications among these VPCs, but they will complicate the network topology and make the network hard to manage.
• VPC peering connections and routes are required for the public service VPC to communicate with each VPC. However, VPC peering connections do not fit in large-scale networks because of the following limitations:
  • A maximum of 50 VPC peering connections can be created in one region.
  • A VPC route table can have a maximum of 200 routes.
• Direct Connect connections are required for each VPC to communicate with the on-premises data center, but they will incur high costs.

• VPCs can be associated with different route tables on the enterprise router to enable communication or isolation. The network topology is simple and easy to manage.
• Enterprise routers can route traffic among all the connected VPCs without the need to configure a large number of VPC peering connections.
  • Each enterprise router can have a maximum of 2,000 routes in each route table, making it ideal for large-scale complex networks.
• Multiple VPCs can access the on-premises data center over a Direct Connect connection, eliminating the need to configure multiple Direct Connect connections and reducing the costs.

You are running workloads in your on-premises data center and on Huawei Cloud. A single Direct Connect connection connects your on-premises data center to the cloud, which cannot ensure reliability.

You cannot afford another Direct Connect connection.

In this example, there are two connections, one Direct Connect connection and a VPN connection. Enterprise Router, Direct Connect, and VPC are used to build a hybrid cloud. When the Direct Connect connection becomes faulty, the VPN connection takes over to ensure that connectivity is not interrupted.

To improve service DR capabilities, enterprises often run workloads on multiple public clouds. Each public cloud spans across multiple regions for nearest access. They do not have their own backbone networks and use the backbone networks of the public clouds for multi-cloud, multi-region interconnection.

Suppose you are running workloads in regions of both Huawei Cloud and another cloud service provider. The two public clouds communicate with each other through private lines of different carriers. Different regions of the same public cloud communicate with each other through the backbone networks (central networks provided by Cloud Connect).

• A large number of routes are required for communication between the VPCs of multiple clouds and regions, resulting in high maintenance costs.
• Direct Connect and Cloud Connect connections cannot work in load balancing or active/standby mode.

The public clouds are connected through private lines, and different regions in the same public cloud are connected through the central network.

• Enterprise routers can forward traffic between instances, simplifying the network topology. In addition, route learning is supported. When the network changes, automatic convergence simplifies maintenance and management.
• Direct Connect and Cloud Connect connections can work in load-sharing or active/standby mode. Traffic between VPCs of different clouds is preferentially routed through the carriers' private lines. If the private lines become unavailable, requests will be transmitted over the Cloud Connect and dedicated connections.

  If the private lines between region C of Huawei Cloud and region C of the other cloud service provider become unavailable, the traffic can be first forwarded from region C of Huawei Cloud to region B of Huawei Cloud through Cloud Connect connections, then to the region B of the other cloud service provider through private lines, and finally to Region C of the other cloud service provider through Cloud Connect connections.