Cloud Enterprise Network:Migrate a VBR from a peering connection to a CEN instance

Preparations

If you want to migrate the VBR to an existing CEN instance, make sure that the overlapping routing function is enabled for the CEN instance.

Procedure

To migrate a VBR from a peering connection to a CEN instance, perform the following steps:

1. If you have configured health checks for the VBR, delete the health check settings in the Express Connect console.
2. Log on to the CEN console.
3. On the Instances page, find the required CEN instance and click its ID.
4. On the Networks tab, click Attach Network to attach the VBR that you want to migrate and the VPC that is connected to the VBR. For more information, see Attach a network instance.
5. If you want to communicate across regions, purchase a bandwidth plan and configure bandwidth for the communication.

   For more information, see Manage bandwidth for cross-region connections.

6. If you have added routes that point to high-availability virtual IP addresses (HAVIPs) or IP addresses of ECS instances and VPN gateways, go to the VPC console and advertise these routes to the CEN instance based on your connection requirements.
7. If your on-premises data center needs to access Alibaba Cloud services, such as Object Storage Service (OSS) and PrivateZone, configure the connections in the CEN console.

   For more information, see Access PrivateZone.

8. Log on to the CEN console and click the ID of the required CEN instance. Then, click the Routes tab to view the route information. Make sure that the routes do not conflict after you attach the VBR and VPC to the CEN instance.

   The static routes configured in the peering connection have higher priorities than the dynamic routes of the CEN instance. Specifically, if a static route is configured in the peering connection, CEN does not learn routes that are more specific than the static route and have the same destination as the static route. We recommend that you split static routes in the peering connection and delete them after CEN learns the routes. This ensures smooth migration.

   In the following figure, the route to 192.168.1.0/24 in the CEN instance is more specific than the route to 192.168.0.0/16 in the peering connection. Therefore, the two routes are in conflict.
   • If you can tolerate a transient network interruption during the migration, delete the route to 192.168.0.0/16. Then, the route in the CEN instance automatically takes effect.

     The duration of the network interruption varies based on the number of CEN routes. For important business scenarios, we recommend that you use the following method to smoothly migrate the VBR.

   • If you want to smoothly migrate the VBR, split the route in the peering connection into routes more specific than the route to 192.168.1.0/24 in the CEN instance. For example, split the route to 192.168.0.0/16 in the peering connection into routes to 192.168.1.0/25 and 192.168.1.128/25.
     1. In the Express Connect console, click Virtual Border Routers (VBRs). Find the required VBR, click its ID, and click the Routes tab.
     2. Click Add Route to add two routes in which the destination CIDR blocks are 192.168.1.0/25 and 192.168.1.128/25 and the next hops are the VPC to which the VBR is connected.
     3. If BGP is used, advertise the routes to 192.168.1.0/25 and 192.168.1.128/25.
     4. Delete the route to 192.168.0.0/16 in the peering connection.
     5. Click Refresh to check whether the routes in the CEN instance take effect.
     6. Delete the routes to 192.168.1.0/25 and 192.168.1.128/25 in the VBR route table and the advertised BGP routes.
     7. In the CEN console, configure health checks for the VBR. For more information, see Configure health checks.