Connecting an On-Premises Data Center to a VPC over a Single Connection and Using BGP Routing to Route Traffic
Overview
Connect your on-premises network to the cloud network and use BGP routes to route traffic between your on-premises network and the VPC.
Prerequisites
- Your on-premises network must use a single-mode fiber with a 1GE, 10GE, 40GE, or 100GE optical module to connect to the access device in the cloud.
- Auto-negotiation for the port must be disabled. Port speed and full-duplex mode must be manually configured.
- 802.1Q VLAN encapsulation is supported on your on-premises network.
- Your device supports BGP and does not use ASN 64512, which is used by Huawei Cloud.
Typical Topology
Your on-premises network is connected to a VPC in the CN-Hong Kong region over a single connection.
For details on how to create a VPC, see the Creating a VPC.
Item |
CIDR Block |
---|---|
Your on-premises network |
10.1.123.0/24 |
Local and remote gateways (addresses for interconnection) |
10.0.0.0/30 |
VPC |
192.168.0.0/16 |
Procedure
- Create a connection.
- Log in to the management console.
- On the console homepage, click in the upper left corner and select the desired region and project.
- Click to display Service List and choose Networking > Direct Connect.
- In the navigation pane on the left, choose Direct Connect > Connections.
- Click Create Connection.
- On the Create Connection page, enter the equipment room details and select the Direct Connect location and port based on Table 2.
Figure 2 Creating a self-service connection
Table 2 Parameters for creating a connection Parameter
Description
Billing Mode
Specifies how you will be billed for the connection. Currently, only Yearly/Monthly is supported.
Region
Specifies the region where the connection resides. You can also change the region in the upper left corner of the console.
Connection Name
Specifies the name of your connection.
Location
Specifies the Direct Connect location where your leased line can be connected to.
Carrier
Specifies the carrier that provides the leased line.
Port Type
Specifies the type of the port that the leased line is connected to. There are four types of ports: 1GE, 10GE, 40GE, and 100GE.
Leased Line Bandwidth
Specifies the bandwidth of the leased line in the unit of Mbit/s.
Your Equipment Room Address
Specifies the address of your equipment room. The address must be specific to the floor your equipment room is on, for example, XX Equipment Room, XX Building, No. XX, Huajing Road, Pudong District, Shanghai.
Tag
Adds tags to help you identify your connection. You can change them after the connection is created.
Description
Provides supplementary information about the connection.
Contact Person/Phone Number/Email
Specifies who is responsible for your connection.
If no contact information is provided, we will contact the person in your account information. This will prolong the review period.
Required Duration
Specifies how long the connection will be used for.
Auto-renew
Specifies whether to automatically renew the subscription to ensure service continuity.
For example, if you select this option and the required duration is three months, the system automatically renews the subscription for another three months.
Enterprise Project
Provides a cloud resource management mode where cloud resources and members are centrally managed by project.
Table 3 Tag key and value requirements Parameter
Requirements
Key
- Cannot be left blank.
- Must be unique for each resource.
- Can contain a maximum of 36 characters.
- Can contain only letters, digits, hyphens, and underscores.
Value
- Can be left blank.
- Can contain a maximum of 43 characters.
- Can contain only letters, digits, periods, hyphens, and underscores.
- Click Confirm Configuration.
- Confirm the connection and click Pay Now.
- Confirm the order, select a payment method, and click Confirm.
- Create a virtual gateway.
- In the navigation pane on the left, choose Direct Connect > Virtual Gateways.
- Click Create Virtual Gateway.
- Configure the parameters based on Table 4.
Figure 3 Creating a virtual gateway
Table 4 Parameters required for creating a virtual gateway Parameter
Description
Name
Specifies the virtual gateway name.
The name can contain 1 to 64 characters.
Enterprise Project
Provides a cloud resource management mode where cloud resources and members are centrally managed by project.
VPC
Specifies the VPC to be associated with the virtual gateway.
Local Subnet
Specifies the CIDR blocks of the subnets in the VPC to be accessed using Direct Connect.
You can add one or more CIDR blocks. If there are multiple CIDR blocks, separate every entry with a comma (,).
BGP ASN
Specifies the BGP ASN of the virtual gateway.
NOTE:Generally, Huawei Cloud's BGP ASN is 64512. There are two special cases:
- In the CN North-Beijing1 region, the default BGP ASN of Huawei Cloud is 65533.
- In the AP-Bangkok region, the BGP ASN of some Direct Connect locations is 65535 by default. For details, contact the Direct Connect manager.
Tag
Identifies the virtual gateway. A tag consists of a key and a value. You can add 20 tags to a virtual gateway.
Tag keys and values must meet the requirements listed in Table 5.
NOTE:If a predefined tag has been created on TMS, you can directly select the corresponding tag key and value.
For details about predefined tags, see Predefined Tag Overview.
If you have configured tag policies for Direct Connect, you need to add tags to your virtual gateways based on the tag policies. If you add a tag that does not comply with the tag policies, virtual gateways may fail to be created. Contact your administrator to learn more about tag policies.
Description
Provides supplementary information about the virtual gateway.
Table 5 Tag naming requirements Parameter
Requirements
Key
- Cannot be left blank.
- Must be unique for each resource.
- Can contain a maximum of 36 characters.
- Can contain only letters, digits, hyphens, and underscores.
Value
- Can be left blank.
- Can contain a maximum of 43 characters.
