Compute
Elastic Cloud Server
Huawei Cloud Flexus
Bare Metal Server
Auto Scaling
Image Management Service
Dedicated Host
FunctionGraph
Cloud Phone Host
Huawei Cloud EulerOS
Networking
Virtual Private Cloud
Elastic IP
Elastic Load Balance
NAT Gateway
Direct Connect
Virtual Private Network
VPC Endpoint
Cloud Connect
Enterprise Router
Enterprise Switch
Global Accelerator
Management & Governance
Cloud Eye
Identity and Access Management
Cloud Trace Service
Resource Formation Service
Tag Management Service
Log Tank Service
Config
OneAccess
Resource Access Manager
Simple Message Notification
Application Performance Management
Application Operations Management
Organizations
Optimization Advisor
IAM Identity Center
Cloud Operations Center
Resource Governance Center
Migration
Server Migration Service
Object Storage Migration Service
Cloud Data Migration
Migration Center
Cloud Ecosystem
KooGallery
Partner Center
User Support
My Account
Billing Center
Cost Center
Resource Center
Enterprise Management
Service Tickets
HUAWEI CLOUD (International) FAQs
ICP Filing
Support Plans
My Credentials
Customer Operation Capabilities
Partner Support Plans
Professional Services
Analytics
MapReduce Service
Data Lake Insight
CloudTable Service
Cloud Search Service
Data Lake Visualization
Data Ingestion Service
GaussDB(DWS)
DataArts Studio
Data Lake Factory
DataArts Lake Formation
IoT
IoT Device Access
Others
Product Pricing Details
System Permissions
Console Quick Start
Common FAQs
Instructions for Associating with a HUAWEI CLOUD Partner
Message Center
Security & Compliance
Security Technologies and Applications
Web Application Firewall
Host Security Service
Cloud Firewall
SecMaster
Anti-DDoS Service
Data Encryption Workshop
Database Security Service
Cloud Bastion Host
Data Security Center
Cloud Certificate Manager
Edge Security
Situation Awareness
Managed Threat Detection
Blockchain
Blockchain Service
Web3 Node Engine Service
Media Services
Media Processing Center
Video On Demand
Live
SparkRTC
MetaStudio
Storage
Object Storage Service
Elastic Volume Service
Cloud Backup and Recovery
Storage Disaster Recovery Service
Scalable File Service Turbo
Scalable File Service
Volume Backup Service
Cloud Server Backup Service
Data Express Service
Dedicated Distributed Storage Service
Containers
Cloud Container Engine
Software Repository for Container
Application Service Mesh
Ubiquitous Cloud Native Service
Cloud Container Instance
Databases
Relational Database Service
Document Database Service
Data Admin Service
Data Replication Service
GeminiDB
GaussDB
Distributed Database Middleware
Database and Application Migration UGO
TaurusDB
Middleware
Distributed Cache Service
API Gateway
Distributed Message Service for Kafka
Distributed Message Service for RabbitMQ
Distributed Message Service for RocketMQ
Cloud Service Engine
Multi-Site High Availability Service
EventGrid
Dedicated Cloud
Dedicated Computing Cluster
Business Applications
Workspace
ROMA Connect
Message & SMS
Domain Name Service
Edge Data Center Management
Meeting
AI
Face Recognition Service
Graph Engine Service
Content Moderation
Image Recognition
Optical Character Recognition
ModelArts
ImageSearch
Conversational Bot Service
Speech Interaction Service
Huawei HiLens
Video Intelligent Analysis Service
Developer Tools
SDK Developer Guide
API Request Signing Guide
Terraform
Koo Command Line Interface
Content Delivery & Edge Computing
Content Delivery Network
Intelligent EdgeFabric
CloudPond
Intelligent EdgeCloud
Solutions
SAP Cloud
High Performance Computing
Developer Services
ServiceStage
CodeArts
CodeArts PerfTest
CodeArts Req
CodeArts Pipeline
CodeArts Build
CodeArts Deploy
CodeArts Artifact
CodeArts TestPlan
CodeArts Check
CodeArts Repo
Cloud Application Engine
MacroVerse aPaaS
KooMessage
KooPhone
KooDrive

Route Table and Route Overview

Updated on 2025-01-17 GMT+08:00

What Is a Route Table?

