edit-icon download-icon

Multi-VPC physical connection

Last Updated: Jan 08, 2018

You can use a leased line that is already connected to an access point of Alibaba Cloud to connect multiple VPCs.

Note: Now a leased can be connected to 5 VPCs at most. You can open a ticket to increase the quota.

Scenario

A company has opened account A on Alibaba Cloud and created VPC-A. Account A already opened a leased line that connects the on-premises IDC of the company to VPC-A. A subsidiary of the company has open account B on Alibaba Cloud and VPC-B is under account B. The subsidiary wants to connect VPC-B to the on-premises IDC.

Because there is already a leased line under account A that connects the on-premises IDC to the access point of Alibaba Could, VPC-B under account B of the subsidiary can reuse the leased line and VBR of account A. The company only needs to create a router interface for the VBR under account A and the VPC under account B respectively and connect the two interfaces, as shown in the following figure.

This tutorial uses the case as the example to illustrate how to reuse a leased line to connect multiple VPCs. In this tutorial, VPC and leased line configurations are as follows:

Account AAccount B
Account ID: 12345678 Account ID: 87654321
VPC
  • Name: VPC-A
  • Region: China North 2 (Beijing)
  • VPC ID: vpc-12345678
  • CIDR block: 10.10.0.0/16
VPC
  • Name: VPC-B
  • Region: China East 1(Hangzhou)
  • VPC ID: vpc-87654321
  • CIDR block: 192.168.0.0/16
Physical Connection
  • VBR name: VPC-Beijing
  • VBR ID: vbr-12345678
  • Leased line ID: pc-AAA
  • VLAN ID: 1000
-

Step 1: Create router interfaces

Create a router interface on the VBR under account A and the VPC under account B respectively, so that the VRouter of the VPC and the VBR can send messages to each other through the router interfaces. For more information, see Router interfaces.

Note: The router interface on the VBR must act as the initiator.

Create the initiator router interface

Follow these steps to create a router interface for the VBR:

  1. Use account A to log on to the Express Connect console.

  2. In the left-side navigation pane, select Router Interface. Click Create Router Interface.

  3. Configure the router interface. This tutorial uses the following configurations.

    • Scenario: Physical Access.

    • Router Creation: Create Initiator.

    • Router Type: VRouter

    • Local Region: China North 2 (Beijing).

    • Access Point: Beijing-Daxing-A.

    • VBR ID: vbr-12345678.

    • Peer Region: China East 1 (Hangzhou).

    • Peer Router Type: VRouter.

    • Specification: Large.1(1Gb).

  4. Click Buy Now to complete the creation.

    Go back to the Router Interface page after about one minute and select the target region. Then you can see the newly created router interface under account A. In this tutorial, the ID of the router interface under account A is ri-AAA.

Create the receiver router interface

Follow these steps to create the receiver router interface:

  1. Use account B to log on to the Express Connect console.

  2. In the left-side navigation pane, select VPC Connection > Router Interface.

  3. Click Create Router Interface.

  4. Configure the router interface. This tutorial uses the following configurations.

    • Billing Method: Pay-As-You-Go.

    • Scenario: Physical Access.

    • Router Creation: Create Receiver.

    • Router Type: VRouter

    • Local Region: China East 1 (Hangzhou).

    • VPC ID: vpc-87654321.

    • Peer Region: China North 2 (Beijing).

    • Peer Access Point: Beijing-Daxing-A.

    • Peer Router Type: VRouter

  5. Click Buy Now.

    Go back to the Router Interface page after about one minute and select the target region. Then you can see the newly created router interface under account B. In this tutorial, the ID of the router interface under account B is ri-BBB.

Step 2: Initiate a connection

After creating router interfaces, you need to add peer router interfaces and initiate a connection. Only the initiator router interface can initiate a connection.

