Help Center> Direct Connect> Best Practices> Connecting to Multiple VPCs that Do Not Need to Communicate with Each Other

Updated on 2024-02-26 GMT+08:00

View PDF

Connecting to Multiple VPCs that Do Not Need to Communicate with Each Other

Scenarios

Connect your on-premises network to two or more VPCs over one connection and use static routes to route traffic between your on-premises network and the VPCs. These VPCs do not need to communicate with each other. In this example, there are two VPCs.

Standard connections are used to provide dedicated ports for exclusive use.

Prerequisites

Your on-premises network must use a single-mode fiber with a 1GE, 10GE, 40GE, or 100GE optical module to connect to the access device in the cloud.
Auto-negotiation for the port must be disabled. Port speed and full-duplex mode must be manually configured.
802.1Q VLAN encapsulation is supported on your on-premises network.

Typical Topology

Your on-premises network is connected to two VPCs in the CN-Hong Kong region over a single connection.

For details on how to create a VPC, see the Creating a VPC.

The following table lists the CIDR blocks used in this example.

**Table 1** CIDR blocks
Item	CIDR Block
Your on-premises network	10.1.123.0/24
Local and remote gateways (addresses for interconnection)	10.0.0.0/30 and 10.0.0.4/30
VPCs	VPC-001: 192.168.0.0/16 VPC-002: 172.16.0.0/16

Figure 1 Accessing multiple VPCs over one connection
Click to enlarge

Procedure

Create a connection.
For details, see Accessing a VPC over a Single Connection Through Static Routes.

Create two virtual gateways.

Associate one virtual gateway with VPC-001 and the other one with VPC-002.

Figure 2 Creating a virtual gateway
Click to enlarge

**Table 2** Parameters required for creating virtual gateway 1
Parameter	Description
Name	Specifies the virtual gateway name. The name can contain 1 to 64 characters.
Enterprise Project	Provides a cloud resource management mode where cloud resources and members are centrally managed by project.
Attachment	Specifies whether the virtual gateway is associated with a VPC or attached to an enterprise router.
VPC	Specifies the VPC to be associated with the virtual gateway. This parameter is mandatory when you set Attachment to VPC.
Enterprise Router	Specifies the enterprise router that the virtual gateway is attached to. This parameter is displayed when you set Attachment to Enterprise Router.	N/A
Local Subnet	Specifies the CIDR blocks of the VPC to be accessed. This parameter is mandatory when you set Attachment to VPC. You can add one or more CIDR blocks. If there are multiple CIDR blocks, separate every entry with a comma (,).
BGP ASN	Specifies the BGP ASN of the virtual gateway. NOTE: Generally, Huawei Cloud's BGP ASN is 64512. There are two special cases: In the CN North-Beijing1 region, the default BGP ASN of Huawei Cloud is 65533. In the AP-Bangkok region, the BGP ASN of some Direct Connect locations is 65535 by default. For details, contact the Direct Connect manager.
Description	Provides supplementary information about the virtual gateway.
Configuration Fee	Shows the prices of the enterprise router attachment and of the traffic used by the enterprise router. This parameter is displayed when you set Attachment to Enterprise Router.

Figure 3 Creating a virtual gateway
Click to enlarge

**Table 3** Parameters required for creating virtual gateway 2
Parameter	Description
Name	Specifies the virtual gateway name. The name can contain 1 to 64 characters.
Enterprise Project	Provides a cloud resource management mode where cloud resources and members are centrally managed by project.
Attachment	Specifies whether the virtual gateway is associated with a VPC or attached to an enterprise router.
VPC	Specifies the VPC to be associated with the virtual gateway. This parameter is mandatory when you set Attachment to VPC.
Enterprise Router	Specifies the enterprise router that the virtual gateway is attached to. This parameter is displayed when you set Attachment to Enterprise Router.	N/A
Local Subnet	Specifies the CIDR blocks of the VPC to be accessed. This parameter is mandatory when you set Attachment to VPC. You can add one or more CIDR blocks. If there are multiple CIDR blocks, separate every entry with a comma (,).
BGP ASN	Specifies the BGP ASN of the virtual gateway. NOTE: Generally, Huawei Cloud's BGP ASN is 64512. There are two special cases: In the CN North-Beijing1 region, the default BGP ASN of Huawei Cloud is 65533. In the AP-Bangkok region, the BGP ASN of some Direct Connect locations is 65535 by default. For details, contact the Direct Connect manager.
Description	Provides supplementary information about the virtual gateway.
Configuration Fee	Shows the prices of the enterprise router attachment and of the traffic used by the enterprise router. This parameter is displayed when you set Attachment to Enterprise Router.

