Connecting Two VPCs in Different Regions
Solution Overview
Scenarios
A company has two branches, one in Beijing and the other in Hong Kong. There are two VPCs available, one in the CN North-Beijing4 region, and the other in the CN-Hong Kong region. To enable the two branches to communicate with each other over private network connections, a cloud connection is used to link the two VPCs in different regions.
Solution Architecture
- Create a cloud connection.
- Load the two VPCs to the cloud connection.
- Buy a bandwidth package and assign inter-region bandwidths.
- Confirm whether the two VPCs can communicate with each other through the cloud connection.
For details, see Figure 1.
Advantages
- Ease of use: In just four simple steps, you can build cross-region connectivity between VPCs.
- High performance: Cloud Connect leverages the global network infrastructure of Huawei to provide high-quality, low-latency connectivity with bandwidth that can be flexibly adjusted to meet changing service requirements.
Constraints and Limitations
- A cloud connection cannot be created between VPCs that have overlapping CIDR blocks, or network communications will fail.
- If you load a VPC to a cloud connection created using the same account, you cannot enter loopback addresses, multicast addresses, or broadcast addresses for the custom CIDR block.
- If a NAT gateway has been created for any VPC you have loaded to a cloud connection, a custom CIDR block needs to be added and set to 0.0.0.0/0.
Resource Planning
The following table describes the resource planning in the best practice.
Huawei Cloud Region |
Resource |
Description |
Number of Route Tables |
Billing |
---|---|---|---|---|
CN North-Beijing4 |
VPC |
VPC subnet: 192.168.1.0/24 Custom CIDR block: 192.168.44.0/24 |
1 |
Free |
CN-Hong Kong |
VPC |
VPC subnet: 192.168.0.0/24 Custom CIDR block: 192.168.11.0/24 |
1 |
Free |
Global |
Cloud connection |
Cross-region (Chinese mainland - Asia Pacific) bandwidth package |
1 |
For details, see Cloud Connect Pricing Details. |
Cross-Region VPC Communication Process
In this scenario, to enable communication between the VPC in the CN-North Beijing4 region and the VPC in the CN-Hong Kong region, you need to apply for a cross-border permit to ensure data transmission security. Then, you need to create a cloud connection and load the two VPCs, purchase a bandwidth package, and configure the inter-region bandwidth.
Procedure
- Apply for a cross-border permit.
Skip this step if you do not require cross-border communications.
Apply for a cross-border permit only when a VPC to be connected is outside the Chinese mainland and other VPCs are inside the Chinese mainland.
- Log in to the management console.
- Hover on to display Service List and choose Networking > Cloud Connect.
- In the navigation pane on the left, choose Cloud Connect > Bandwidth Packages.
- On the displayed page, click apply now.
The Cross-Border Service Application System page is displayed.
- On the application page, set related parameters and upload related materials.
Table 2 Online cross-border permit application Parameter
Applicant Name
Huawei Cloud UID
Type of Product
Bandwidth (M)
Start Date
Termination Date
Customer Type
Country of the Customer
Contact Name
Contact Number
Type of ID
ID Number
Scope of Business
Number of Employees
Per Capita Bandwidth
Branch Location Country
Huawei Cloud ID is your account ID. You can take the following steps to obtain your account ID.- Log in to the management console.
- Click the username and select My Credentials from the drop-down list.
Figure 3 My credentials
- On the API Credentials page, view the Account ID.
Figure 4 Obtaining an account ID
Table 3 Required materials Material
Signature
Seal
Description
A scanned copy of your company's business license
-
√
See the template Huawei Cloud provides for the position of the seal.
A scanned copy of Huawei Cloud Cross-Border Circuit Service Agreement
√
√
- Sign the material on the signature block.
- Stamp the seal over the signature.
A scanned copy of China Unicom Letter of Commitment to Information Security of the Cross-Border Circuit Service
√
√
- Sign the material on the signature block.
- Stamp the seal over the signature.
- Specify the bandwidth you estimated and your company name.
- Click Submit.
- Create a cloud connection.
- Log in to the management console.
- Hover on the upper left corner to display Service List and choose Networking > Cloud Connect.
- In the navigation pane on the left, choose Cloud Connect > Cloud Connections.
- Click Create Cloud Connection.
- On the displayed Create Cloud Connection dialog box, configure the parameters and click OK.
Figure 5 Create Cloud Connection
- Load network instances.
- Locate the cloud connection, cloudconnect-001, and click its name.
- Click Network Instances.
- Click Load Network Instance.
- Configure parameters based on Table 4 and then click OK.
