Help Center/ Enterprise Router/ Best Practices/ Enabling an On-Premises Data Center to Access Service VPCs Using an Enterprise Router and Transit VPC/ Process of Enabling an On-Premises Data Center to Access Service VPCs Using Enterprise Router and Transit VPC
Updated on 2024-06-27 GMT+08:00

Process of Enabling an On-Premises Data Center to Access Service VPCs Using Enterprise Router and Transit VPC

Table 1 describes the overall process of building a network using an enterprise router and a transit VPC to allow an on-premises data center to access the cloud over a Direct Connect connection.

Table 1 Process of allowing an on-premises data center to access service VPCs using an enterprise router, a transit VPC, and a Direct Connect connection

Step

Description

Step 1: Create Cloud Resources

  1. Create an enterprise router. (Only one enterprise router is required in a region.)
  2. Create VPCs and subnets. In this example, create two service VPCs and one transit VPC.
  3. Create an ECS in each service VPC.

Step 2: Create VPC Peering Connections and Configure Routes

  1. Create a VPC peering connection between VPC-A and VPC-Transit, and add routes for this VPC peering connection.
  2. Create a VPC peering connection between VPC-B and VPC-Transit, and add routes for this VPC peering connection.
  3. Verify the connectivity between VPC-A and VPC-B.

Step 3: Create a VPC Attachment to the Enterprise Router

  1. Attach the transit VPC to the enterprise router.
  2. In the route table of VPC-Transit, add routes with the enterprise router as the next hop and the on-premises network CIDR block as the destination.
  3. Add a route in the route table of the enterprise router with the VPC attachment as the next hop and the on-premises network CIDR block as the destination.

Step 4: Create a Virtual Gateway Attachment to the Enterprise Router

  1. Create a Direct Connect connection to connect the on-premises data center to the cloud over a line you lease from a carrier.
  2. Create a virtual gateway and attach it to the enterprise router.
  3. Create a propagation for the virtual gateway attachment in the route table of the enterprise router to automatically learn the routes of the on-premises data center.
  4. Create a virtual interface to associate the virtual gateway with the Direct Connect connection.
  5. Configure routes on the network device in the on-premises data center.

Step 5: Verify Network Connectivity Between the Service VPCs and On-Premises Data Center

Log in to an ECS and run the ping command to verify the network connectivity.