Create two virtual interfaces.

Connect each virtual interface with a virtual gateway so that your on-premises network can access VPC-001 through 10.0.0.0/30 and VPC-002 through 10.0.0.4/30.

Figure 4 Creating a virtual interface
Click to enlarge

**Table 4** Parameters required for creating virtual interface 1
Parameter	Description
Region	Specifies the region where the connection resides. You can also change the region in the upper left corner of the console.
Name	Specifies the virtual interface name. The name can contain 1 to 64 characters.
Virtual Interface Priority	Specifies whether the virtual interface will be used prior to other virtual interfaces. There are two options: Preferred and Standard. If multiple virtual interfaces are associated with one Direct Connect device, load is balanced among virtual interfaces with the same priority, while virtual interfaces with different priorities are working in active/standby pairs.
Connection	Specifies the connection you can use to connect your on-premises network to Huawei Cloud.
Virtual Gateway	Specifies the virtual gateway that the virtual interface connects to.
VLAN	Specifies the ID of the VLAN for the virtual interface. Standard connections: You need to configure the VLAN. Hosted connections: The VLAN will be allocated by the carrier or partner. You do not need to configure the VLAN.
Bandwidth	Specifies the bandwidth that can be used by the virtual interface, in Mbit/s. The bandwidth cannot exceed that of the connection.
Enable Rate Limiting	Limits the highest bandwidth that can be used by the virtual interface. After this option is enabled, the rate limit gradients are as follows: If the bandwidth is less than or equal to 100 Mbit/s, the rate limit gradient is 10 Mbit/s. If the bandwidth is greater than 100 Mbit/s but is less than or equal to 1,000 Mbit/s, the rate limit gradient is 100 Mbit/s. If the bandwidth is greater than 1,000 Mbit/s but is less than or equal to 100 Gbit/s, the rate limit gradient is 1 Gbit/s. If the bandwidth is greater than 100 Gbit/s, the rate limit gradient is 10 Gbit/s. For example, if the bandwidth is 52 Mbit/s, the actual rate limit is 60 Mbit/s. If the bandwidth is 115 Mbit/s, the actual rate limit is 200 Mbit/s.
Enterprise Project	Provides a cloud resource management mode where cloud resources and members are centrally managed by project.
Local Gateway	Specifies the gateway on the Huawei Cloud network.
Remote Gateway	Specifies the gateway on your on-premises network. The remote gateway must be in the same IP address range as the local gateway. Generally, a subnet with a 30-bit mask is recommended.
Remote Subnet	Specifies the subnets and masks of your on-premises network. If there are multiple subnets, use commas (,) to separate them.
Routing Mode	Specifies whether static routing or dynamic routing is used to route traffic between your on-premises network and the cloud network. If there are or will be two or more connections, select BGP routing to achieve higher availability.
BGP ASN	Specifies the ASN of the BGP peer. This parameter is required when BGP routing is selected.
BGP MD5 Authentication Key	Specifies the password used to authenticate the BGP peer using MD5. This parameter is mandatory when BGP routing is selected, and the parameter values on both gateways must be the same. The key contains 8 to 255 characters and must contain at least two types of the following characters: Uppercase letters Lowercase letters Digits Special characters ~!, .:;-_"(){}[]/@#$ %^&*+\\|=
Description	Provides supplementary information about the virtual interface.

