Help Center/ Enterprise Router/ Service Overview/ How Enterprise Routers Work
Updated on 2024-10-14 GMT+08:00

How Enterprise Routers Work

You can attach your network connections to an enterprise router to quickly construct diversified networks and meet various service requirements. Figure 1 shows the process of using an enterprise router, including creating an enterprise router, adding attachments to the enterprise router, and configure routes.

Enterprise routers support the following attachments:
  • VPC attachment: Attach a VPC from the same region as that of an enterprise router.
  • Virtual gateway attachment: Attach a Direct Connect virtual gateway from the same region as that of an enterprise router.
  • VPN gateway attachment: Attach a VPN gateway from the same region as that of an enterprise router.
  • Peering connection attachment: Connect enterprise routers from different regions through a central network.
  • Global DC gateway attachment: Attach a Direct Connect global DC gateway in the same region.
  • CFW instance attachment: Connect an enterprise router to the VPC border firewall in the same region.
Figure 1 Processing of using an enterprise router
Figure 2 shows how an enterprise router works. Table 2 describes the traffic flows in detail if an enterprise router is used for networking.
Figure 2 How an enterprise router works
Table 1 Network traffic flows

No.

Route

Description

1

Request path: from VPC1 to the global DC gateway

After receiving requests from VPC 1 to the global DC gateway, enterprise router 1 searches the default route table for the route to the global DC gateway and forwards the requests through this route.

Response path: from global DC gateway to VPC1

After receiving responses from the global DC gateway to VPC 1, enterprise router 1 searches the default route table for the route to VPC 1 and forwards the responses through this route.

2

Request path: from VPC2 to the global DC gateway

Enterprise router 1 cannot forward requests from VPC 2 to the global DC gateway because the custom route table of enterprise router 1 that is associated with VPC 2 does not contain the route to this global DC gateway.

Table 2 Working principles of an enterprise router

No.

Action

Description

1

Add attachments to the enterprise router.

Attach network instances to enterprise router 1 in region A.
  • Network instances from the same region
    • VPC attachments: VPC 1, VPC 2, and VPC 3
    • Global DC gateway attachment: global DC gateway
    • VPN gateway attachment: VPN gateway
  • Network instances from a different region

    Peering connection attachment: Enterprise router 2 in region B

2

Associate the attachments with the route tables of the enterprise router.

Each attachment can only be associated with one route table.

  • Associate VPC 1 with the default route table of enterprise router 1 and create a propagation to propagate the routes learned from VPC 1 attachment to the default route table and custom route table of enterprise router 1.
  • Associate VPC 2 with the custom route table of enterprise router 1 and create a propagation to propagate the routes learned from VPC 2 to the custom route table.
  • Associate VPC 3 with the custom route table of enterprise router 1, and add static routes for VPC 3 to this custom route table.
  • Associate the Direct Connect global DC gateway with the default route table of enterprise router 1 and create a propagation to propagate the routes learned from the global DC gateway attachment to the default route table.
  • Associate the VPN gateway with the default route table of enterprise router 1 and create a propagation to propagate the routes learned from the VPN gateway attachment to the default route table.
  • Establish a peering connection between enterprise router 2 in region B and enterprise router 1 in region A, associate the peering connection with the default route table of enterprise router 1, and create a propagation to propagate the routes for the peering connection attachment to the default route table.

3

Create propagation for the attachments to propagate the routes to the enterprise router's route tables.

You can create multiple propagation records for the same attachment.

Attachments

If you want to attach a network instance to an enterprise router, you need to add an attachment of a specific type to the enterprise router. The attachment type varies by type of the network instance, as listed in Table 3.

Table 3 Attachments

Attachment Type

Network Instance

VPC attachment

VPC

Virtual gateway attachment

Virtual gateway of Direct Connect

VPN gateway attachment

VPN gateway

Peering connection attachment

Enterprise routers from different regions. You can add enterprise routers from different regions to a central network as attachments. Each connection between enterprise routers is a peering connection attachment.

Global DC gateway attachment

Global DC gateway in Direct Connect

CFW instance attachment

VPC border firewall

Route Tables

Route tables are used by enterprise routers to forward packets. Route tables contain associations, propagations, and routes. Route tables are classified into custom and default route tables, as detailed in Table 4.

Table 4 Route tables

Route Table Type

Description

Custom route table

You can create multiple custom route tables on an enterprise router and use different routes for flexible communication and isolation between network instances.

Default route table

If you enable Default Route Table Association and Default Route Table Propagation, the system then automatically associates and propagates new attachments with the default route table.

You can specify a custom route table as the default route table. If you do not specify any route table as the default route table, the system automatically creates a default route table.

Associations

Each attachment can be associated with one route table for:
  • Packet forwarding: Packets from the attachment are forwarded through the routes specified in the associated route table.
  • Route propagation: The routes in the associated route tables are automatically propagated to the route table of the attachment.
Not all attachments can propagate routes. For details, see Table 5.
Table 5 Associations

Attachment Type

Route Learning

VPC

Not supported

Virtual gateway

Supported

VPN gateway

Supported

Peering connection

Supported

Global DC gateway

Supported

CFW instance

Not supported

Route Propagation

You can create a propagation for each attachment to propagate routes to one or more route tables on an enterprise router.

For VPC attachments, their CIDR blocks are propagated to the enterprise router. For other attachments, all routes are propagated to the enterprise router. For details, see Table 6.
Table 6 Propagation

Attachment Type

Propagated Routes to Enterprise Router

VPC

VPC CIDR blocks

Virtual gateway

All routes

VPN gateway

All routes

Peering connection

All routes

Global DC gateway

All routes

CFW instance

CIDR blocks of the VPCs protected by CFW

Routes

Routes are used to forward packets. A route contains information such as the destination, next hop, and route type. Table 7 describes the routes of different types.

Table 7 Routes

Route Type

Description

Attachment

Propagated routes

Propagated routes are automatically learned through propagation and cannot be modified or deleted.

  • VPC
  • Virtual gateway
  • VPN gateway
  • Peering connection
  • Global DC gateway
  • CFW instance

Static routes

Static routes are manually created and can be modified or deleted.

  • VPC
  • Peering connection
  • CFW instance