When to Use Enterprise Routers

You can use enterprise routers to build cloud, on-premises, or hybrid networks. Here are some typical application scenarios:

Scenario 1: Multiple VPCs communicating or not communicating with each other on the cloud, but communicating with the on-premises data center through a Direct Connect connection
Scenario 2: Dynamic switchover between multiple Direct Connect connections
Scenario 3: Active/Standby Direct Connect and VPN connections
Scenario 4: Cross-cloud, cross-region highly reliable backbone network
Scenario 5: Building a border firewall between VPCs

Scenario 1: Multiple VPCs communicating or not communicating with each other on the cloud, but communicating with the on-premises data center through a Direct Connect connection

Figure 1 Diagram for scenario 1

**Table 1** Using enterprise routers in scenario 1
Customer Requirements	Multiple service networks communicate or do not communicate with each other on the cloud but communicate with the on-premises data center. Suppose you require three VPCs for running the workloads on the public cloud, and the three VPCs (services A, B, and C) need to access public services in VPC 4 and your on-premises data center.
Pain Points	VPC peering connections are required for communications among these VPCs, but they will complicate the network topology and make the network hard to manage. VPC peering connections and routes are required for the public service VPC to communicate with each VPC. However, VPC peering connections do not fit in large-scale networks because of the following limitations: A maximum of 50 VPC peering connections can be created in one region. A VPC route table can have a maximum of 200 routes. Direct Connect connections are required for each VPC to communicate with the on-premises data center, but they will incur high costs.
Benefits of Using Enterprise Routers	VPCs can be associated with different route tables on the enterprise router to enable communication or isolation. The network topology is simple and easy to manage. Enterprise routers can route traffic among all the connected VPCs without the need to configure a large number of VPC peering connections. Each enterprise router can have a maximum of 2,000 routes in each route table, making it ideal for large-scale complex networks. Multiple VPCs can access the on-premises data center over a Direct Connect connection, eliminating the need to configure multiple Direct Connect connections and reducing the costs.
Best Practice	Using Enterprise Router to Isolate VPCs in the Same Region

Scenario 2: Dynamic switchover between multiple Direct Connect connections

Figure 2 Diagram for scenario 2

**Table 2** Using enterprise routers in scenario 2
Customer Requirements	Some services run on the public cloud and some in the on-premises data center. Two independent high-bandwidth Direct Connect connections are deployed between the public cloud and the data center to enable communication between them.
Pain Points	Two Direct Connect connections are independent of each other and cannot work in load-sharing or active/standby mode.
Benefits of Using Enterprise Routers	Direct Connect connections are connected to the enterprise router. Two Direct Connect connections can work in load-sharing mode to ensure high bandwidth and reliability. Two Direct Connect connections can also work in active/standby mode. If one of the connections becomes unavailable, services are switched over to the other available connection within seconds, preventing service interruptions.
Best Practice	Using an Enterprise Router and a Pair of Direct Connect Connections to Connect an On-Premises Data Center to the Cloud

Scenario 3: Active/Standby Direct Connect and VPN connections

Figure 3 Diagram for scenario 3

**Table 3** Using enterprise routers in scenario 3
Customer Requirements	You are running workloads in your on-premises data center and on the public cloud. A single Direct Connect connection connects your on-premises data center to the cloud, which cannot ensure reliability.
Pain Points	You cannot afford another Direct Connect connection.
Benefits of Using Enterprise Routers	In this example, there are two connections, one Direct Connect connection and a VPN connection. Enterprise Router, Direct Connect, and VPC are used to build a hybrid cloud. When the Direct Connect connection becomes faulty, the VPN connection takes over to ensure that connectivity is not interrupted.
Best Practice	Allowing Direct Connect and VPN to Work in an Active and Standby Pair to Link an On-Premises Data Center to the Cloud

Scenario 4: Cross-cloud, cross-region highly reliable backbone network

Figure 4 Diagram for scenario 4

Change the enterprise router on the other cloud shown in Figure 4 to its actual service name of the other cloud.

**Table 4** Using enterprise routers in scenario 4
Customer Requirements	To improve service DR capabilities, enterprises often run workloads on multiple public clouds. Each public cloud spans across multiple regions for nearest access. They do not have their own backbone networks and use the backbone networks of the public clouds for multi-cloud, multi-region interconnection. Suppose you are running workloads in regions of both Huawei Cloud and another cloud service provider. The two public clouds communicate with each other through private lines of different carriers. Different regions of the same public cloud communicate with each other through the backbone networks (central networks provided by Cloud Connect).
Pain Points	A large number of routes are required for communication between the VPCs of multiple clouds and regions, resulting in high maintenance costs. Direct Connect and Cloud Connect connections cannot work in load balancing or active/standby mode.
Benefits of Using Enterprise Routers	The public clouds are connected through private lines, and different regions in the same public cloud are connected through the central network. Enterprise routers can forward traffic between instances, simplifying the network topology. In addition, route learning is supported. When the network changes, automatic convergence simplifies maintenance and management. Direct Connect and Cloud Connect connections can work in load-sharing or active/standby mode. Traffic between VPCs of different clouds is preferentially routed through the carriers' private lines. If the private lines become unavailable, requests will be transmitted over the Cloud Connect and dedicated connections. If the private lines between region C of Huawei Cloud and region C of the other cloud service provider become unavailable, the traffic can be first forwarded from region C of Huawei Cloud to region B of Huawei Cloud through Cloud Connect connections, then to the region B of the other cloud service provider through private lines, and finally to Region C of the other cloud service provider through Cloud Connect connections.
Best Practices	Using Enterprise Router and Cloud Connect Central Network to Allow Communications Among VPCs Across Regions Using Enterprise Router and Direct Connect to Allow Communications Between an On-Premises Data Center and VPCs

Scenario 5: Building a border firewall between VPCs

Figure 5 Diagram for scenario 4

**Table 5** Using enterprise routers in scenario 5
Customer Requirements	You have two VPCs with each VPC used to run a separate service (service A in VPC 1 and service B in VPC 2). For security purposes, the traffic between service A and service B needs to be filtered by the firewall.
Pain Points	You want to quickly set up a cloud network that meets security requirements.
Benefits of Using Enterprise Routers	A cloud firewall is deployed on the network, and the VPC and cloud firewall are associated with different route tables of the enterprise router to control the mutual access traffic between VPC 1 and VPC 2 to pass through the firewall.
Best Practice	Using Enterprise Router and CFW to Protect Traffic Between VPCs