Updated on 2024-12-16 GMT+08:00

Step 3: Create a Virtual Interface

Scenario

After the connection and the gateway are ready, you need to create a virtual interface so that your network can access the VPC.

Procedure

  1. Go to the Virtual Interfaces page.
  2. In the upper left corner of the page, click and select a region and project.
  3. In the upper right corner, click Create Virtual Interface.
    Configure the parameters based on Table 1.
    Figure 1 Creating a virtual interface
    Table 1 Parameters for creating a virtual interface for your own account

    Parameter

    Example Value

    Description

    Virtual Interface Owner

    Current account

    Specifies the account that this virtual interface will be created for.

    Region

    CN-Hong Kong

    Specifies the region where the connection resides. You can also change the region in the upper left corner of the console.

    Name

    vif-123

    Specifies the virtual interface name.

    The name can contain 1 to 64 characters.

    Virtual Interface Priority

    -

    Specifies whether the virtual interface will be used prior to other virtual interfaces. There are two options: Preferred and Standard.

    If multiple virtual interfaces are associated with one Direct Connect device, the load is balanced among virtual interfaces with the same priority, while virtual interfaces with different priorities are working in active/standby pairs.

    Connection

    dc-123

    Specifies the connection you can use to connect your on-premises network to Huawei Cloud.

    Gateway

    Virtual gateway

    Specifies the gateway that the virtual interface connects to.

    You can select a virtual gateway or global DC gateway.

    Virtual Gateway

    vgw-123

    Specifies the virtual gateway that the virtual interface connects to.

    This parameter is mandatory when Gateway is set to Virtual gateway.

    Global DC Gateway

    dgw-123

    Specifies the global DC gateway that the virtual interface connects to.

    This parameter is mandatory when Gateway is set to Global DC gateway.

    VLAN

    30

    Specifies the ID of the VLAN for the virtual interface.

    You need to configure the VLAN if you create a standard connection.

    The VLAN for a hosted connection will be allocated by the carrier or partner. You do not need to configure the VLAN.

    Bandwidth (Mbit/s)

    50

    Specifies the bandwidth that can be used by the virtual interface. The bandwidth cannot exceed that of the connection.

    Enable Rate Limiting

    -

    Limits the highest bandwidth that can be used by the virtual interface. If this option is enabled, the rate limit gradients are as follows:

    • If the bandwidth is less than or equal to 100 Mbit/s, the rate limit gradient is 10 Mbit/s.
    • If the bandwidth is greater than 100 Mbit/s but is less than or equal to 1,000 Mbit/s, the rate limit gradient is 100 Mbit/s.
    • If the bandwidth is greater than 1,000 Mbit/s but is less than or equal to 100 Gbit/s, the rate limit gradient is 1 Gbit/s.
    • If the bandwidth is greater than 100 Gbit/s, the rate limit gradient is 10 Gbit/s.

    For example, if the bandwidth is 52 Mbit/s, the actual rate limit is 60 Mbit/s. If the bandwidth is 115 Mbit/s, the actual rate limit is 200 Mbit/s.

    NOTE:

    Bandwidth limiting of virtual interfaces is being and will be launched in each region. You can view the regions where the option is rolled out on the management console.

    Enterprise Project

    default

    Specifies the enterprise project by which virtual interfaces are centrally managed. Select an existing enterprise project.

    Tag

    example_key1

    example_value1

    Adds tags to help you identify your virtual interface. You can change them after the virtual interface is created.

    IP Address Family

    -

    Specifies the address type of the virtual interface.

    IPv4 is selected by default.

    Local Gateway

    10.0.0.1/30

    Specifies the IP address used by the cloud to connect to your on-premises network. After you configure Local Gateway on the console, the configuration will be automatically delivered to the gateway used by the cloud.

    Remote Gateway

    10.0.0.2/30

    Specifies the IP address used by the on-premises data center to connect to the cloud. After you configure Remote Gateway on the console, you need to configure the IP address on the interface of the on-premises device.

    CAUTION:

    The IP addresses of the local gateway and remote gateway must be in the same IP address range. Generally, an IP address range with a 30-bit mask is used. The IP addresses you plan cannot conflict with IP addresses used on your on-premises network. Plan an IP address range that will be used at both ends of the connection for network communication between your on-premises data center and the cloud.

    Remote Subnet

    192.168.51.0/24, 10.1.123.0/24

    Specifies the subnets and masks of your on-premises network. If there are multiple subnets, use commas (,) to separate them.

    Routing Mode

    BGP

    Specifies whether static routing or dynamic routing is used to route traffic between your on-premises network and the cloud network.

    If there are or will be two or more connections, select BGP routing for higher availability.

    BGP ASN

    12345

    Specifies the autonomous system number (ASN) of the BGP peer.

    This parameter is required when BGP routing is selected.

    BGP MD5 Authentication Key

    12345678

    Specifies the password used to authenticate the BGP peer using MD5.

    This parameter can be set when BGP routing is selected, and the parameter values on both gateways must be the same.

    The key contains 8 to 255 characters and must contain at least two types of the following characters:

    • Uppercase letters
    • Lowercase letters
    • Digits
    • Special characters ~!,.:;-_"(){}[]/@#$%^&*+\|=

    Description

    -

    Provides supplementary information about the virtual interface.

    If you want to create a virtual interface for other accounts, configure the parameters based on Table 2.
    Table 2 Parameters for creating a virtual interface for another account

    Parameter

    Example Value

    Description

    Virtual Interface Owner

    Another account

    Specifies the account that this virtual interface will be created for. You create a virtual interface for another account so that this account can use your connection to access the VPC.

    NOTE:

    Virtual interfaces that you create for other users take effect only after other users accept them.

