This topic describes how to connect virtual border routers (VBRs) to a transit router of Cloud Enterprise Network (CEN) in the same region. After you connect VBRs to a transit router, the transit router establishes private network connections among the VBRs.
Prerequisites
- The Alibaba Cloud account that owns the transit router and the Alibaba Cloud account that owns the VBR belong to the same enterprise.
- A transit router is deployed in the region of the VBR. For more information, see Create a transit router.
- You can connect a transit router to a VBR that belongs to the same or a different Alibaba Cloud account. If you want to connect a transit router to a VBR that belongs to a different Alibaba Cloud account, you must first acquire the permissions. For more information, see Grant permissions on a network instance that belongs to another account.
Connect a VBR to an Enterprise Edition transit router
Connect VBRs
- Log on to the CEN console.
- On the Instances page, find the CEN instance that you want to manage and click the instance ID.
- On the tab, find the transit router that you want to manage and click Create Connection in the Actions column.
- On the Connection with Peer Network Instance page, set the following parameters and click OK.
Parameter Description Instance Type Select Virtual Border Router (VBR). Region Select the region where the network instance is deployed. Transit Router The transit router in the selected region is displayed. If no transit router is found in the selected region, the system automatically creates a transit router.
Resource Owner ID Specify whether the network instance belongs to the current or a different Alibaba Cloud account. - If the network instance and the transit router that you want to connect belong to the same Alibaba Cloud account, select Your Account.
- If the network instance and the transit router that you want to connect belong to different Alibaba Cloud accounts, select Different Account, and enter the ID of the Alibaba Cloud account to which the network instance belongs.
Attachment Name Enter a name for the connection. The name must be 2 to 128 characters in length, and can contain letters, digits, underscores (_), and hyphens (-). It must start with a letter.
Network Instance Select the ID of the VBR that you want to connect to the transit router. Advanced Settings When you create a VBR connection, the system automatically enables the following features in the advanced settings: - Associate with Default Route Table of Transit Router
After this feature is enabled, the VBR connection is automatically associated with the default route table of the transit router. The transit router forwards the traffic of the VBR based on the default route table.
- Propagate System Routes to Default Route Table of Transit Router
After this feature is enabled, the system routes of the VBR are advertised to the default route table of the transit router. This way, the VBR can communicate with other network instances that are connected to the transit router.
- Propagate Routes to VBR
After this feature is enabled, the system automatically advertises the routes in the transit router route table that is associated with the VBR connection to the VBR.
You can disable these advanced features by clearing the check boxes. If you want to enable the VBR to communicate with other network instances, you can configure associated forwarding and route learning on the transit router. For more information, see Manage routes.
Note If the DEVICE_MODEL_FORBIDDEN error message is returned, refer to FAQ to troubleshoot the issue.
Change the transit router route table associated with the VBR connection
After you create a VBR connection, you can change the transit router route table that is associated with the VBR connection.
- Log on to the CEN console.
- On the Instances page, find the CEN instance that you want to manage and click the instance ID.
- On the tab, click the ID of the transit router that you want to manage.
- On the Intra-region Connections tab, find the VBR connection that you want to manage and click the ID.
- In the Attachment Details panel, find the Basic Information section and click Modify next to Associated Route Table.
- In the Modify Route Table dialog box, select a route table and click OK.
Connect a VBR to a Basic Edition transit router
- Log on to the CEN console.
- On the Instances page, find the CEN instance that you want to manage and click the instance ID.
- On the tab, find the transit router that you want to manage and click Create Connection in the Actions column.
- On the Connection with Peer Network Instance page, set the following parameters and click OK.
Parameter Description Instance Type Select Virtual Border Router (VBR). Region Select the region where the network instance is deployed. Transit Router The transit router in the selected region is displayed. If no transit router is found in the selected region, the system automatically creates a transit router.
Resource Owner ID Specify whether the network instance belongs to the current or a different Alibaba Cloud account. - If the network instance and the transit router that you want to connect belong to the same Alibaba Cloud account, select Your Account.
- If the network instance and the transit router that you want to connect belong to different Alibaba Cloud accounts, select Different Account, and enter the ID of the Alibaba Cloud account to which the network instance belongs.
Network Instance Select the ID of the network instance that you want to connect. Note If the DEVICE_MODEL_FORBIDDEN error message is returned, refer to FAQ to troubleshoot the issue.
References
- View network instance connections
- CreateTransitRouterVbrAttachment: connects a VBR to an Enterprise Edition transit router.
- UpdateTransitRouterVbrAttachmentAttribute: modifies the name and description of a VBR connection that is created on an Enterprise Edition transit router.
- ListTransitRouterVbrAttachments: queries information about VBR connections that are created on an Enterprise Edition transit router.