Help Center/ Enterprise Router/ Best Practices/ Using Enterprise Router to Migrate the Network Set Up Through Direct Connect (Global DC Gateway)/ Network and Resource Planning
Updated on 2024-11-21 GMT+08:00
View PDF
Share

Network and Resource Planning

Plan the network and required resources before, during, and after the migration.
  • Network Planning: Plan the VPC and enterprise router route tables.
  • Resource Planning: Plan the quantity, names, and main parameters of cloud resources, including global DC gateways, virtual interfaces, VPC, ECS, and enterprise router.

Network Planning

During the migration, you need to add routes to the VPC and enterprise router route tables. For details, see Table 1.

The following figures show the network in different phases.

The routes in the figures are only examples for your reference. You need to plan routes based on service requirements.

Figure 1 Networking topology before migration
Figure 2 Networking topology during migration
Figure 3 Networking topology after migration
Table 1 Network planning details

Route Table

Description

VPC route table
Table 2 lists all the routes in the VPC route table.
  1. Before the migration, the VPC route table contains three routes pointing to the on-premises network CIDR block and CIDR block of the local and remote gateways over the virtual gateway.

    In this example, the CIDR blocks are 172.16.0.0/16, 10.0.0.0/30, and 10.1.0.0/30.

  2. During the migration, to prevent route conflicts, you need to add the required routes in the VPC route table.
    1. A route is used for communications between the VPC and the enterprise router in the same region, with the destination set to a large CIDR block and next hop to the enterprise router.

      The route destination must include the on-premises network CIDR block and cannot be used by other services. In this example, the destination is 172.16.0.0/15, larger than 172.16.0.0/16.

      NOTICE:

      The large CIDR block must include the on-premises network CIDR block. If one large CIDR block cannot include the on-premises network CIDR block, you can configure more large CIDR blocks.

    2. A route pointing to the enterprise router is used to verify communications between the on-premises data center and VPC. The route can be deleted after the verification.

      The route destination can be the IP address of any on-premises server. In this example, the destination is 172.16.0.12/32.

  3. When you delete the original virtual interfaces and virtual gateway during or after the migration, the routes related to the virtual gateway are also deleted.
    In this example, routes with destinations set to 172.16.0.0/16, 10.0.0.0/30, and 10.1.0.0/30 are deleted.
    NOTICE:

    After the migration, you can continue to use the route with the destinations set to the large CIDR block. You can also add routes with destinations that are the same as those of the original routes and then delete the route with the destinations set to the large CIDR block.

Enterprise router route table

Table 3 lists all the routes in the enterprise router route table.

During the migration, add routes pointing to the VPC CIDR block and global DC gateway to forward the traffic between the VPC and Direct Connect connections through the enterprise router.

If Default Route Table Association and Default Route Table Propagation are enabled for the enterprise router, routes with destinations set to the attachments are automatically added when you attach the VPC and virtual gateways to the enterprise router.
  • In this example, when you attach the VPC to the enterprise router, there will be a propagated route destined for 192.168.0.0/16.
  • In this example, when you create virtual interfaces and global DC gateway attachments, there will be propagated routes destined for 172.16.0.0/16, 10.0.0.0/30, and 10.1.0.0/30.
Table 2 Details of the VPC route table

VPC

Route Table

Destination

Next Hop Type

Next Hop

Route Type

Description

Phase

VPC-X

rtb-vpc-X

172.16.0.0/16

Direct Connect gateway

VGW-A

System

Destined for the on-premises network CIDR block
  • Before migration
  • During migration

10.0.0.0/30

Direct Connect gateway

VGW-A

System

Destined for the local and remote gateways of VIF-A01
  • Before migration
  • During migration

10.1.0.0/30

Direct Connect gateway

VGW-A

System

Destined for the local and remote gateways of VIF-A02
  • Before migration
  • During migration

172.16.0.0/15

Enterprise router

ER-X

Custom

Destined for the large CIDR block
  • During migration
  • After migration

172.16.0.12/32

Enterprise router

ER-X

Custom

Destined for any on-premises server to verify communications

During migration
Table 3 Details of the enterprise router route table

Enterprise Router

Route Table

Destination

Next Hop

Attached Resource

Route Type

Description

Phase

ER-X

defaultRouteTable

192.168.0.0/16

er-attach-VPC-X

VPC-X

Propagated

Destination: VPC-X
  • During migration
  • After migration

172.16.0.0/16

er-attach-DGW-B01

er-attach-DGW-B02

DGW-B01

DGW-B02

Propagated

Destination: on-premises network CIDR block

If the next hop is two global DC gateways, the two global DC gateway attachments work in load balancing mode. If load balancing is not required, you can modify the route policy to make the two global DC gateway attachments work in an active/standby pair.
  • During migration
  • After migration

10.0.0.0/30

er-attach-DGW-B01

DGW-B01

Propagated

Destination: local and remote gateways of VIF-B01
  • During migration
  • After migration

10.1.0.0/30

er-attach-DGW-B02

DGW-B02

Propagated

Destination: local and remote gateways of VIF-B02
  • During migration
  • After migration

Resource Planning

During the migration, you need to create the required number of enterprise routers, global DC gateways, and virtual interfaces. After the migration is complete, the original resources can be released. Table 4 describes the required resources.

The following resource planning details are only for your reference. You need to plan resources based on service requirements.

Table 4 Resources planning for migrating the network using an enterprise router

Resource

Quantity

Description

Phase

VPC

1
A VPC is required for running your workloads.
  • VPC name: In this example, VPC-X is used.
  • IPv4 CIDR block: The CIDR block must be different from the on-premises network CIDR block. In this example, the VPC CIDR block is 192.168.0.0/16.
  • Subnet name: Subnet-X01 is used in this example.
  • Subnet IPv4 CIDR block: The CIDR block must be different from the on-premises network CIDR block. In this example, the subnet CIDR block is 192.168.0.0/24.
  • Before migration
  • During migration
  • After migration

Direct Connect connection

2

In this example, there are two connections: DC-01 and DC-02.

No new connection is created during the migration.
  • Before migration
  • During migration
  • After migration

Direct Connect virtual gateway

1
The virtual gateway connected to the VPC.
  • Name: In this example, set it to VGW-A.
  • Associate With: Select VPC. The virtual gateway is connected to the VPC.
  • VPC: Select the service VPC. In this example, select VPC-X.
  • BGP ASN: In this example, set it to 64512.
  • Before migration
  • During migration

Direct Connect virtual interface associated with the virtual gateway

2
There are two virtual interfaces.
  • Name: In this example, the two virtual interfaces are VIF-A01 and VIF-A02.
  • Virtual Gateway: In this example, the virtual gateway associated with the two virtual interfaces is VGW-A.
  • Local Gateway: In this example, the local gateway IP address range for virtual interface VIF-A01 is 10.0.0.1/30, and that for VIF-A02 is 10.1.0.1/30.
  • Remote Gateway: In this example, the remote gateway IP address range for virtual interface VIF-A01 is 10.0.0.2/30, and that for VIF-A02 is 10.1.0.2/30.
  • Remote Subnet: In this example, the on-premises network CIDR block is 172.16.0.0/16.
  • Routing Mode: Select BGP.
  • BGP ASN: ASN of the on-premises data center, which must be different from the ASN of the virtual gateway on the cloud. In this example, 65525 is used.
  • Before migration
  • During migration

Direct Connect global DC gateway

2
Two global DC gateways are created and are used to replace virtual gateway VGW-A.
  • Name: Set it based on site requirements. In this example, DGW-B01 and DGW-B02 are used.
  • BGP ASN: It is recommended that you specify an ASN different from that of the enterprise router. In this example, 64512 is used.
  • IP Address Family: Set this parameter based on site requirements. In this example, set it to IPv4.
  • During migration
  • After migration

Direct Connect virtual interface associated with the global DC gateway

2

The following are the two virtual interfaces after the migration. VIF-B01 is used to replace VIF-A01, and VIF-B02 is used to replace VIF-A02.

  • Name: In this example, the two virtual interfaces are VIF-B01 and VIF-B02.
  • Virtual Interface Priority: Retain the default value for the two virtual interfaces.
  • Connection: In this example, VIF-B01 is associated with DC-01, and VIF-B02 is associated with DC-02.
  • Global DC Gateway: In this example, global DC gateway DGW-B01 is associated with virtual interface VIF-B01, and DGW-B02 associated with VIF-B02.
  • Local Gateway: In this example, the local gateway IP address range for virtual interface VIF-B01 is 10.0.0.1/30, and that for VIF-B02 is 10.1.0.1/30.
  • Remote Gateway: In this example, the remote gateway IP address range for virtual interface VIF-B01 is 10.0.0.2/30, and that for VIF-B02 is 10.1.0.2/30.
  • Routing Mode: Select BGP.
  • BGP ASN: ASN of the on-premises data center, which must be different from the ASN of the global DC gateway on the cloud. In this example, 65525 is used.
  • During migration
  • After migration

Enterprise router

1

The enterprise router that is in the same region as the service VPC.

  • Name: Set it as needed. In this example, ER-X is used.
  • ASN: The ASN of the enterprise router cannot be the same as that of the on-premises data center. It is recommended that you set the ASN of the enterprise router to a value different from that of the global DC gateway. 64512 has been reserved for the global DC gateway. In this example, the ASN of the enterprise router is 64513.
  • Default Route Table Association: Enable this option.
  • Default Route Table Propagation: Enable this option.
  • Auto Accept Shared Attachments: Set it based on site requirements. In this example, this option is enabled.
  • Three attachments on the enterprise router:
    • VPC attachment: er-attach-VPC-X
    • Global DC gateway attachments: er-attach-DGW-B01 and er-attach-DGW-B02
NOTICE:

Do not enable Auto Add Routes when you create the VPC attachment.

If this option is enabled, Enterprise Router automatically adds routes (with this enterprise router as the next hop and 10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16 as the destinations) to all route tables of the VPC. During the migration, manually add routes with destinations set to the large CIDR block in the VPC route table.
  • During migration
  • After migration

ECS

1

An ECS is required to verify connectivity.

  • ECS Name: Set it based on site requirements. In this example, ECS-X is used.
  • Image: Select an image based on site requirements. In this example, a public image (CentOS 8.2 64bit) is used.
  • Network
    • VPC: Select the service VPC. In this example, select VPC-X.
    • Subnet: Select the subnet that communicates with the on-premises data center. In this example, the subnet is Subnet-X01.
  • Security Group: Select a security group based on site requirements. In this example, the security group Sg-X uses a general-purpose web server template.
  • Private IP address: 192.168.0.137
  • Before migration
  • During migration
  • After migration