    Region

    CN North-Beijing4

    Specifies the region where the connection resides. You can also change the region in the upper left corner of the console.

    Name

    vif-123

    Specifies the virtual interface name.

    The name can contain 1 to 64 characters.

    Virtual Interface Priority

    -

    Specifies whether the virtual interface will be used prior to other virtual interfaces. There are two options: Preferred and Standard.

    If multiple virtual interfaces are associated with one Direct Connect device, the load is balanced among virtual interfaces with the same priority, while virtual interfaces with different priorities are working in active/standby pairs.

    Connection

    dc-123

    Specifies the connection you can use to connect your on-premises network to Huawei Cloud.

    Gateway

    Virtual gateway

    Specifies the gateway that the virtual interface connects to.

    You can select a virtual gateway or global DC gateway.

    A virtual gateway is used as an example.

    Project ID

    -

    Specifies the ID of the project that the virtual gateway belongs to. On the management console, hover the cursor over the account name in the upper right corner and select My Credentials. On the My Credentials page, view the project ID.

    This parameter is mandatory when Gateway is set to Virtual gateway.

    ID

    -

    Specifies the ID of the virtual gateway. In the virtual gateway list, hover the cursor over the virtual gateway name and view the name and ID of the virtual gateway.

    This parameter is mandatory when Gateway is set to Virtual gateway.

    Project ID

    -

    Specifies the ID of the project that the global DC gateway belongs to. On the management console, hover the cursor over the account name in the upper right corner and select My Credentials. On the My Credentials page, view the project ID.

    This parameter is mandatory when Gateway is set to Global DC gateway.

    Global DC Gateway ID

    -

    This parameter is mandatory when Gateway is set to Global DC gateway.

    Specifies the ID of the global DC gateway. In the global DC gateway list, hover the cursor over the global DC gateway name and view the name and ID of the global DC gateway.

    VLAN

    30

    Specifies the ID of the VLAN for the virtual interface.

    You need to configure the VLAN if you create a standard connection.

    The VLAN for a hosted connection will be allocated by the carrier or partner. You do not need to configure the VLAN.

    Bandwidth (Mbit/s)

    50

    Specifies the bandwidth that can be used by the virtual interface. The bandwidth cannot exceed that of the connection.

    Enable Rate Limiting

    -

    Limits the highest bandwidth that can be used by the virtual interface. If this option is enabled, the rate limit gradients are as follows:

    • If the bandwidth is less than or equal to 100 Mbit/s, the rate limit gradient is 10 Mbit/s.
    • If the bandwidth is greater than 100 Mbit/s but is less than or equal to 1,000 Mbit/s, the rate limit gradient is 100 Mbit/s.
    • If the bandwidth is greater than 1,000 Mbit/s but is less than or equal to 100 Gbit/s, the rate limit gradient is 1 Gbit/s.
    • If the bandwidth is greater than 100 Gbit/s, the rate limit gradient is 10 Gbit/s.

    For example, if the bandwidth is 52 Mbit/s, the actual rate limit is 60 Mbit/s. If the bandwidth is 115 Mbit/s, the actual rate limit is 200 Mbit/s.

    Tag

    example_key1

    example_value1

    Adds tags to help you identify your virtual interface. You can change them after the virtual interface is created.

    IP Address Family

    -

    Specifies the address type of the virtual interface.

    IPv4 is selected by default.

    Local Gateway

    10.0.0.1/30

    Specifies the IP address used by the cloud to connect to your on-premises network. After you configure Local Gateway on the console, the configuration will be automatically delivered to the gateway used by the cloud.

    Remote Gateway

    10.0.0.2/30

    Specifies the IP address used by the on-premises data center to connect to the cloud. After you configure Remote Gateway on the console, you need to configure the IP address on the interface of the on-premises device.

    CAUTION:

    The IP addresses of the local gateway and remote gateway must be in the same IP address range. Generally, an IP address range with a 30-bit mask is used. The IP addresses you plan cannot conflict with IP addresses used on your on-premises network. Plan an IP address range that will be used at both ends of the connection for network communication between your on-premises data center and the cloud.

    Remote Subnet

    192.168.51.0/24,10.1.123.0/24

    Specifies the subnets and masks of your on-premises network. If there are multiple subnets, use commas (,) to separate them.

    Routing Mode

    BGP

    Specifies whether static routing or dynamic routing is used to route traffic between your on-premises network and the cloud network.

    If there are or will be two or more connections, select BGP routing for higher availability.

    BGP ASN

    12345

    Specifies the ASN of the BGP peer.

    This parameter is required when BGP routing is selected.

    BGP MD5 Authentication Key

    12345678

    Specifies the password used to authenticate the BGP peer using MD5.

    This parameter can be set when BGP routing is selected, and the parameter values on both gateways must be the same.

    The key contains 8 to 255 characters and must contain at least two types of the following characters:

    • Uppercase letters
    • Lowercase letters
    • Digits
    • Special characters ~!,.:;-_"(){}[]/@#$%^&*+\|=

    Description

    -

    Provides supplementary information about the virtual interface.

    When you configure the local and remote gateways, note the following:

    • The local gateway is used by Huawei Cloud for connecting to your equipment room. After you configure Local Gateway on the console, the configuration will be automatically delivered to the gateway used by Huawei Cloud.
    • The remote gateway is used by your equipment room for connecting to Huawei Cloud. After you configure Remote Gateway on the console, you also need to configure the gateway deployed in your equipment room.
    • The local and remote gateways must use the same CIDR block and cannot conflict with service IP addresses on the network.
  4. Click Create Now.

    When the status changes to Normal, the virtual interface has been created.

  5. Ping the IP address of a server in the VPC from your on-premises data center to test network connectivity.