This topic describes the functions and features of Cloud Enterprise Network (CEN).
Functions and features
CEN uses transit routers to establish inter-region connections between virtual private clouds (VPCs) or between VPCs and data centers. This creates flexible, stable, and enterprise-class networks in the cloud. Transit routers provide a variety of features such as associated forwarding, route learning, custom route tables, and routing policies to help you establish network communication and manage routes.
The following table lists the functions and features that are supported by different editions of transit routers.
indicates that the feature is supported by the edition, and 
indicates that the feature is not supported by the edition.
| Feature type | Feature | Basic edition | Enterprise edition |
|---|---|---|---|
| Network instance connections | VPC connections | |
|
| Virtual border router (VBR) connections | |
|
|
| Cloud Connect Network (CCN) connections
Note Regions of CCN support only Basic Edition transit routers.
|
|
|
|
| IPsec-VPN connection within a different Alibaba Cloud account | |
|
|
| Transit router connections | |
|
|
| Inter-region connections | Bandwidth plans | |
|
| Inter-region connections | |
|
|
| Bandwidth multiplexing | |
|
|
| Traffic scheduling | |
|
|
| Routes | Custom route tables | |
|
| Custom routes | |
|
|
| Associated forwarding | |
|
|
| Route learning | |
|
|
| Prefix lists | |
|
|
| Routing policies | |
|
|
| Cloud services | Access to cloud services | |
|
| Access to PrivateZone | |
|
|
| Multicast | Creation and management of multicast networks | |
|
| Monitoring and O&M | Bandwidth plan monitoring | |
|
| Inter-region connection monitoring | |
|
|
| Express Connect circuit monitoring | |
|
|
| Network instance connection monitoring | |
|
|
| Health check | |
|
|
| Flow logs | |
|
Network instance connections
VPC Connections
You can attach VPCs that you want to connect to a transit router. After you attach the VPCs to a transit router, you can use the transit router to establish private network connections.
VBR Connections
You can attach VBRs that you want to connect to a transit router. After you attach the VBRs to a transit router, you can use the transit router to establish private network connections.
CCN Connections
You can attach CCN instances that you want to connect to a transit router. After you attach the CCN instances to a transit router, you can use the transit router to establish private network connections.
IPsec-VPN Connections
After a data center is connected to a transit route over an IPsec-VPN connection, the data center can communicate with other networks that are attached to the transit router.
Inter-region connections
Bandwidth Plans and Inter-region Connections
An inter-region connection refers to a connection between transit routers that are deployed in different regions. To create an inter-region connection, you must use a bandwidth plan.
Bandwidth Multiplexing
The bandwidth multiplexing feature of CCN allows you to share inter-region bandwidth resources between a CCN transit router and a regional transit router. This facilitates configurations and allows you to use bandwidth resources in a more flexible manner.
Traffic Scheduling
Traffic scheduling marks inter-region traffic and throttles bandwidth for different types of traffic based on the DHCP values. This ensures that bandwidth resources are properly allocated to each type of service and improves network performance.
Routes
Custom Route Tables
Custom route tables are similar to virtual routing forwarding (VRF) supported by traditional routers. Custom route tables are isolated from the default route table of Enterprise Edition transit routers. Network traffic from different network instances can be isolated based on the associated custom route tables.
Route Learning
Route learning controls how a network instance advertises routes. The routes of a network instance can be advertised to an Enterprise Edition transit router only after you enable route learning between the network instance and the route tables of the transit router.
Associated Forwarding
Associated forwarding controls how the traffic of a network instance is forwarded. An Enterprise Edition transit router can query routes and forward network traffic based on the routes for a network instance only after you enable associated forwarding between the network instance and the route table of the transit router.
Custom Routes
Enterprise Edition transit routers allow you to add static routes and blackhole routes. You can add custom routes to the route table of an Enterprise Edition transit router to control traffic forwarding for network instances.
Prefix Lists
The route tables of Enterprise Edition transit routers can be associated with prefix lists. After the route table of an Enterprise Edition transit router is associated with the prefix list of a virtual private cloud (VPC), the system automatically adds the routes that point to the CIDR blocks in the prefix list to the route table of the transit router.
Routing Policies
A routing policy controls route advertisement for the route table of a transit router. You can add a routing policy to specify whether to advertise the routes in the route table of a transit router to network instances or other transit routers.
Cloud services
PrivateZone
PrivateZone is a VPC-based DNS resolution and management service for private domain names. After you attach VBRs and CCN instances to a transit router, on-premises networks that are attached to the CEN instance can access PrivateZone.
Cloud service management
After you attach VBRs and CCN instances to a transit router, on-premises networks that are attached to the transit router can access services deployed on Alibaba Cloud.
Multicast
Multicast Networks
After you attach network instances to an Enterprise Edition transit router, you can create and manage multicast networks. The Enterprise Edition transit router functions as a multicast router that forwards multicast packets between the network instances.
Monitoring and O&M
CEN Monitoring
CEN supports the monitoring feature. You can view the monitoring data of bandwidth plans, inter-region connections, Express Connect circuits that are connected to VBRs, and traffic on network instances that are attached to transit routers on the Charts tab.
Health Check
VBRs can connect data centers to Alibaba Cloud through Express Connect circuits. After you connect a VBR to a transit router, you can use the health check feature to test the connectivity of the Express Connect circuit.
Flow Logs
Flow logs are used to capture information about inter-region traffic between transit routers and traffic over VBR connections. You can use flow logs to analyze bandwidth usage and troubleshoot network issues.