This topic describes how to configure equal-cost multi-path (ECMP) routing. If a 100 Gbit/s Express Connect circuit cannot withstand traffic spikes, you can increase the number of Express Connect circuits to enable ECMP routing. ECMP routing increases the maximum bandwidth value of your service and simplifies the procedure for establishing connections between your data center and Alibaba Cloud. ECMP routing distributes data through multiple paths. This prevents network congestion and increases resource usage.

Scenarios

The following scenario shows how to connect a data center to Alibaba Cloud by using ECMP routing.

An enterprise has a data center in Shanghai and a virtual private cloud (VPC) in the China (Shanghai) region. The private CIDR block of the data center is 172.16.0.0/12, and the CIDR block of the VPC is 192.168.0.0/16. To address bandwidth issues, the enterprise applies for two Express Connect circuits from two Internet service providers (ISPs) to connect the data center to Alibaba Cloud.

ECMP routing architecture

The following table describes the parameters of the virtual border router (VBR) that is connected to the two Express Connect circuits.

VBR parameter Express Connect circuit pconn-1 Express Connect circuit pconn-2
VLAN ID 0 0
IPv4 Address of Gateway at Alibaba Cloud Side 10.4.4.1 10.4.5.1
IPv4 Address of Gateway at Customer Side 10.4.4.2 10.4.5.2
Subnet Mask (IPv4 Address) 255.255.255.252 255.255.255.252

Background

Cloud Enterprise Network (CEN) automatically learns and distributes routes. After you configure routes, CEN automatically learns and advertises the routes to attached network instances. The following note shows how CEN learns routes.

Note You can configure static routes or Border Gateway Protocol (BGP) dynamic routes based on how you plan CIDR blocks. You can configure different routes by using the following methods:
  • To configure a static route in the VBR, set the destination CIDR block of the route to the CIDR block of the data center. To configure BGP routing in the VBR, set the IP address of the BGP peer to the peer IPv4 address on the client side.
  • To configure a static route in the data center, set the destination CIDR block of the route to the CIDR block of the VPC. To configure BGP routing in the data center, set the IP address of the BGP peer to the peer IPv4 address on the Alibaba Cloud side.

This topic describes how to configure BGP routing.

  • Routes learned by the VBR from the BGP peer
    Destination CIDR block Next hop
    VBR route 1
    172.16.0.0/12 10.4.4.2
    VBR route 2
    172.16.0.0/12 10.4.5.2

    The preceding table describes the routes that the VBR learns from the BGP peer. The routes include destination CIDR blocks and next hops. After you attach the VBR to a CEN instance, the VBR learns routes from the data center and advertises the routes to the CEN instance.

  • Global route table configuration
    Destination CIDR block Next hop
    VBR route 1
    172.16.0.0/12 10.4.4.2
    VBR route 2
    172.16.0.0/12 10.4.5.2
    CEN route table
    172.16.0.0/12 VBR
    192.168.0.0/16 VPC
    • After you attach the VBR and the VPC to a CEN instance, the VBR learns routes from the data center and advertises the routes to the CEN instance. After the routes are advertised to CEN, network instances such as the VPC attached to the CEN instance can learn the routes.
    • CEN also advertises its routes to the BGP route table in the data center. The routes point to two IP addresses of the VBR, which is the BGP peer of the data center.

Prerequisites

Multiple Express Connect circuits are deployed between your data center and Alibaba Cloud. The Express Connect circuits must meet the following requirements. For more information, see Create a dedicated connection over an Express Connect circuit.

  • The Express Connect circuits are associated with the same VBR.
  • The Express Connect circuits are enabled.
  • The Express Connect circuits have the same maximum bandwidth value.

Step 1: Create a VBR for the first Express Connect circuit

  1. Log on to the Express Connect console.
  2. In the top navigation bar, select the region and click Exclusive Physical Connection in the left-side navigation pane.
  3. On the Exclusive Physical Connection page, click the ID of the Express Connect circuit for which you want to create a VBR. Make sure that the Express Connect circuit is enabled. In this example, pconn-1 is selected.
  4. On the details page of pconn-1, click Create Border Router.
  5. In the Create VBR panel, set the following parameters and click OK.
    • Account: Select the type of the account that is used to create the VBR. In this example, Current Account is selected.
    • Name: Specify a name for the VBR.
    • Physical Connection Interface: Select the Express Connect circuit that you want to associate with the VBR. The Express Connect circuit must be enabled and work as expected. In this example, pconn-1 is selected.
    • VLAN ID: Enter the VLAN ID of the VBR. In this example, 0 is entered.
    • IPv4 Address of Gateway at Alibaba Cloud Side: Enter the IPv4 address of the gateway that routes traffic from the VPC to the data center. In this example, 10.4.4.1 is entered.
    • IPv4 Address of Gateway at Customer Side: Enter the IPv4 address of the gateway that routes traffic from the data center to the VPC. In this example, 10.4.4.2 is entered.
    • Subnet Mask (IPv4 Address): Enter the IPv4 subnet mask on the Alibaba Cloud side and on the client side. In this example, 255.255.255.252 is entered.

Step 2: Associate the VBR with another Express Connect circuit

  1. Log on to the Express Connect console.
  2. In the top navigation bar, select the region and click Exclusive Physical Connection in the left-side navigation pane.
  3. On the Exclusive Physical Connection page, click the ID of the Express Connect circuit for which you created a VBR. In this example, pconn-1 is selected.
  4. On the details page of pconn-1, click the ID of the VBR that you created.
  5. On the Physical Connection Interfaces tab, click Add Physical Connection Interface.
  6. In the Add Physical Connection Interface panel, configure another Express Connect circuit, and then click OK.
    • Physical Connection Interface: Select another Express Connect circuit that you want to associate with the VBR. The Express Connect circuit must be enabled and work as expected. In this example, pconn-2 is selected.
    • VLAN ID: Enter the VLAN ID of the VBR. In this example, 0 is entered.
    • IPv4 Address of Gateway at Alibaba Cloud Side: Enter the IPv4 address of the gateway that routes traffic from the VPC to the data center. In this example, 10.4.5.1 is entered.
    • IPv4 Address of Gateway at Customer Side: Enter the IPv4 address of the gateway that routes traffic from the data center to the VPC. In this example, 10.4.5.2 is entered.
    • Subnet Mask (IPv4 Address): Enter the IPv4 subnet mask on the Alibaba Cloud side and on the client side. In this example, 255.255.255.252 is entered.

Step 3: Configure BGP routing in the VBR

To configure BGP routing between the data center and the VBR, you must add the BGP peer that communicates with the VBR to a BGP group, and then advertise the BGP CIDR block on the VBR.

  1. Log on to the Express Connect console.
  2. In the top navigation bar, select the region and click Virtual Border Routers (VBRs) in the left-side navigation pane.
  3. On the Virtual Border Routers (VBRs) page, find the VBR that you want to manage and click its ID.
  4. Create a BGP group.
    1. Click the BGP Groups tab and click Create BGP Group.
    2. Set the following parameters of the BGP group and click OK.
      Parameter Description
      Support IPv6 Specify whether the IPv6 protocol is supported.

      In this example, No is selected.

      Name Enter a name for the BGP group.
      Peer ASN Enter the autonomous system number (ASN) of the data center.
      BGP Key Enter the key of the BGP group.
      Description Enter a description for the BGP group.
  5. Create a BGP peer.
    1. Click the BGP Peers tab and click Create BGP Peer.
    2. Set the parameters of the BGP peer and click OK.
      Parameter Description
      BGP group Select the BGP group you created.
      BGP peer IP address Enter the IP address of the BGP peer. In this example, 10.4.4.2 is entered. This value is the peer IP address on the client side.
      Enable BFD In this example, you do not need to enable Bidirectional Forwarding Detection (BFD).
  6. Repeat the steps in 5 to create and configure a BGP peer for pconn-2.
    In this example, the IP address of the BGP peer for pconn-2 is set to 10.4.5.2 and BFD is not enabled.

Step 4: Attach the VPC and the VBR to a CEN instance

You must attach the VPC and the VBR that is connected to the Express Connect circuits to the same CEN instance.

  1. Log on to the CEN console.
  2. On the Instances page, click the ID of the CEN instance that you want to manage.
    If you do not have a CEN instance, create one. For more information, see Create a CEN instance.
  3. Click the Networks tab and click Attach Network.
  4. In the Attach Network panel, click the Your Account tab to attach the VBR, and then click OK.
    • Network Type: Select Virtual Border Router (VBR).
    • Region: Select the region where the VBR is deployed.
    • Networks: Select the ID of the VBR.
  5. Repeat the preceding steps to attach the VPC that you want to connect to the data center.
    Notice If you have created route entries that point to Elastic Compute Service (ECS) instances, virtual private network (VPN) gateways, or high-availability virtual IP addresses (HAVIPs), advertise these routes to the CEN instance in the VPC console. For more information, see Publish a route to CEN.

Step 5: Configure routes in the data center

You must configure BGP routes that you want to advertise to Alibaba Cloud in the data center. Set the CIDR block of the data center to 172.16.0.0/12. The following table describes how to configure BGP routes on the two pieces of customer-premises equipment (CPE) in the data center. For more information about the configurations, contact the CPE vendor.

Parameter CPE1 CPE2
VLAN ID 0 0
Network 172.16.0.0/12 172.16.0.0/12
BGP ASN 65000 65000
PEER BGP ASN 45104 45104
Interface IP 10.4.4.2/30 10.4.5.2/30

Step 6: Test the connectivity

After you establish the connections over Express Connect circuits, you must test the connectivity.

  1. Open Command Prompt on a computer in the data center.
  2. On the command line, run the ping command to check the connectivity between the data center and an ECS instance in the VPC. The CIDR block of the VPC is 192.168.0.0/16.
    If the ECS instance can be pinged, the connections are established.
  3. On the command line, run the tracert command to check whether the connections support ECMP routing.
    The tracert command may vary based on the vendor. For more information about the command, contact the CPE vendor.