- Can contain only letters, digits, periods, hyphens, and underscores.
- Click OK.
- Create a virtual interface.
- In the navigation pane on the left, choose Direct Connect > Virtual Interfaces.
- Click Create Virtual Interface.
- Configure the parameters based on Table 6.
Figure 4 Creating a virtual interface
Table 6 Parameters for creating a virtual interface Parameter
Description
Region
Specifies the region where the connection resides. You can also change the region in the upper left corner of the console.
Name
Specifies the virtual interface name.
The name can contain 1 to 64 characters.
Virtual Interface Priority
Specifies whether the virtual interface will be used prior to other virtual interfaces. There are two options: Preferred and Standard.
If multiple virtual interfaces are associated with one Direct Connect device, the load is balanced among virtual interfaces with the same priority, while virtual interfaces with different priorities are working in active/standby pairs.
Connection
Specifies the connection you can use to connect your on-premises network to Huawei Cloud.
Virtual Gateway
Specifies the virtual gateway that the virtual interface connects to.
VLAN
Specifies the ID of the VLAN for the virtual interface.
- Standard connections: You need to configure the VLAN.
- Hosted connections: The VLAN will be allocated by the carrier or partner. You do not need to configure the VLAN.
Bandwidth
Specifies the bandwidth that can be used by the virtual interface, in Mbit/s. The bandwidth cannot exceed that of the connection.
Enable Rate Limiting
Limits the highest bandwidth that can be used by the virtual interface. If this option is enabled, the rate limit gradients are as follows:
- If the bandwidth is less than or equal to 100 Mbit/s, the rate limit gradient is 10 Mbit/s.
- If the bandwidth is greater than 100 Mbit/s but is less than or equal to 1,000 Mbit/s, the rate limit gradient is 100 Mbit/s.
- If the bandwidth is greater than 1,000 Mbit/s but is less than or equal to 100 Gbit/s, the rate limit gradient is 1 Gbit/s.
- If the bandwidth is greater than 100 Gbit/s, the rate limit gradient is 10 Gbit/s.
For example, if the bandwidth is 52 Mbit/s, the actual rate limit is 60 Mbit/s. If the bandwidth is 115 Mbit/s, the actual rate limit is 200 Mbit/s.
Enterprise Project
Provides a cloud resource management mode where cloud resources and members are centrally managed by project.
Tag
Identifies the virtual interface. A tag consists of a key and a value. You can add 20 tags to a virtual interface.
Tag keys and values must meet the requirements listed in Table 7.
NOTE:If a predefined tag has been created on TMS, you can directly select the corresponding tag key and value.
For details about predefined tags, see Predefined Tag Overview.
If you have configured tag policies for Direct Connect, you need to add tags to your virtual interfaces based on the tag policies. If you add a tag that does not comply with the tag policies, virtual interfaces may fail to be created. Contact your administrator to learn more about tag policies.
IP Address Family
Specifies the address type of the virtual interface.
IPv4 is selected by default.
Local Gateway
Specifies the IP address used by the cloud to connect to your on-premises network. After you configure Local Gateway on the console, the configuration will be automatically delivered to the gateway used by the cloud.
Remote Gateway
Specifies the IP address used by the on-premises data center to connect to the cloud. After you configure Remote Gateway on the console, you need to configure the IP address on the interface of the on-premises device.
CAUTION:The IP addresses of the local gateway and remote gateway must be in the same IP address range. Generally, an IP address range with a 30-bit mask is used. The IP addresses you plan cannot conflict with IP addresses used on your on-premises network. Plan an IP address range that will be used at both ends of the connection for network communication between your on-premises data center and the cloud.
Remote Subnet
Specifies the subnets and masks of your on-premises network. If there are multiple subnets, use commas (,) to separate them.
Routing Mode
Specifies whether static routing or dynamic routing is used to route traffic between your on-premises network and the cloud network.
If there are or will be two or more connections, select BGP routing for higher availability.
BGP ASN
Specifies the ASN of the BGP peer.
This parameter is required when BGP routing is selected.
BGP MD5 Authentication Key
Specifies the password used to authenticate the BGP peer using MD5.
This parameter is mandatory when BGP routing is selected, and the parameter values on both gateways must be the same.
The key contains 8 to 255 characters and must contain at least two types of the following characters:
- Uppercase letters
- Lowercase letters
- Digits
- Special characters ~!, .:;-_"(){}[]/@#$ %^&*+\|=
Description
Provides supplementary information about the virtual interface.
Table 7 Tag naming requirements Parameter
Requirements
Key
- Cannot be left blank.
- Must be unique for each resource.
- Can contain a maximum of 36 characters.
- Can contain only letters, digits, hyphens, and underscores.
Value
- Can be left blank.
- Can contain a maximum of 43 characters.
- Can contain only letters, digits, periods, hyphens, and underscores.
- Click Create Now.
The default security group rule denies all the inbound traffic. Ensure that security group rules in both directions are correctly configured to ensure normal communications.
- Wait for route advertisement from the cloud.
Direct Connect automatically delivers the routes after a connection is established between your on-premises network and the cloud network.
- Configure routes on your on-premises network device.
Example route (A Huawei-developed device is used an example.)
bgp 64510 peer 10.0.0.1 as-number 64512 peer 10.0.0.1 password simple 1234567 network 10.1.123.0 255.255.255.0
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot