Updated on 2024-04-19 GMT+08:00

Overview

Background

There are four VPCs in a region of Huawei Cloud, with service A, service B, and service C respectively in VPC 1, VPC 2, and VPC 3, and common service in VPC 4. The network requirements are as follows:
  1. VPC 1, VPC 2, and VPC 3 need to be isolated from each other.
  2. VPC 1, VPC 2, and VPC 3 need to communicate with VPC 4.
Figure 1 Isolation of VPCs in the same region

You can share an enterprise router with different accounts to attach VPCs of these accounts to the same enterprise router for communications.

Operation Procedure

Figure 2 shows the procedure for using an enterprise router to isolate VPCs in the same region.

Figure 2 Flowchart for isolating VPCs in the same region
Table 1 Description of procedures for isolating VPCs in the same region

No.

Path

Description

1

Planning Networks and Resources

Plan required CIDR blocks and the number of resources.

2

Creating Resources

  1. Create an enterprise router.
  2. Create four VPCs and four ECSs.

3

Creating VPC Attachments for the Enterprise Router

  1. Create VPC attachments for the enterprise router:
    1. Attach the four VPCs to the enterprise router.
    2. Create two custom route tables for the enterprise router.
    3. Associate and propagate VPC attachments with the route tables of the enterprise router.
    4. Add routes to the route tables of the VPCs for traffic to route through the enterprise router.

4

Verifying Network Isolation and Connectivity

Log in to an ECS and run the ping command to verify the network isolation and connectivity.