Add peer router interface for the VPC under account B

  1. Use account B to log on to the Express Connect console.

  2. In the left-side navigation pane, select Router Interface.

  3. Click the region where the target router interface is located and find the target router interface.

  4. Click Add in the Peer Router Interface column or click More > Edit Peer Interface in the Actions column.

  5. In the displayed dialog box, select Other Account and enter the account ID (12345678), VBR ID (vbr-AAA), and router interface ID (ri-AAA) of account A.

Add peer router interface for the router interface on the VBR under account A and initiate a connection

Follow these steps to add peer router interface for the router interface on the VBR under account A and initiate a connection:

  1. Use account A to log on to the Express Connect console.

  2. In the left-side navigation pane, select Router Interface.

  3. Click the region where the target router interface is located and find the target router interface.

  4. Click Add in the Peer Router Interface column or click More > Edit Peer Interface in the Actions column.

  5. In the displayed dialog box, select Other Account and enter the account ID (87654321), VBR ID (vbr-BBB), and router interface ID (ri-BBB) of account B.

  6. Find the router interface of the VBR, and click Initiate a Connection.

    The connection is established successfully when the status of the router interfaces ri-AAA and ri-BBB changes to Active.

Step 3: Configure routes

After creating the router interfaces, you need to configure routes so that the on-premises IDC can communicate with the VPC.

Configure routes on the VBR

Follow these steps to forward the traffic, destined for the on-premises IDC (CIDR block: 172.16.0.0/12), from the VBR to the leased line:

  1. Use account A to log on to the Express Connect console.

  2. In the left-side navigation pane, click Virtual Border Router.

  3. Find the target VBR and click Manage. Then click Add Route Entry on the page of VBR details.

  4. Configure the route. In this tutorial, the route configurations are as follows:

    • Destination CIDR Block: The CIDR block of the on-premises IDC. In this tutorial, enter 172.16.0.0/12.

    • Next Hop Direction: Select To VPC.

    • Next Hop: Select the existing leased line.

Follow these steps to forward the traffic, destined for the VPC (CIDR block: 192.168.0.0/16), from the VBR to the VPC:

  1. Use account A to log on to the Express Connect console.

  2. In the left-side navigation pane, click Virtual Border Router.

  3. Find the target VBR and click Manage. Then click Add Route Entry on the page of VBR details.

  4. Configure the route. In this tutorial, the route configurations are as follows:

    • Destination CIDR Block: The CIDR block of the peer VPC. In this tutorial, enter 192.168.0.0/16.

    • Next Hop Direction: Select To VPC.

    • Next Hop: Select the router interface of the VBR. In this tutorial, select ri-BBB.

Configure the route on the VPC

Follow these steps to forward the traffic, destined for the on-premises IDC (CIDR block: 172.16.0.0/12), from the VPC to the VBR:

  1. Use account B to log on to the Express Connect console.

  2. In the left-side navigation pane, click Router Interface. Find the target router interface and click Router Configuration.

  3. Configure the route. In this tutorial, the route configurations are as follows:

    • Destination CIDR Block: The CIDR block of the on-premises IDC. In this tutorial, enter 172.16.0.0/12.

    • Next Hop Type: Select Router Interface.

    • Next Hop: Select the router interface of VPC-B. In this tutorial, select ri-AAA.

Configure the route on the on-premises IDC

Till now, the route configuration on Alibaba Cloud has been completed. You still need to add a route entry for the VPC CIDR block in the physical access device of the customer. The destination CIDR block is the Alibaba Cloud-side IP address. For example:

  1. ip route 172.16.0.0/12 10.100.0.1

You can also configure BGP dynamic routing to direct traffic to the VBR:

  1. Create BGP peer groups. For more information, see Manage BGP peer groups.

  2. Add BGP peers to the BGP groups, see Manage BGP peers.

  3. Advertise BGP network, see Advertise BGP network.

    Note: Make sure the destination CIDR block of the BGP routing is the same as that of the static route. In this tutorial, it is 192.168.0.0/16.

Till now, all configurations have been completed.

Step 5: Performance test

After the two networks are connected with each other, test the speed of the leased line to ensure it can meet service needs. For more information, see Test the network performance of a physical connection.

Thank you! We've received your feedback.