You can use Cloud Enterprise Network (CEN) and VPN Gateway to connect ApsaraMQ for Kafka instances in different virtual private clouds (VPCs). This topic describes the benefits and characteristics of CEN and VPN Gateway.
CEN
CEN allows you to establish private channels between VPCs. CEN uses automatic route distribution and learning to accelerate network convergence, improve quality and security in cross-network communication, and establish connection among network-wide resources. For more information, see What is CEN?
You can use a CEN instance to connect VPCs that belong to the same account or different accounts. The following table describes the scenarios.
Scenario | Configuration method |
Connect VPCs that belong to the same Alibaba Cloud account | Use Basic Edition transit routers to connect VPCs in the same region |
Connect VPCs that belong to different Alibaba Cloud accounts |
CEN has the following benefits:
Worldwide connection
CEN is an enterprise-class network that can connect the global network resources of Alibaba Cloud. CEN can also connect the network resources of enterprises that are connected to Alibaba Cloud. CEN ensures that the IP addresses are unique and do not conflict with each other. A CEN instance uses controllers to automatically learn and distribute routes among multiple nodes to achieve fast route convergence on a global scale.
Low latency and high speed
CEN provides low-latency and high-speed network transmission. CEN ensures that on-premises networks communicate with each other at the highest data transfer rate supported by the device ports. CEN provides network connections with lower latency than Internet connections.
Nearest access and shortest path transmission
CEN has deployed access points and nodes in more than 60 regions in the world to support nearest access to Alibaba Cloud. Compared with communication over the Internet, CEN connections provide lower network latency.
Standby connections and disaster recovery
CEN provides at least four standby connections between two nodes. This ensures high availability for services. If specific connections fail, the standby connections take over. This prevents service interruption and network jitter.
Systematic management
CEN has systematic network monitoring capabilities that automatically detect route conflicts caused by system changes. This helps ensure network stability.
VPN Gateway
VPN Gateway is an Internet-based networking service that supports route-based IPsec-VPN connections. You can use IPsec-VPN connections to establish secure and reliable communication between VPCs. For more information, see Establish IPsec-VPN connections between two VPCs.
VPN Gateway has the following benefits:
Security
VPN Gateway uses the IKE and IPsec protocols in data transmission to ensure data security.
High availability
The hot-standby architecture allows VPN Gateway to support failover in seconds, which ensures session persistence and zero service downtime.
Low costs
VPN Gateway establishes encrypted connections over the Internet, which are more cost-efficient than leased lines.
Simple configurations
VPN Gateway is an out-of-the-box service whose configurations immediately take effect.