Table 4 Parameters required for loading network instances Parameter
Description
Account
Specifies whether network instances will be loaded across accounts.
Select Current account.
Region
Specifies the region where the VPC you want to connect is located.
Instance Type
Specifies the type of the network instance. Two options are available, VPC and Virtual gateway.
You can only load VPCs across accounts.
Select VPC.
NOTE:If you select Enterprise router for Scenario, the network instance type is enterprise router by default.
VPC
Specifies the VPC you want to load to the cloud connection.
This parameter is mandatory if you have set Instance Type to VPC.
VPC CIDR Block
Specifies the subnets of the VPC you want to load and the custom CIDR blocks.
If you have set Instance Type to VPC, configure the following two parameters:
- Subnet: Select one or all subnets of the VPC.
- Other CIDR Block: Add one or more custom CIDR blocks as needed.
Figure 6 Loading a network instance
- In the dialog box indicating that the loading is successful, click Load Another Instance, configure the parameters based on Table 4, and then click OK.
- Buy a bandwidth package.
By default, the system allocates 10 kbit/s of bandwidth for testing network connectivity across regions. To ensure normal network communications between regions in the same geographic region or across geographic regions, you need to purchase a bandwidth package and bind it to a cloud connection.
- Hover on the upper left corner to display Service List and choose Networking > Cloud Connect.
- In the navigation pane on the left, choose Cloud Connect > Bandwidth Packages.
- Click Buy Bandwidth Package.
- Configure the parameters and click Buy Now.
Table 5 Parameters required for buying a bandwidth package Parameter
Description
Billing Mode
Specifies how you want the bandwidth package to be billed.
You can purchase it by year or month as needed.
Name
Specifies the bandwidth package name.
The name can contain 1 to 64 characters, including only digits, letters, hyphens (-), underscores (_), and periods (.).
Billed By
Specifies by what you want the bandwidth package to be billed.
Applicability
Specifies whether you want to use the bandwidth package for network communications within a geographic region or between geographic regions.
Two options are available:
Single Geographic Region: Use the bandwidth package between regions in the same geographic region.
Across Geographic Regions: Use the bandwidth package between regions in different geographic regions.
Geographic Region
Specifies the geographic region.
Bandwidth
Specifies the bandwidth you require for network communications across regions. The sum of all inter-region bandwidths cannot exceed the bandwidth of the bandwidth package. Assign the bandwidth based on your network plan.
Unit: Mbit/s
Tag
Identifies the bandwidth package. A tag consists of a key and a value. You can add a maximum of 10 tags to a bandwidth package.
Tag keys and values must meet the requirements listed in Table 6.
NOTE:If a predefined tag has been created on TMS, you can directly select the corresponding tag key and value.
For details about predefined tags, see Predefined Tags.
Required Duration
Specifies how long you require the bandwidth package for.
Auto renewal is supported.
Cloud Connection
Specifies the cloud connection you want to bind the bandwidth package to.
Two options are available, Bind now and Bind later.
Table 6 Tag key and value requirements Parameter
Requirements
Key
- Cannot be left blank.
- Must be unique for each resource.
- Can contain a maximum of 36 characters.
- Can contain only letters, digits, hyphens, underscores, and Unicode characters from \u4e00 to \u9fff.
Value
- Can be left blank.
- Can contain a maximum of 43 characters.
- Can contain only letters, digits, period, hyphens, underscores, and Unicode characters from \u4e00 to \u9fff.
- Confirm the information and click Pay Now.
- Click Pay.
Go back to the bandwidth package list and locate the bandwidth package. If its status changes to Normal, you can bind the bandwidth package to a cloud connection.
- Assign inter-region bandwidth.
- Log in to the management console.
- Hover on the upper left corner to display Service List and choose Networking > Cloud Connect.
- In the navigation pane on the left, choose Cloud Connect > Cloud Connections.
- In the cloud connection list, locate the cloud connection and click its name.
- Click Inter-Region Bandwidths.
- Click Assign Inter-Region Bandwidth and configure the parameters based on Table 7.
Table 7 Parameters required for assigning inter-region bandwidth Parameter
Description
Regions
Specifies the two regions between which network communications are required.
Bandwidth Package
Specifies the bandwidth package you want to bind to the cloud connection.
Bandwidth
Specifies the bandwidth you require for communications between regions, in Mbit/s.
The sum of all inter-region bandwidths you assign cannot exceed the total bandwidth of the bandwidth package. Plan the bandwidth in advance.
- Click OK.
After the inter-region bandwidth is configured, branch offices in Beijing and Hong Kong can communicate with each other. You can check the routing information to verify the configuration.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot