After you connect a virtual border router (VBR) or a Cloud Connect Network (CCN) instance to a transit router, the on-premises network associated with the VBR or CCN instance can access cloud services on Alibaba Cloud by using the transit router.

Background information

Cloud services refer to the Alibaba Cloud services that use the 100.64.0.0/10 CIDR block to provide services. These cloud services include Object Storage Service (OSS), Log Service, and Data Transmission Service (DTS). If your on-premises network needs to access cloud services, you must connect the VBR or CCN instance associated with the on-premises network to a transit router, and connect a virtual private cloud (VPC) in the region where the cloud services are deployed to the transit router. After you connect the VPC to the transit router, your on-premises network can use the transit router to access the VPC in the region where the cloud services are deployed, and access the cloud services through the VPC. Access cloud services

Limits

An on-premises network associated with a VBR can use a transit router to access only the cloud services that are deployed in the same region as the on-premises network.

For example, if cloud services are deployed in the China (Beijing) region, only on-premises networks connected to VBRs in the China (Beijing) region can access the cloud services.

Prerequisites

Configure the cloud service to be accessed

  1. Log on to CEN console.
  2. On the Instances page, find the CEN instance that you want to manage and click its ID.
  3. On the Basic Settings > Transit Router tab, click the ID of the transit router in the region where the cloud service that you want to access is deployed.
  4. On the transit router details page, click the Cloud Services tab.
  5. On the Cloud Services tab, click Configure AnyTunnel.
  6. In the Configure AnyTunnel dialog box, set the parameters and click OK.
    • Service IP address: Enter an IP address or CIDR block used by the cloud service. The IP address or CIDR block must fall within 100.64.0.0/10. For example, you can enter 100.118.28.52/32.
    • Service Region: Select the region where the cloud service is deployed.
    • Host VPC: Select the VPC that is connected to the transit router.
    • Access Region: Select the region where the VBR or CCN instance that needs to access the cloud service is deployed.
    • Description: Enter a description for the cloud service.

      The description must be 2 to 256 characters in length, and can contain digits, hyphens (-), underscore (_), and periods (.).The description must start with a letter and cannot start with http:// or https://.

    Note Typically, a cloud service uses multiple IP addresses or CIDR blocks. Repeat the preceding steps to add all the IP addresses or CIDR blocks of the cloud service.

Delete a cloud service configuration

  1. Log on to CEN console.
  2. On the Instances page, find the CEN instance that you want to manage and click its ID.
  3. On the Basic Settings > Transit Router tab, click the ID of the transit router in the region where the cloud service that you want to access is deployed.
  4. On the transit router details page, click the Cloud Services tab.
  5. On the Cloud Services tab, find the cloud service configuration that you want to delete and click Delete in the Actions column.
  6. In the Delete Route Service message, click OK.