VRouter and route entries - User Guide| Alibaba Cloud Documentation Center

Route entries

Each entry in the route table is a route entry, which defines the next hop of the network traffic destined for a specific destination CIDR block. Route entries include system route entries and custom route entries.

You cannot delete a VRouter or a route table of a VPC directly. They will be deleted automatically along with the deletion of the VPC. But you can add route entries to the route table to route network traffic.

System route entry

You cannot create or delete a system route. There are two types of system route entries: After you create a VPC, a system route entry destined for 100.64.0.0/10 is automatically created, which is used for the intercommunication of the cloud products in the VPC. After you create a VSwitch, a system route entry destined for the CIDR block of the VSwitch is also automatically created.

For example, you have created a VPC with the IP address range of 192.168.0.0/16, and created two VSwitches with the IP address ranges of 192.168.1.0/24 and 192.168.0.0/24 respectively. The following system route entries are automatically added to the route table of the VPC:


Destination CIDR block	Next hop type	Type
100.64.0.0/10	-	System
192.168.1.0/24	-	System
192.168.0.0/24	-	System

Custom route entry

You can add custom route entries to route traffic to specific destinations. VPC provides the following next hop types specific to different functions:

ECS Instance: Route the traffic destined for the destination CIDR block to an ECS instance in the VPC.

When using the applications or gateways deployed on the ECS instance to access the Internet, configure this type of route.
VPN Gateway: Route the traffic destined for the destination CIDR block to a VPN gateway.

When using VPN Gateway to connect a VPC to another VPC or a local network, configure this type of route.
VPC: Route the traffic destined for the destination CIDR block to a VPC.

When using Express Connect to connect two VPCs, configure this type of route.
VBR: Route the traffic destined for the destination CIDR block to a VBR.

When using Express Connect to connect a local network (leased line access) to a VPC, configure this type of route.

Routing policy

The longest prefix match algorithm is used to route the network traffic when more than one route entries match the destination IP address. That is, the route entry with the longest subnet mask (the most specific route) is used.

Here is an example of a route table of a VPC.


Destination CIDR block	Next hop type	Next hop	Type
100.64.0.0/10	-	-	System
192.168.0.0/24	-	-	System
0.0.0.0/0	Instance	i-12345678	Custom
10.0.0.0/24	Instance	i-87654321	Custom

In this example, the route entry with the destination CIDR block 100.64.0.0/10 and the route entry with the destination CIDR block 192.168.0.0/24 are system route entries. The former is reserved by the system, and the latter is the system route entry configured for the VSwitch in the VPC.

The route entry with the destination CIDR block 0.0.0.0/0 and the route entry with the destination CIDR block 10.0.0.0/24 are custom route entries. The traffic destined for 0.0.0.0/0 is routed to the ECS instance with the ID i-12345678 and traffic destined for 10.0.0.0/24 is routed to the ECS instance with the ID i-87654321. According to the longest prefix match algorithm, the traffic destined for 10.0.0.1 is routed to the ECS instance with the ID i-87654321, while traffic destined for 10.0.1.1 is routed to the ECS instance with the ID i-12345678.

Routing examples

Routing within the VPC

As shown in the following figure, the ECS instance (ECS01) in a VPC has built an SNAT gateway or bound with an EIP. When the cloud resources in the VPC need to access the Internet through this ECS instance, you can add a custom route entry as follows:


Destination CIDR block	Next hop type	Next hop
0.0.0.0/0	Ecs instance	i-12345678

Interconnection between VPCs

Connect VPCs through Express Connect

As shown in the following figure, when using Express Connect to connect two VPCs (VPC1 172.16.0.0/12 and VPC2 192.168.0.0/16), after you create two router interfaces, the following custom route entries must be added:

Custom route entry added in VPC1


Destination CIDR block	Next hop type	Next hop
192.168.0.0/16	Router interface (To VPC)	VPC2

Custom route entry added in VPC2


Destination CIDR block	Next hop type	Next hop
172.16.0.0/12	Router interface (To VPC)	Vpc1

Connect VPCs through VPN Gateway

As shown in the following figure, when using a VPN gateway to connect two VPCs (VPC1 172.16.0.0/12 and VPC2 10.0.0.0/8), after you configure the VPN gateway, the following custom route entries must be added:

Custom route entry added in VPC1


Destination CIDR block	Next hop type	Next hop
10.0.0.0/8	VPN gateway	VPN gateway 1

Custom route entry added in VPC2


Destination CIDR block	Next hop type	Next hop
172.16.0.0/12	VPN gateway	VPN gateway 2

Interconnection between a VPC and a local data center

Connect a VPC to a local data center through Express Connect

As shown in the following figure, when using Express Connect to connect a VPC to a local network, after you configure the leased line and the VBR, the following custom route entries must be added:

Custom route entry added in VPC


Destination CIDR block	Next hop type	Next hop
192.168.0.0/16	Router interface (To VBR)	RI1

Custom route entry added in VBR


Destination CIDR block	Next hop type	Next hop
192.168.0.0/16	To leased line	RI3
172.16.0.0/12	To VPC	RI2

Custom route entry added in the local network


Destination CIDR block	Next hop type	Next hop
172.16.0.0/12	—	Local gateway

Connect a VPC to a local data center through VPN Gateway

As shown in the following figure, when using a VPN gateway to connect a VPC (CIDR block: 172.16.0.0/12) with a local network (CIDR block: 192.168.0.0/16), after you create a VPN gateway, the following custom route entries must be added:


Destination CIDR block	Next hop type	Next hop
192.168.0.0/16	VPN gateway	The created VPN gateway

Add custom route entry

Complete these steps to add a custom route entry:

Log on to the VPC console.
Select the region of the VPC.
In the left-side navigation pane, click Route Tables.
Click the ID of the target route table and Click Add Route Entry.

In the displayed dialog box, configure the route entry according to the following information and click OK .


Configuration	Description
Destination CIDR Block	Enter the destination IP address range in form of a CIDR block.
Next hop type and next hop	Choose the next hop type and the next hop: ECS Instance: Route the traffic destined for the specified IP address range to the selected ECS instance. Suitable for the scenario that routing specific network access traffic to a specified ECS instance to control the traffic forwarding and management. For example, configure an ECS instance as an Internet gateway to control the Internet access for other ECS instances. VPN Gateway: Route the traffic destined for the specified IP address range to the selected VPN gateway. Suitable for the scenario that using VPN Gateway to connect two VPCs or connect to a local IDC. Router Interface (To VPC): Route the traffic destined for the specified IP address range to the selected VPC. Suitable for the scenario that using Express Connect to connect VPCs. Router Interface (To VBR): Route the traffic destined for the specified IP address range to the selected router interface of which the peer router interface is a VBR. Suitable for the scenario that using Express Connect to connect a VPC to a local IDC. You can also choose the routing types: General Routing: Route the traffic to the specified route interface. Active/Standby Routing: Choose two router interfaces as the next hop. The weight for the active route entry is 100 and for the standby route entry is 0. The standby route entry takes over when the health check for the active route entry fails. Load Balancing Routing: Choose 2-4 router interfaces as the next hop. You can specify a weight value between 1 and 255 for each added route interface and the default value is 100. The system will route the traffic in proportion to configured weights.