This topic describes how to connect two on-premises data centers by using route maps of Cloud Enterprise Network (CEN).

Prerequisites

Before you configure a route map, make sure that the following conditions are met:

Background information

By default, CEN adds a route map with the priority of 5000 and the matching mode of DENY to the regional gateway. This route map stops Virtual Border Routers (VBRs) and Cloud Connect Networks (CCNs) from communicating with other VBRs and CCNs attached to the CEN instance. However, you may need to connect two VBRs or two CCNs attached to the CEN instance.
Notice Deletion of default route maps may cause a routing loop. Therefore, we recommend that you exercise caution when you delete default route maps.

Connect two on-premises data centers through CEN

As shown in the preceding figure, the on-premises data center IDC1 is located in Beijing and connected to Alibaba Cloud through VBR1. The on-premises data center IDC2 is located in Hangzhou and connected to Alibaba Cloud through VBR2. VBR1 and VBR2 are attached to a CEN instance. By default, IDC1 and IDC2 are not connected. If you want to connect IDC1 with IDC2, you can use route maps.

Step 1: Set a route map that allows IDC1 to access IDC2

To set a route map that allows IDC1 to access IDC2, follow these steps:

  1. Log on to the CEN console.
  2. In the left-side navigation pane, click Instances.
  3. On the Instances page, find the target CEN instance and click Manage in the Actions column.
  4. On the CEN page, click the Route Maps tab and then click Add Route Map.
  5. In the Add Route Map dialog box, configure the route map according to the following information and then click OK.
    • Priority: Enter the priority of the route map. A smaller number represents a higher priority. In this example, enter 20.
    • Region: Select the region to which the route map is applied. In this example, select China (Beijing).
    • Transmit Direction: Select the direction of the route map. In this example, select Export from Regional Gateway.
    • Match Condition: Set the matching conditions of the route map. In this example, add two matching conditions:
      • Source Instance ID: Enter the instance ID of VBR2.
      • Target Instance ID: Enter the instance ID of VBR1.
    • Match Mode: Select the matching mode of the route map. In this example, select Permit.

    Configure the route map that allows VBR1 to access VBR2
    After you add the route map, you can view the route that allows IDC1 to access IDC2 on the Routes tab.
    Route that allows IDC1 to access IDC2

Step 2: Set a route map that allows IDC2 to access IDC1

To set a route map that allows IDC2 to access IDC1, follow these steps:

  1. In the left-side navigation pane, click Instances.
  2. On the Instances page, find the target CEN instance and click Manage in the Actions column.
  3. On the CEN page, click the Route Maps tab, and then click Add Route Map.
  4. In the Add Route Map dialog box, configure the route map according to the following information and then click OK.
    • Priority: Enter the priority of the route map. A smaller number represents a higher priority. In this example, enter 20.
    • Region: Select the region to which the route map is applied. In this example, select China (Hangzhou).
    • Transmit Direction: Select the direction of the route map. In this example, select Export from Regional Gateway.
    • Match Condition: Set the matching conditions of the route map. In this example, add two matching conditions:
      • Source Instance ID: Enter the instance ID of VBR1.
      • Target Instance ID: Enter the instance ID of VBR2.
    • Match Mode: Select the matching mode of the route map. In this example, select Permit.

    Route map that allows IDC2 to access IDC1
    After you add the route map, you can view the route that allows IDC2 to access IDC1 on the Routes tab.
    Route that allows IDC2 to access IDC1

Step 3: Test the network connectivity

To test the network connectivity between IDC1 and IDC2, follow these steps.

  1. Open the command prompt of the PC at the on-premises data center IDC1.
  2. Use the ping command to ping the IP address of the PC at the on-premises data center IDC2..
    The output shows that the PC of IDC1 can access the PC of IDC2.
    PC of IDC1 can access the PC of IDC2
  3. Open the command prompt of the PC of IDC2.
  4. Use the ping command to ping the IP address of the PC of IDC1.
    The output shows that the PC of IDC2 can access the PC of IDC1.
    PC of IDC2 can access the PC of IDC1