All Products
Search
Document Center

Cloud Enterprise Network:Migrate a VBR from a peering connection to a CEN instance

Last Updated:Oct 19, 2023

This topic describes how to migrate a virtual border router (VBR) from a peering connection in Express Connect to a Cloud Enterprise Network (CEN) instance. You can use CEN to establish private connections between virtual private clouds (VPCs), and between VPCs and data centers. CEN supports automatic route advertisement and learning, which speeds up network convergence, improves the quality and security of cross-network communications, and connects all network resources.

Prerequisites

A CEN instance is created. For more information, see CEN instances.

Procedure

You can perform the following steps to migrate a VBR from a peering connection to a CEN instance:

Warning

Before you suspend or delete the router interfaces of the peering connection, make sure that the routes for both the VBR and the connected VPC from the peering connection are migrated.

  1. If you have configured health checks for the VBR, delete the health check settings in the Express Connect console. For more information, see Configure and manage health checks.

  2. Log on to the CEN console.

  3. On the Instances page, click the ID of the CEN instance that you want to manage.

  4. Find the section that displays the types of network instances and click the 添加网络实例 icon next to the network instance that you want to manage.

  5. On the Connection with Peer Network Instance page, set the parameters to attach the VPC and the VBR instance that you want to migrate to the CEN instance. For more information, see Connect VPCs and Connect VBRs.

  6. If you want to enable network communication across regions, purchase a bandwidth plan and allocate bandwidth for inter-region communication.

  7. If the VPC has routes that point to Elastic Compute Service (ECS) instances, VPN gateways, or high-availability virtual IP addresses (HAVIPs), you need to advertise the routes to the CEN instance in the CEN console based on networking requirements.

    VPC迁移-发布路由
  8. If your data center needs to access Alibaba Cloud services, such as Object Storage Service (OSS) and Alibaba Cloud DNS PrivateZone, establish communicate in the CEN console.

    For more information, see Access to cloud services and Configure PrivateZone.

  9. Log on to the CEN console. Click the transit router in the region of the VPC and VBR, and click the Network Routes tab to view the routes of the network instances. Make sure that the routes of the VBR and VPC do not conflict.

    The static routes of a peering connection have higher priorities than the dynamically generated routes of the CEN instance. If a route from the CEN instance is more specific than or has the same destination as the static route of the peering connection, the route cannot be learned. We recommend that you split static routes from the peering connection and delete them after CEN learns the routes. This ensures a smooth migration.

    In the following figure, the CEN instance has a route 192.168.1.0/24, which is more specific than the route 192.168.0.0/16 that points to Express Connect. As a result, a route conflict occurs.冲突1

    • If you can tolerate transient connections during the migration, delete the route to 192.168.0.0/16. Then, the route in the CEN instance automatically takes effect.

      The duration of the transient connection varies based on the number of CEN routes. For important business scenarios, we recommend that you use the following method to smoothly migrate the VPC.

    • If you want to smoothly migrate the VBR, split the route of a peering connection into routes that are more specific than the route to 192.168.1.0/24 in the CEN instance. For example, split the route to 192.168.0.0/16 into routes to 192.168.1.0/25 and 192.168.1.128/25.

      1. In the Express Connect console, click the ID of the VBR that you want to manage, and then click the Routes tab.

      2. Click Add Route to add two routes whose destination CIDR blocks are 192.168.1.0/25 and 192.168.1.128/25. Set the next hops to the VPC to which the VBR is connected.分割网络

      3. If Border Gateway Protocol (BGP) is used, advertise the routes to 192.168.1.0/25 and 192.168.1.128/25.宣告路由1

      4. Delete the route to 192.168.0.0/16 from the peering connection.删除路由1

      5. Click Refresh to check whether the routes in the CEN instance take effect.刷新路由1

      6. Delete the routes to 192.168.1.0/25 and 192.168.1.128/25 from the VBR route table, and delete the advertised BGP routes.

      7. In the CEN console, configure health checks for the VBR. For more information, see Configure health checks.