This topic describes the limits of Express Connect. Before you use this service, we recommend that you understand these limits.
|Item||Limit||How to apply for an exception to the limit|
|The maximum number of physical connections that can be assigned to an access point of each account||2||You can apply for an exception to the limit on the Quota Management page in the console.|
|The maximum number of Virtual Border Routers (VBRs) that can be created for each physical connection||7||You can submit a ticket.|
|The maximum number of idle VBRs without interfaces supported by each account||5||None.|
|The maximum number of VBRs that you can use your current account to create for each physical connection instance||5||You can submit a ticket. In low-bandwidth scenarios, you can use each physical connection instance to create up to five VBRs for your current account free of charge. Fees are incurred if the number of VBRs exceeds the upper limit.|
|The maximum number of VBRs that you can use your current account to create for other accounts||2||You can submit a ticket. In low-bandwidth scenarios, you can use your current account to create up to two VBRs for other accounts free of charge. More than two VBRs can be created for free in the regions within China. However, fees are incurred if more than two VBRs are created.|
|The maximum number of routes that can be added to each VBR||48||You can apply for an exception to the limit on the Quota Management page in the console.|
|The maximum number of Border Gateway Protocol (BGP) routes supported by each VBR||110||You can submit a ticket.|
|The maximum number of BGP routes that can be advertised on each VBR.||10||You can apply for an exception to the limit on the Quota Management page in the console.|
|We recommend that you use internal Classless Inter-Domain Routing (CIDR) blocks for communication between your on-premises data center and a VPC. The CIDR blocks cannot conflict with each other.|
|If you use dual physical connections to connect an on-premises data center to a VPC, you must configure a source IP address and a destination IP address for each physical connection to enable health checks. The system regularly checks the status of both physical connections. If a physical connection fails, the system distributes network traffic to the other physical connection.|
|By default, in the regions within China, you cannot use your current account to create VBRs for other accounts. The physical connection owner and the physical connection user must belong to the same enterprise. If you require special permissions, you can submit a ticket. The enterprise that owns the A26 license for telecommunication infrastructure service granted by China's Ministry of Industry and Information Technology (MIIT) can submit a ticket to create VBRs for other accounts.|
|By default, in regions outside China, you cannot use your current account to create VBRs for other accounts. If you require special permissions, you can submit a ticket.|
|By default, if you use your current account to create a VBR for other accounts, the VBR cannot be added to a CEN instance or connected to a VPC. The physical connection owner and the physical connection user must belong to the same enterprise. If you require special permissions, you can submit a ticket.|
Limits on communication
The communication between a VPC and an on-premises data center has the following limits:
- The maximum read/write speed for Object Storage Service (OSS) is 5 Gbit/s.
- To improve the reliability, the speed of a single hash stream from a VPC to a VBR
is limited to 1/12, 1/4, 1/8, or 1/16 of the bandwidth assigned to a specified type of physical
connection based on Alibaba Cloud Express Connect. For example, if the bandwidth level from the
VBR to the VPC is set to large1, which means that the bandwidth of 1 Gbit/s is specified,
the maximum bandwidth of a single hash stream is 85 Mbit/s.
A hash stream is a data stream that is defined by the combination of the source IP address, source port, transport layer protocol, destination IP address, and destination port. For example,
192.168.1.1 10000 TCP 22.214.171.124 80forms a hash stream. In this hash stream, a terminal that is assigned the IP address 192.168.1.1 and port 1000 is connected to a terminal that is assigned the IP address 126.96.36.199 and port 80 over Transmission Control Protocol (TCP).
Limits on access points
Before you migrate data on the premises to Alibaba Cloud through the Express Connect service, you must specify access points for physical connections. The access points have the following limits:
- Multiple access points from different locations are provided in one region. The network latency between two access points that are located in different zones of the same region is less than five milliseconds.
- If you want to minimize the network latency, you can select an access point that is closest to the zone where your Elastic Compute Service (ECS) instance is located. To enable this access point, you can submit a ticket.
Limits on physical connections
Physical connections have the following limits:
- Before you use Express Connect, you must allocate appropriate CIDR blocks to the connections between a VPC and an on-premises data center. Make sure that the CIDRs of the VPC and the on-premises data center do not overlap with each other.
- The cloud services in VPCs use 100.64.0.0/10 as the service address. On-premises data centers that are connected to VPCs through Express Connect cannot use CIDR blocks that overlap with 100.64.0.0/10.
- Alibaba Cloud provides optical modules with 1 GB and 10 GB ports free of charge, and the transmission distance is 10 km. If you require a longer transmission distance or a 40 GB or 100 GB port, you must purchase the optical module yourself.
Limits on cable installation at the data center of Alibaba Cloud
Before you instruct the cable installation company to go to the data center of Alibaba Cloud, you must understand the following limits:
- The cable installation company must follow the construction rules stipulated by the data center provider and Alibaba Cloud engineers. The cable installation company that fails to follow the rules is not allowed to install cables at the data center.
- If you purchase optical ports, make sure that the service provider connects an optical fiber to the port of Alibaba Cloud.
- If you purchase electrical ports, make sure that the service provider connects an electrical cable to the port of Alibaba Cloud.
- Alibaba Cloud data centers do not support the hosting of fiber optical transceivers. The cable installation company cannot install any fiber optical transceivers at data centers of Alibaba Cloud.
- The leased line installation schedule is subject to data center lockdowns required by local authorities or Alibaba Cloud. You can learn about the lockdown duration required by Alibaba Cloud by consulting customer service.
- The data centers where Alibaba Cloud access points are located are rent from telecom service providers. Therefore, you may be charged by the service providers for cable connections to the data center building and leased indoor cables.
Limits on redundant physical connections
Redundant physical connections have the following limits:
- Alibaba Cloud only guarantees the service availability of redundant physical connections that connect to different access points. If there are multiple connections to the same access point or there is only one connection to an access point, the service availability cannot be guaranteed.
- If you use dual physical connections to connect to Alibaba Cloud, we recommend that you configure health checks to perform failovers and guarantee high availability of the Express Connect service.
Limits on shared physical connections
You can also use a leased line deployed by an Alibaba Cloud partner to establish a physical connection. The shared physical connections have the following limits:
- Configurations of ports are fixed. Alibaba Cloud cannot adjust port configurations even if you have special requirements.
- Equal-cost multi-path (ECMP) link aggregation is not supported.
Time spans for leased line construction
The following table shows the limits on time spans for different stages that Alibaba Cloud requires to install a leased line.
|Review of the application to enter an Alibaba Cloud data center and perform site surveys for leased line installation||Two workdays|
|Review of the application for a Letter of Authorization (LOA)||Two workdays|
|Fiber pigtail installation||If Alibaba Cloud provides optical modules:
If the customer provides optical modules:
|Review of the application to enter an Alibaba Cloud data center and maintain a leased line||Two workdays|
Peering connection limits
- If multiple VBRs are connected to one VPC, the VBRs cannot communicate with each other through the VPC.
- If multiple VPCs are connected to one VBR, the VPCs cannot communicate with each other through the VBR.