A route table contains a set of routes that are used to control the traffic in and out of your subnets in a VPC. Each subnet must be associated with a route table. A subnet can only be associated with one route table, but a route table can be associated with multiple subnets.

Both IPv4 and IPv6 routes are supported.

Figure 1 Route tables
  • Default route table: Each VPC comes with a default route table. If you create a subnet in a VPC, the subnet associates with the default route table. The default route table ensures that subnets in a VPC can communicate with each other.
    • You can add routes to, delete routes from, and modify routes in the default route table, but cannot delete the table.
    • When you create a VPN, Cloud Connect, or Direct Connect connection, the default route table automatically delivers a route that cannot be deleted or modified.
  • Custom route table: If you do not want to use the default route table, you can create a custom route table and associate it with the subnet. Custom route tables can be deleted if they are no longer required.

    The custom route table associated with a subnet only controls the outbound traffic. The default route table of a subnet controls the inbound traffic.

NOTE:

By default, the quota for custom route tables is 0. To create custom route tables, apply for a quota increase first.

Route

You can add routes to both default and custom route tables and configure the destination, next hop type, and next hop for the routes to determine where network traffic is directed. Routes are classified into system routes and custom routes.

  • System route: A system route is automatically added by the VPC service or other services (such as VPN and Direct Connect) and cannot be deleted or modified.
    Each route table comes with routes whose next hops are Local. Generally, a route table contains the following local routes:
    • Routes whose destination is 100.64.0.0/10, which is used to deploy public services, for example, the DNS servers. The route directs instances in a subnet to access these services.
    • Routes whose destination is 198.19.128.0/20 (IP address range used by internal services, such as VPC Endpoint).
    • Routes whose destination is 127.0.0.0/8 (local loopback addresses)
    • Routes whose destination is a subnet CIDR block that enables instances in a VPC to communicate with each other.
      If you enable IPv6 when creating a subnet, the system automatically assigns an IPv6 CIDR block to the subnet. Then, you can view IPv6 routes in its route table. Example destinations of subnet CIDR blocks are as follows:
      • IPv4: 192.168.2.0/24
      • IPv6: 2407:c080:802:be7::/64
  • Custom route: After a route table is created, you can add custom routes and configure information such as the destination and next hop in the route to determine where network traffic is directed. In addition to manually added custom routes, there are custom routes added by other cloud services, such as Cloud Container Engine (CCE) or NAT Gateway.

    Route tables include default route tables and custom route tables. They support the next hop types described in Table 1 and Table 2. The default route table supports fewer next hop types than a custom route table. This is because some basic services like VPN, Direct Connect, and Cloud Connect automatically add routes to the default table.

    Table 1 Next hop types supported by the default route table

    Next Hop Type

    Description

    Server

    Traffic intended for the destination is forwarded to an ECS in the VPC.

    Extension NIC

    Traffic intended for the destination is forwarded to the extended network interface of an ECS in the VPC.

    Supplementary network interface

    Traffic intended for the destination is forwarded to the supplementary network interface of an ECS in the VPC.

    NAT gateway

    Traffic intended for the destination is forwarded to a NAT gateway.

    VPC peering connection

    Traffic intended for the destination is forwarded to a VPC peering connection.

    Virtual IP address

    Traffic intended for the destination is forwarded to a virtual IP address and then sent to active and standby ECSs to which the virtual IP address is bound.

    VPC endpoint

    Traffic intended for the destination is forwarded to a VPC endpoint.

    Cloud container

    Traffic intended for the destination is forwarded to a cloud container.

    Enterprise router

    Traffic intended for the destination is forwarded to an enterprise router.

    Cloud firewall

    Traffic intended for the destination is forwarded to a cloud firewall.

    Global internet gateway

    Traffic intended for the destination is forwarded to a global internet gateway.

    Table 2 Next hop types supported by a custom route table

    Next Hop Type

    Description

    Server

    Traffic intended for the destination is forwarded to an ECS in the VPC.

    Extension NIC

    Traffic intended for the destination is forwarded to the extended network interface of an ECS in the VPC.

    BMS user-defined network

    Traffic intended for the destination is forwarded to a BMS user-defined network.

    VPN gateway

    Traffic intended for the destination is forwarded to a VPN gateway.

    Direct Connect gateway

    Traffic intended for the destination is forwarded to a Direct Connect gateway.

    Cloud connection

    Traffic intended for the destination is forwarded to a cloud connection.

