Community

Blog Events Webinars Tutorials Forum
  1. Blog
  2. Events
  3. Webinars
  4. Tutorials
  5. Forum
Create Account
×
Community Blog Alibaba Cloud DTS Trials and Errors | Using the VPC Data Channel to Solve Network Conflicts

Alibaba Cloud DTS Trials and Errors | Using the VPC Data Channel to Solve Network Conflicts

This article describes how to use the VPC data channel to resolve network conflicts.

Disadvantages of Using the 100 CIDR Block to Access Instances

If you want to use Alibaba Cloud Data Transmission Service (DTS) to synchronize self-managed databases deployed in data centers or third-party clouds to Alibaba Cloud, you need to configure multiple 100 CIDR blocks on your leased lines and VPNs and add 100 CIDR blocks to the whitelist on the database according to the previous operation of adding the CIDR block of the DTS server. The following figure describes the network topology.

1

However, such configuration methods have some drawbacks:

  1. After the configuration is complete, you cannot simulate the 100 CIDR block in the VPC to initiate test connections, such as telnet and ping, to the database. Test connections of the 100 CIDR block can only be initiated by Alibaba Cloud DTS.
  2. Alibaba Cloud DTS can only perform telnet for connection testing, but cannot run network route detection commands such as ping, traceroute, and MTR.
  3. If you encounter a network failure, you can only rely on Alibaba Cloud staff to troubleshoot the problem instead of effectively diagnosing and fixing the problem on your own.
  4. In addition to the problem that you cannot simulate the connections of the 100 CIDR block, there is also a risk of conflict with the CIDR blocks of third-party clouds. Historically, we encountered many cases in which the third-party cloud could not respond to packets from the DTS 100 CIDR block in a multi-cloud environment.

What is a VPC Data Channel?

To address the preceding drawbacks, Alibaba Cloud DTS is gradually launching a new VPC data channel solution. This approach transforms access to user instances from using the 100 CIDR block to leveraging the user's private IP addresses, thereby solving the complexity of configuring 100 CIDR blocks from the root.

The following figure shows the architecture of the VPC data channel.

2

The VPC data channel uses the private IP address of the user to access the user instance so that the network link becomes user-controllable.

As shown in the above figure, the user has a database instance in data centers or third-party clouds. The address of this instance is 10.0.0.1:3306, and the private CIDR block of the data center or third-party clouds is 10.0.0.0/8. In addition, the user has a VPC in the Alibaba Cloud environment. The data center or third-party cloud of the user has been connected to the cloud VPC, and any IP in the VPC can access the database instance at 10.0.0.1:3306. The user wants to use DTS to migrate their database instance in the data center to an RDS instance in the cloud VPC. After using the VPC data channel, DTS will add an elastic network interface (ENI) on the VSW in the VPC (the IP of this ENI is 172.16.0.1) and use its IP as the source IP to access the user's database instance in the data center.

Advantages of the VPC Data Channel

Compared with the original use of the100 CIDR block to access user instances, the VPC data channel has the following advantages:

User-controllable DTS source IP address: You can control the IP address DTS uses to access instances in third-party clouds or data centers. (You can specify a VSW in a VPC for DTS to use.)

Pre-verification of network connectivity: Before you configure a DTS task, you can check the connectivity from the VSW to the database in third-party clouds or data centers. You can apply for an ECS instance on the VSW and run commands such as telnet, ping, traceroute, and MTR on the database in third-party clouds or data centers. If the network fails, you can handle the problem in advance to avoid discovering the problem until DTS tasks are configured and delaying the process.

Standard cloud product presentation for DTS network components: You can find the elastic network interface created by DTS to access user instances in the ECS console > Network and Security > Elastic Network Interface.

• Effectively reduce the time wasted on troubleshooting and ensure that the entire project proceeds as planned. With these preventive measures, the risk of delays caused by unknown factors can be greatly reduced, ensuring that every stage of the project is carried out within a controllable range.

Click to learn more about DTS: https://www.alibabacloud.com/product/data-transmission-service

For more information about the VPC data channel and limits, please refer to https://www.alibabacloud.com/help/en/dts/user-guide/what-is-a-vpc-data-channel

Currently, the VPC data channel solution is in a canary release. Welcome to try it online: https://www.alibabacloud.com/help/en/dts/user-guide/configure-a-vpc-data-channel-task

VPC Database Developers Networking Data Transmission Service Alibaba Cloud DTS
0 1 0
Share on

Read previous post:

Performance Improvement Tool | In-depth Analysis of PolarDB-X Columnar Query Technology

Read next post:

Achieve Effortless Load Balancing with Zero Code Changes Using ConnectionStringURI on ApsaraDB for MongoDB

ApsaraDB

495 posts | 146 followers

You may also like

Comments

ApsaraDB

495 posts | 146 followers

Related Products

More Posts by ApsaraDB

See All