Figure 5 Creating a virtual interface
Click to enlarge

**Table 5** Parameters required for creating virtual interface 2
Parameter	Description
Region	Specifies the region where the connection resides. You can also change the region in the upper left corner of the console.
Name	Specifies the virtual interface name. The name can contain 1 to 64 characters.
Virtual Interface Priority	Specifies whether the virtual interface will be used prior to other virtual interfaces. There are two options: Preferred and Standard. If multiple virtual interfaces are associated with one Direct Connect device, load is balanced among virtual interfaces with the same priority, while virtual interfaces with different priorities are working in active/standby pairs.
Connection	Specifies the connection you can use to connect your on-premises network to Huawei Cloud.
Virtual Gateway	Specifies the virtual gateway that the virtual interface connects to.
VLAN	Specifies the ID of the VLAN for the virtual interface. Standard connections: You need to configure the VLAN. Hosted connections: The VLAN will be allocated by the carrier or partner. You do not need to configure the VLAN.
Bandwidth	Specifies the bandwidth that can be used by the virtual interface in the unit of Mbit/s. The bandwidth cannot exceed that of the connection.
Enable Rate Limiting	Limits the highest bandwidth that can be used by the virtual interface. After this option is enabled, the rate limit gradients are as follows: If the bandwidth is less than or equal to 100 Mbit/s, the rate limit gradient is 10 Mbit/s. If the bandwidth is greater than 100 Mbit/s but is less than or equal to 1,000 Mbit/s, the rate limit gradient is 100 Mbit/s. If the bandwidth is greater than 1,000 Mbit/s but is less than or equal to 100 Gbit/s, the rate limit gradient is 1 Gbit/s. If the bandwidth is greater than 100 Gbit/s, the rate limit gradient is 10 Gbit/s. For example, if the bandwidth is 52 Mbit/s, the actual rate limit is 60 Mbit/s. If the bandwidth is 115 Mbit/s, the actual rate limit is 200 Mbit/s.
Enterprise Project	Provides a cloud resource management mode where cloud resources and members are centrally managed by project.
Local Gateway	Specifies the gateway on the Huawei Cloud network.
Remote Gateway	Specifies the gateway on your on-premises network. The remote gateway must be in the same IP address range as the local gateway. Generally, a subnet with a 30-bit mask is recommended.
Remote Subnet	Specifies the subnets and masks of your on-premises network. If there are multiple subnets, use commas (,) to separate them.
Routing Mode	Specifies whether static routing or dynamic routing is used to route traffic between your on-premises network and the cloud network. If there are or will be two or more connections, select BGP routing to achieve higher availability.
BGP ASN	Specifies the ASN of the BGP peer. This parameter is required when BGP routing is selected.
BGP MD5 Authentication Key	Specifies the password used to authenticate the BGP peer using MD5. This parameter is mandatory when BGP routing is selected, and the parameter values on both gateways must be the same. The key contains 8 to 255 characters and must contain at least two types of the following characters: Uppercase letters Lowercase letters Digits Special characters ~!, .:;-_"(){}[]/@#$ %^&*+\\|=
Description	Provides supplementary information about the virtual interface.

The default security group rule denies all the inbound traffic. Ensure that security group rules in both directions are correctly configured to ensure normal communications.

Wait for route propagation on the cloud.
Direct Connect automatically propagates the routes after a connection is established between your on-premises network and the cloud network.

Configure a static route on your device.

(Here is a static route on a Huawei device.)

ip route-static 192.168.0.0 255.255.0.0 10.0.0.1
ip route-static 172.16.0.0 255.255.0.0 10.0.0.5

Previous topic: Accessing a VPC over Two Connections Through BGP Routes

Next topic: Connecting to Multiple VPCs that Need to Communicate with Each Other

Feedback

Was this page helpful?

Helpful Not helpful

Provide feedback

Thank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.

The system is busy. Please try again later.

Which of the following issues have you encountered?

Content is inconsistent with the product UI

Unclear descriptions

Lack of examples or code

Incorrect steps

Can't find what I need

Lack of best practices

Feedback (optional)

0/500

Select at least one type of issue, and enter your comments or suggestions.

Enter a maximum of 500 characters.

Submit Cancel

For any further questions, feel free to contact us through the chatbot.

Chatbot