    Supplementary network interface

    Traffic intended for the destination is forwarded to the supplementary network interface of an ECS in the VPC.

    NAT gateway

    Traffic intended for the destination is forwarded to a NAT gateway.

    VPC peering connection

    Traffic intended for the destination is forwarded to a VPC peering connection.

    Virtual IP address

    Traffic intended for the destination is forwarded to a virtual IP address and then sent to active and standby ECSs to which the virtual IP address is bound.

    VPC endpoint

    Traffic intended for the destination is forwarded to a VPC endpoint.

    Cloud container

    Traffic intended for the destination is forwarded to a cloud container.

    Enterprise router

    Traffic intended for the destination is forwarded to an enterprise router.

    Cloud firewall

    Traffic intended for the destination is forwarded to a cloud firewall.

    Global internet gateway

    Traffic intended for the destination is forwarded to a global internet gateway.

    NOTE:

    If you specify the destination when creating a resource, a system route is delivered. If you do not specify a destination when creating a resource, a custom route that can be modified or deleted is delivered.

    For example, when you create a NAT gateway, the system automatically delivers a custom route without a specific destination (0.0.0.0/0 is used by default). In this case, you can change the destination. However, when you create a VPN gateway, you need to specify the remote subnet as the destination of a route. In this case, this route will be delivered as a system route. Do not modify the route destination on the Route Tables page. If you do, the destination will be inconsistent with the configured remote subnet. To modify the route destination, go to the specific resource page and modify the remote subnet, then the route destination will be changed accordingly.

    You cannot add a route whose next hop type is VPC endpoint or Cloud container to a route table. These routes are automatically added by the VPC Endpoint or CCE service.

Notes and Constraints

When you create a VPC, the system automatically generates a default route table for the VPC. You can also create a custom route table.
  • A VPC can be associated with a maximum of five route tables, including the default route table and four custom route tables.
  • All route tables in a VPC can have a maximum of 1,000 routes, excluding system routes.
In each VPC route table, there are local routes and custom routes.
  • Generally, the destination of a custom route cannot overlap with that of a local route. The destination of a local route can be a subnet CIDR block and CIDR blocks that are used for internal communications.
  • You cannot add two routes with the same destination to a VPC route table even if their next hop types are different.
  • When adding routes to a VPC route table, remember the route priority described in Table 3.
    Table 3 Route priorities

    Route Priority

    Description

    Local routes preferentially matched

    A local route is the default route for communications within a VPC. They have the highest priority.

    Most accurate route (longest prefix match)

    If there are multiple routes that match the request destination, the longest prefix match routing is used. This means the route that has the longest subnet mask is preferentially used to determine the next hop.

    Example:
    • A request is destined for 192.168.1.12/32.
    • The destination of route A is 192.168.0.0/16, with an ECS (ECS-A) as the next hop.
    • The destination of route B is 192.168.1.0/24, with a VPC peering connection as the next hop.

    According to the longest prefix match routing rule, the request preferentially matches route B and will be forwarded to the VPC peering connection.

    EIP

    If a custom route in the route table points to 0.0.0.0/0 and an ECS in the subnet has an EIP bound, the EIP has a higher priority. In this case, the EIP is used to access the Internet by default.

    Example:
    • The destination of route A is 0.0.0.0/0, with an NAT gateway as the next hop.
    • An ECS in a VPC subnet has an EIP bound.

    In this case, the ECS will use the EIP to access the Internet instead of the NAT gateway.

    Figure 2 Viewing VPC route tables

Custom Route Table Configuration Process

Figure 3 Process for configuring a route table
Table 4 Process for configuring a route table

No.

Step

Description

Reference

1

Create a custom route table.

If your default route table cannot meet your service requirements, you can create a custom route table.

The custom route table associated with a subnet only controls the outbound traffic. The default route table of a subnet controls the inbound traffic.

Creating a Custom Route Table

2

Add a route.

You can add a custom route and configure information such as the destination and next hop in the route to determine where network traffic is directed.

Adding Routes to a Route Table

3

Associate the route table with a subnet.

After a route table is associated with a subnet, the routes in the route table control the routing for the subnet and apply to all cloud resources in the subnet.

Associating a Route Table with a Subnet

We use cookies to improve our site and your experience. By continuing to browse our site you accept our cookie policy. Find out more

Feedback

Feedback

Feedback

0/500

Selected Content

Submit selected content with the feedback