Compute
Elastic Cloud Server
Huawei Cloud Flexus
Bare Metal Server
Auto Scaling
Image Management Service
Dedicated Host
FunctionGraph
Cloud Phone Host
Huawei Cloud EulerOS
Networking
Virtual Private Cloud
Elastic IP
Elastic Load Balance
NAT Gateway
Direct Connect
Virtual Private Network
VPC Endpoint
Cloud Connect
Enterprise Router
Enterprise Switch
Global Accelerator
Management & Governance
Cloud Eye
Identity and Access Management
Cloud Trace Service
Resource Formation Service
Tag Management Service
Log Tank Service
Config
OneAccess
Resource Access Manager
Simple Message Notification
Application Performance Management
Application Operations Management
Organizations
Optimization Advisor
IAM Identity Center
Cloud Operations Center
Resource Governance Center
Migration
Server Migration Service
Object Storage Migration Service
Cloud Data Migration
Migration Center
Cloud Ecosystem
KooGallery
Partner Center
User Support
My Account
Billing Center
Cost Center
Resource Center
Enterprise Management
Service Tickets
HUAWEI CLOUD (International) FAQs
ICP Filing
Support Plans
My Credentials
Customer Operation Capabilities
Partner Support Plans
Professional Services
Analytics
MapReduce Service
Data Lake Insight
CloudTable Service
Cloud Search Service
Data Lake Visualization
Data Ingestion Service
GaussDB(DWS)
DataArts Studio
Data Lake Factory
DataArts Lake Formation
IoT
IoT Device Access
Others
Product Pricing Details
System Permissions
Console Quick Start
Common FAQs
Instructions for Associating with a HUAWEI CLOUD Partner
Message Center
Security & Compliance
Security Technologies and Applications
Web Application Firewall
Host Security Service
Cloud Firewall
SecMaster
Anti-DDoS Service
Data Encryption Workshop
Database Security Service
Cloud Bastion Host
Data Security Center
Cloud Certificate Manager
Edge Security
Managed Threat Detection
Blockchain
Blockchain Service
Web3 Node Engine Service
Media Services
Media Processing Center
Video On Demand
Live
SparkRTC
MetaStudio
Storage
Object Storage Service
Elastic Volume Service
Cloud Backup and Recovery
Storage Disaster Recovery Service
Scalable File Service Turbo
Scalable File Service
Volume Backup Service
Cloud Server Backup Service
Data Express Service
Dedicated Distributed Storage Service
Containers
Cloud Container Engine
SoftWare Repository for Container
Application Service Mesh
Ubiquitous Cloud Native Service
Cloud Container Instance
Databases
Relational Database Service
Document Database Service
Data Admin Service
Data Replication Service
GeminiDB
GaussDB
Distributed Database Middleware
Database and Application Migration UGO
TaurusDB
Middleware
Distributed Cache Service
API Gateway
Distributed Message Service for Kafka
Distributed Message Service for RabbitMQ
Distributed Message Service for RocketMQ
Cloud Service Engine
Multi-Site High Availability Service
EventGrid
Dedicated Cloud
Dedicated Computing Cluster
Business Applications
Workspace
ROMA Connect
Message & SMS
Domain Name Service
Edge Data Center Management
Meeting
AI
Face Recognition Service
Graph Engine Service
Content Moderation
Image Recognition
Optical Character Recognition
ModelArts
ImageSearch
Conversational Bot Service
Speech Interaction Service
Huawei HiLens
Video Intelligent Analysis Service
Developer Tools
SDK Developer Guide
API Request Signing Guide
Terraform
Koo Command Line Interface
Content Delivery & Edge Computing
Content Delivery Network
Intelligent EdgeFabric
CloudPond
Intelligent EdgeCloud
Solutions
SAP Cloud
High Performance Computing
Developer Services
ServiceStage
CodeArts
CodeArts PerfTest
CodeArts Req
CodeArts Pipeline
CodeArts Build
CodeArts Deploy
CodeArts Artifact
CodeArts TestPlan
CodeArts Check
CodeArts Repo
Cloud Application Engine
MacroVerse aPaaS
KooMessage
KooPhone
KooDrive
On this page

Network and Resource Planning

Updated on 2024-11-21 GMT+08:00
Plan the network and required resources before, during, and after the migration.
  • Network Planning: Plan the VPC and enterprise router route tables.
  • Resource Planning: Plan the quantity, names, and main parameters of cloud resources, including global DC gateways, virtual interfaces, VPC, ECS, and enterprise router.

Network Planning

During the migration, you need to add routes to the VPC and enterprise router route tables. For details, see Table 1.

The following figures show the network in different phases.

NOTE:

The routes in the figures are only examples for your reference. You need to plan routes based on service requirements.

Figure 1 Networking topology before migration
Figure 2 Networking topology during migration
Figure 3 Networking topology after migration
Table 1 Network planning details

Route Table

Description

VPC route table

Table 2 lists all the routes in the VPC route table.
  1. Before the migration, the VPC route table contains three routes pointing to the on-premises network CIDR block and CIDR block of the local and remote gateways over the virtual gateway.

    In this example, the CIDR blocks are 172.16.0.0/16, 10.0.0.0/30, and 10.1.0.0/30.

  2. During the migration, to prevent route conflicts, you need to add the required routes in the VPC route table.
    1. A route is used for communications between the VPC and the enterprise router in the same region, with the destination set to a large CIDR block and next hop to the enterprise router.

      The route destination must include the on-premises network CIDR block and cannot be used by other services. In this example, the destination is 172.16.0.0/15, larger than 172.16.0.0/16.

      NOTICE:

      The large CIDR block must include the on-premises network CIDR block. If one large CIDR block cannot include the on-premises network CIDR block, you can configure more large CIDR blocks.

    2. A route pointing to the enterprise router is used to verify communications between the on-premises data center and VPC. The route can be deleted after the verification.

      The route destination can be the IP address of any on-premises server. In this example, the destination is 172.16.0.12/32.

  3. When you delete the original virtual interfaces and virtual gateway during or after the migration, the routes related to the virtual gateway are also deleted.
    In this example, routes with destinations set to 172.16.0.0/16, 10.0.0.0/30, and 10.1.0.0/30 are deleted.
    NOTICE:

    After the migration, you can continue to use the route with the destinations set to the large CIDR block. You can also add routes with destinations that are the same as those of the original routes and then delete the route with the destinations set to the large CIDR block.

Enterprise router route table

Table 3 lists all the routes in the enterprise router route table.

During the migration, add routes pointing to the VPC CIDR block and global DC gateway to forward the traffic between the VPC and Direct Connect connections through the enterprise router.

If Default Route Table Association and Default Route Table Propagation are enabled for the enterprise router, routes with destinations set to the attachments are automatically added when you attach the VPC and virtual gateways to the enterprise router.
  • In this example, when you attach the VPC to the enterprise router, there will be a propagated route destined for 192.168.0.0/16.
  • In this example, when you create virtual interfaces and global DC gateway attachments, there will be propagated routes destined for 172.16.0.0/16, 10.0.0.0/30, and 10.1.0.0/30.
Table 2 Details of the VPC route table

VPC

Route Table

Destination

Next Hop Type

Next Hop

Route Type

Description

Phase

VPC-X

rtb-vpc-X

172.16.0.0/16

Direct Connect gateway

VGW-A

System

Destined for the on-premises network CIDR block

  • Before migration
  • During migration

10.0.0.0/30

Direct Connect gateway

VGW-A

System

Destined for the local and remote gateways of VIF-A01

  • Before migration
  • During migration

10.1.0.0/30

Direct Connect gateway

VGW-A

System

Destined for the local and remote gateways of VIF-A02

  • Before migration
  • During migration

172.16.0.0/15

Enterprise router

ER-X

Custom

Destined for the large CIDR block

  • During migration
  • After migration

172.16.0.12/32

Enterprise router

ER-X

Custom

Destined for any on-premises server to verify communications

During migration

Table 3 Details of the enterprise router route table

Enterprise Router

Route Table

Destination

Next Hop

Attached Resource

Route Type

Description

Phase

ER-X

defaultRouteTable

192.168.0.0/16

er-attach-VPC-X

VPC-X

Propagated

Destination: VPC-X

  • During migration
  • After migration

172.16.0.0/16

er-attach-DGW-B01

er-attach-DGW-B02

DGW-B01

DGW-B02

Propagated

Destination: on-premises network CIDR block

If the next hop is two global DC gateways, the two global DC gateway attachments work in load balancing mode. If load balancing is not required, you can modify the route policy to make the two global DC gateway attachments work in an active/standby pair.

  • During migration
  • After migration

10.0.0.0/30

er-attach-DGW-B01

DGW-B01

Propagated

Destination: local and remote gateways of VIF-B01

  • During migration
  • After migration

10.1.0.0/30

er-attach-DGW-B02

DGW-B02

Propagated

Destination: local and remote gateways of VIF-B02

  • During migration
  • After migration

Resource Planning

During the migration, you need to create the required number of enterprise routers, global DC gateways, and virtual interfaces. After the migration is complete, the original resources can be released. Table 4 describes the required resources.

NOTE:

The following resource planning details are only for your reference. You need to plan resources based on service requirements.

Table 4 Resources planning for migrating the network using an enterprise router

Resource

Quantity

Description

Phase

VPC

1

A VPC is required for running your workloads.
  • VPC name: In this example, VPC-X is used.
  • IPv4 CIDR block: The CIDR block must be different from the on-premises network CIDR block. In this example, the VPC CIDR block is 192.168.0.0/16.
  • Subnet name: Subnet-X01 is used in this example.
  • Subnet IPv4 CIDR block: The CIDR block must be different from the on-premises network CIDR block. In this example, the subnet CIDR block is 192.168.0.0/24.
  • Before migration
  • During migration
  • After migration

Direct Connect connection

2

In this example, there are two connections: DC-01 and DC-02.

