Help Center/ Enterprise Router/ Best Practices/ Connecting Multiple On-Premises Networks Across Regions Through Enterprise Routers/ Procedure of Connecting On-Premises Data Centers Across Regions
Updated on 2025-04-10 GMT+08:00
View PDF
Share

Procedure of Connecting On-Premises Data Centers Across Regions

Step 1: Create Cloud Resources

This following describes how to create cloud resources, such as enterprise routers and Cloud Connect central networks. For details about the overall planning of cloud resources, see Table 4.

  1. Create two enterprise routers with one in each region.

    For details, see Creating an Enterprise Router.

  2. Create a central network and add the enterprise routers to the central network as attachments.

    1. Create a central network and add the enterprise routers to the central network as attachments.

      For details, see Creating a Central Network.

    2. On the Enterprise Router console, view the peering connection attachments.

      For details, see Viewing Details About an Attachment.

      If the status of the peering connection attachments is Normal, the attachments are available.

      Default Route Table Association and Default Route Table Propagation are enabled when you create enterprise routers. After peering connection attachments are created for the enterprise routers, Enterprise Router will automatically:
      • Associate the peering connection attachment with the default route table of each enterprise router.
      • Propagate the peering connection attachment to the default route table of each enterprise router. The route tables automatically learn routes from each other.

  3. Create a global connection bandwidth to connect on-premises networks from different regions.

    For details, see Purchasing a Global Connection Bandwidth.

Step 2: Attach Global DC Gateways to Enterprise Routers

For details about Direct Connect resources used in this example, see Table 4.

  1. Create a Direct Connect connection in region A to link the on-premises data center to the cloud.

    1. Create a connection.

      For details, see Creating a Connection.

    2. Create a global DC gateway attachment for the enterprise router.
      1. On the Direct Connect console, perform the following operations:
        1. Create a global DC gateway.
        2. Create a virtual interface.
        3. Attach the global DC gateway to the enterprise router.

        For details, see Creating a Global DC Gateway.

      2. On the Enterprise Router console, view the global DC gateway attachment created for the enterprise router.

        For details, see Viewing Details About an Attachment.

        If the status of the global DC gateway attachment is Normal, the attachment has been created.

        Default Route Table Association and Default Route Table Propagation are enabled when you create the enterprise router. After the global DC gateway is attached to the enterprise router, Enterprise Router will automatically:
        • Associate the global DC gateway attachment with the default route table of the enterprise router.
        • Propagate the global DC gateway attachment to the default route table of the enterprise router. The routes to the on-premises data center are propagated to the route table.

          You can view routes to the on-premises data center in the route table of the enterprise router only after taking the following steps.

    3. Configure routes on the on-premises network device to point to the cloud.

      The following uses a Huawei network device as an example to describe how to configure a BGP route:

      bgp 64855

      peer 10.0.0.1 as-number 64512

      peer 10.0.0.1 password simple Qaz12345678

      network 10.1.123.0 255.255.255.0

      Table 1 BGP route

      Command

      Description

      bgp 64855

      Enables BGP.

      64855: ASN of IDC-A

      peer 10.0.0.1 as-number 64512
      Creates a BGP peer.
      • 10.0.0.1: the gateway address on Huawei Cloud
      • 64512: BGP ASN of the global DC gateway

      peer 10.0.0.1 password simple Qaz12345678

      Performs MD5 authentication on BGP messages when a TCP connection is established between BGP peers.

      Qaz12345678: BGP MD5 authentication password

      network 10.1.123.0 255.255.255.0

      Adds routes in the IP route table to the BGP route table.

      • 10.1.123.0: network used by the on-premises data center
      • 255.255.255.0: subnet mask of the on-premises network
    4. Log in to an ECS of the enterprise router.

      Multiple methods are available for logging in to an ECS. For details, see Logging In to an ECS.

      In this example, use VNC provided on the management console to log in to the ECS.

    5. Verify the connectivity over the Direct Connect connection in region A:

      ping IP address in the on-premises data center

      Example command:

      ping 10.1.123.5

      If information similar to the following is displayed, the cloud network is connected to the on-premises network. 
      [root@ecs-A ~]# ping 10.1.123.5
PING 10.1.123.5 (10.1.123.5) 56(84) bytes of data.
64 bytes from 10.1.123.5: icmp_seq=1 ttl=64 time=0.849 ms
64 bytes from 10.1.123.5: icmp_seq=2 ttl=64 time=0.455 ms
64 bytes from 10.1.123.5: icmp_seq=3 ttl=64 time=0.385 ms
64 bytes from 10.1.123.5: icmp_seq=4 ttl=64 time=0.372 ms
...
--- 10.1.123.5 ping statistics ---

  2. Create a Direct Connect connection in region B and verify the connectivity by referring to 1.

Step 3: Assign Cross-Site Connection Bandwidths on the Central Network

To allow cross-region communications, you need to assign cross-site connection bandwidths on the central network based on service requirements by referring to Table 4.

  1. Assign bandwidth from the purchased global connection bandwidth for the communications between region A and region B.

    For details, see Assigning a Cross-Site Connection Bandwidth.

Step 4: Verify Network Connectivity

  1. Log in to a server in on-premises data center IDC-A.
  2. Check whether IDC-A can access a server in IDC-B:

    ping IP address in IDC-B

    Example command:

    ping 192.168.3.5

    If information similar to the following is displayed, IDC-A can access IDC-B. 
    [root@idc-A ~]# ping 192.168.3.5
PING 192.168.3.5 (192.168.3.5) 56(84) bytes of data.
64 bytes from 192.168.3.5: icmp_seq=1 ttl=64 time=0.849 ms
64 bytes from 192.168.3.5: icmp_seq=2 ttl=64 time=0.455 ms
64 bytes from 192.168.3.5: icmp_seq=3 ttl=64 time=0.385 ms
64 bytes from 192.168.3.5: icmp_seq=4 ttl=64 time=0.372 ms
...
--- 192.168.3.5 ping statistics ---

  3. Log in to a server in on-premises data center IDC-B.
  4. Check whether IDC-B can access a server in IDC-A:

    ping IP address in IDC-A

    Example command:

    ping 10.1.123.6

    If information similar to the following is displayed, IDC-B can access IDC-A. 
    [root@idc-B ~]# ping 10.1.123.6
PING 10.1.123.6 (10.1.123.6) 56(84) bytes of data.
64 bytes from 10.1.123.6: icmp_seq=1 ttl=64 time=0.849 ms
64 bytes from 10.1.123.6: icmp_seq=2 ttl=64 time=0.455 ms
64 bytes from 10.1.123.6: icmp_seq=3 ttl=64 time=0.385 ms
64 bytes from 10.1.123.6: icmp_seq=4 ttl=64 time=0.372 ms
...
--- 10.1.123.6 ping statistics ---