Connect VPC networks - VPC network connections| Alibaba Cloud Documentation Center

Connect VPC networks

Edit in GitHub

Last Updated: Jul 15, 2020 Edit in GitHub

This topic describes how to connect Virtual Network Cloud (VPC) networks by using Cloud Enterprise Network (CEN) or VPN Gateway.

Cloud Enterprise Network

You can use CEN to establish private network connections between VPC networks. CEN uses automatic route distribution and learning to speed up network convergence and improves the quality and security of cross-network communication. For more information, see Cloud Enterprise Network.

You can use CEN to connect VPC networks created under the same account or different accounts. The following table describes the scenarios.


Scenario	Method
Connect VPC networks under the same account	Connect VPC networks in a region
Connect VPC networks under the same account	Connect VPC networks across regions
Connect VPC networks under different accounts	Connect VPC networks in a region
Connect VPC networks under different accounts	Connect VPC networks across regions

The benefits of CEN are as follows:

Global interconnection
A CEN is an enterprise-class network that allows you to interconnect Alibaba Cloud resources on a global scale, and also interconnect your network resources on Alibaba Cloud. Networks connected to a CEN are managed based on IP addresses to avoid IP address conflicts. A CEN uses controllers to automatically learn and distribute routes among multiple nodes to achieve fast route convergence on a global scale.
Low latency and high speed
CENs provide low-latency and high-speed network transmission. The maximum transmission rate between two local sites can match the port rate of the gateway devices deployed near the local sites. The network latency of global communication through CEN is much lower than network communication over the Internet.
Nearest access and shortest path transmission
CEN deploys access points and nodes in more than 60 regions in the world to support nearest access to Alibaba Cloud. This reduces the response latency and packet loss caused by data transmission over the Internet.
Connection resilience and disaster recovery
CEN implements high availability and network redundancy by providing at least four redundant connections between any two access points. If a connection fails, your workloads can still function without network jitters or disruptions.
Systematic management
CEN provides capabilities for systematic network monitoring. It can automatically detect route conflicts caused by system changes and guarantee network stability.

VPN Gateway

VPN Gateway is an Internet-based connection service. It supports route-based IPsec-VPN connections. You can use IPsec-VPN connections to connect Virtual Private Cloud (VPC) networks for secure and reliable communication. For more information, see Establish a connection between two VPCs.

The benefits of VPN Gateway are as follows:

High security
Uses the IKE and IPsec protocols in data transmission to guarantee data security.
High availability
Uses a hot-standby architecture to support failovers within only a few seconds. This guarantees the continuity of your business.
Cost-efficiency
Establishes encrypted Internet connections, which are more cost-efficient than leased lines.
Easy to use
VPN Gateway instances are ready for use after they are activated. Configurations take effect immediately.