No new connection is created during the migration.

  • Before migration
  • During migration
  • After migration

Direct Connect virtual gateway

1

The virtual gateway connected to the VPC.
  • Name: In this example, set it to VGW-A.
  • Associate With: Select VPC. The virtual gateway is connected to the VPC.
  • VPC: Select the service VPC. In this example, select VPC-X.
  • BGP ASN: In this example, set it to 64512.
  • Before migration
  • During migration

Direct Connect virtual interface associated with the virtual gateway

2

There are two virtual interfaces.
  • Name: In this example, the two virtual interfaces are VIF-A01 and VIF-A02.
  • Virtual Gateway: In this example, the virtual gateway associated with the two virtual interfaces is VGW-A.
  • Local Gateway: In this example, the local gateway IP address range for virtual interface VIF-A01 is 10.0.0.1/30, and that for VIF-A02 is 10.1.0.1/30.
  • Remote Gateway: In this example, the remote gateway IP address range for virtual interface VIF-A01 is 10.0.0.2/30, and that for VIF-A02 is 10.1.0.2/30.
  • Remote Subnet: In this example, the on-premises network CIDR block is 172.16.0.0/16.
  • Routing Mode: Select BGP.
  • BGP ASN: ASN of the on-premises data center, which must be different from the ASN of the virtual gateway on the cloud. In this example, 65525 is used.
  • Before migration
  • During migration

Direct Connect global DC gateway

2

Two global DC gateways are created and are used to replace virtual gateway VGW-A.
  • Name: Set it based on site requirements. In this example, DGW-B01 and DGW-B02 are used.
  • BGP ASN: It is recommended that you specify an ASN different from that of the enterprise router. In this example, 64512 is used.
  • IP Address Family: Set this parameter based on site requirements. In this example, set it to IPv4.
  • During migration
  • After migration

Direct Connect virtual interface associated with the global DC gateway

2

The following are the two virtual interfaces after the migration. VIF-B01 is used to replace VIF-A01, and VIF-B02 is used to replace VIF-A02.

  • Name: In this example, the two virtual interfaces are VIF-B01 and VIF-B02.
  • Virtual Interface Priority: Retain the default value for the two virtual interfaces.
  • Connection: In this example, VIF-B01 is associated with DC-01, and VIF-B02 is associated with DC-02.
  • Global DC Gateway: In this example, global DC gateway DGW-B01 is associated with virtual interface VIF-B01, and DGW-B02 associated with VIF-B02.
  • Local Gateway: In this example, the local gateway IP address range for virtual interface VIF-B01 is 10.0.0.1/30, and that for VIF-B02 is 10.1.0.1/30.
  • Remote Gateway: In this example, the remote gateway IP address range for virtual interface VIF-B01 is 10.0.0.2/30, and that for VIF-B02 is 10.1.0.2/30.
  • Routing Mode: Select BGP.
  • BGP ASN: ASN of the on-premises data center, which must be different from the ASN of the global DC gateway on the cloud. In this example, 65525 is used.
  • During migration
  • After migration

Enterprise router

1

The enterprise router that is in the same region as the service VPC.

  • Name: Set it as needed. In this example, ER-X is used.
  • ASN: The ASN of the enterprise router cannot be the same as that of the on-premises data center. It is recommended that you set the ASN of the enterprise router to a value different from that of the global DC gateway. 64512 has been reserved for the global DC gateway. In this example, the ASN of the enterprise router is 64513.
  • Default Route Table Association: Enable this option.
  • Default Route Table Propagation: Enable this option.
  • Auto Accept Shared Attachments: Set it based on site requirements. In this example, this option is enabled.
  • Three attachments on the enterprise router:
    • VPC attachment: er-attach-VPC-X
    • Global DC gateway attachments: er-attach-DGW-B01 and er-attach-DGW-B02
NOTICE:

Do not enable Auto Add Routes when you create the VPC attachment.

If this option is enabled, Enterprise Router automatically adds routes (with this enterprise router as the next hop and 10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16 as the destinations) to all route tables of the VPC. During the migration, manually add routes with destinations set to the large CIDR block in the VPC route table.

  • During migration
  • After migration

ECS

1

An ECS is required to verify connectivity.

  • ECS Name: Set it based on site requirements. In this example, ECS-X is used.
  • Image: Select an image based on site requirements. In this example, a public image (CentOS 8.2 64bit) is used.
  • Network
    • VPC: Select the service VPC. In this example, select VPC-X.
    • Subnet: Select the subnet that communicates with the on-premises data center. In this example, the subnet is Subnet-X01.
  • Security Group: Select a security group based on site requirements. In this example, the security group Sg-X uses a general-purpose web server template.
  • Private IP address: 192.168.0.137
  • Before migration
  • During migration
  • After migration

We use cookies to improve our site and your experience. By continuing to browse our site you accept our cookie policy. Find out more

Feedback

Feedback

Feedback

0/500

Selected Content

Submit selected content with the feedback