Help Center> Enterprise Router> Service Overview> How Enterprise Routers Work
Updated on 2024-01-18 GMT+08:00
View PDF

How Enterprise Routers Work

You can attach your network connections to an enterprise router to quickly construct diversified networks and meet various service requirements. Figure 1 shows the process of using an enterprise router, including creating an enterprise router, adding attachments to the enterprise router, and configure routes.

Currently, enterprise routers support the following attachments:
  • VPC attachment: Attach VPCs from the same region as that of an enterprise router to the router.
  • Virtual gateway attachment: Attach Direct Connect virtual gateways from the same region as that of an enterprise router to the router.
  • VPN gateway attachment: Attach VPN gateways from the same region as that of an enterprise router to the router.
  • Peering connection attachment: Connect enterprise routers from different regions through a central network.
  • CFW instance attachment: Connect an enterprise router to the VPC border firewall in the same region.
Figure 1 Processing of using an enterprise router
Figure 2 shows how an enterprise router works. Table 2 describes the traffic flows in detail if an enterprise router is used for networking.
Figure 2 How an enterprise router works

If you want to attach VPN gateways to enterprise routers, use the professional edition VPN.

Table 1 Network traffic flows

No.

Route

Description

1

Request from VPC 1 to Direct Connect virtual gateway

After receiving requests from VPC 1 to the virtual gateway, enterprise router 1 searches the default route table for the route to the virtual gateway and forwards the requests through this route.

Response from Direct Connect virtual gateway to VPC 1

After receiving responses from the virtual gateway to VPC 1, enterprise router 1 searches the default route table for the route to VPC 1 and forwards the responses through this route.

2

Request from VPC 2 to Direct Connect virtual gateway

Enterprise router 1 cannot forward requests from VPC 2 to the virtual gateway because the custom route table of enterprise router 1 that is associated with VPC 2 does not contain the route to this virtual gateway.
Table 2 Working principles of an enterprise router

No.

Action

Description

1

Add attachments to the enterprise router.
Attach network instances to enterprise router 1 in region A.
  • Network instances from the same region
    • VPC attachments: VPC 1, VPC 2, and VPC 3
    • Virtual gateway attachment: Virtual gateway
    • VPN gateway attachment: VPN gateway
  • Network instances from a different region

    Peering connection attachment: Enterprise router 2 in region B

2

Associate the attachments with the route tables of the enterprise router.

Each attachment can only be associated with one route table.
  • Associate VPC 1 with the default route table of enterprise router 1 and create a propagation to propagate the routes learned from VPC 1 attachment to the default route table and custom route table of enterprise router 1.
  • Associate VPC 2 with the custom route table of enterprise router 1 and create a propagation to propagate the routes learned from VPC 2 to the custom route table.
  • Associate VPC 3 with the custom route table of enterprise router 1, and add static routes for VPC 3 to this custom route table.
  • Associate the Direct Connect virtual gateway with the default route table of enterprise router 1 and create a propagation to propagate the routes learned from the virtual gateway attachment to the default route table.
  • Associate the VPN gateway with the default route table of enterprise router 1 and create a propagation to propagate the routes learned from the VPN gateway attachment to the default route table.
  • Establish a peering connection between enterprise router 2 in region B and enterprise router 1 in region A, associate the peering connection with the default route table of enterprise router 1, and create a propagation to propagate the routes for the peering connection attachment to the default route table.

3

Create propagation for the attachments to propagate the routes to the enterprise router's route tables.

You can create multiple propagation records for the same attachment.

Attachments

If you want to attach a network instance to an enterprise router, you need to add an attachment of a specific type to the enterprise router. The attachment type varies according to the network instance, as listed in Table 3.

Table 3 Attachments

Attachment Type

Network Instance

VPC attachment

VPC

Virtual gateway attachment

Virtual gateway of Direct Connect

VPN gateway attachment

VPN gateway

Peering connection attachment

Enterprise routers from different regions. You can add enterprise routers from different regions to a central network as attachments. Each connection between enterprise routers is a peering connection attachment.

CFW instance attachment

VPC border firewall

Route Tables

Route tables are used by enterprise routers to forward packets. Route tables contain associations, propagations, and routes. Route tables are classified into custom and default route tables, as detailed in Table 4.

Table 4 Route tables

Route Table

Description

Custom route table

You can create multiple custom route tables on an enterprise router and use different routes for flexible communication and isolation between network instances.

Default route table

If you enable Default Route Table Association and Default Route Table Propagation, the system then automatically associates and propagates new attachments with the default route table.

You can specify a custom route table as the default route table. If you do not specify any route table as the default route table, the system automatically creates a default route table.

Associations

Each attachment can be associated with one route table for:
  • Packet forwarding: Packets from the attachment are forwarded through the routes specified in the associated route table.
  • Route propagation: The routes in the associated route tables are automatically propagated to the route table of the attachment.
Not all attachments can propagate routes. For details, see Table 5.
Table 5 Associations

Attachment

Route Learning

VPC

Not supported

Virtual gateway

Supported

VPN gateway

Supported

Peering connection

Supported

CFW instance

Not supported

Route Propagation

You can create a propagation for each attachment to propagate routes to one or more route tables on an enterprise router.

For VPC attachments, their CIDR blocks are propagated to the enterprise router. For other attachments, all routes are propagated to the enterprise router. For details, see Table 6.
Table 6 Propagation

Attachment

Propagated Routes to Enterprise Router

VPC

VPC CIDR blocks

Virtual gateway

All routes

VPN gateway

All routes

Peering connection

All routes

CFW instance

CIDR blocks of the VPCs protected by CFW

Routes

Routes are used to forward packets. A route contains information such as the destination, next hop, and route type. Table 7 describes the routes of different types.

Table 7 Routes

Route Type

Description

Attachment

Propagated routes

Propagated routes are automatically learned through propagation and cannot be modified or deleted.
  • VPC
  • Virtual gateway
  • VPN gateway
  • Peering connection
  • CFW instance

Static routes

Static routes are manually created and can be modified or deleted.
  • VPC
  • Peering connection
  • CFW instance