Transit routers can be used to establish network communication between network instances and forward network traffic within a region or across regions. Transit routers support various routing features. You can configure routes to define how network traffic is forwarded between network instances.
How Enterprise Edition transit routers work
Connect network instances
You can connect the following network instances to an Enterprise Edition transit router:
One or more virtual private clouds (VPCs)
If the region, such as China (Nanjing - Local Region), of an Enterprise Edition transit router supports only one zone, make sure that the VPC to be connected to the transit router has at least one vSwitch in the zone. In addition, the vSwitch must provide at least one idle IP address. When you connect the VPC to the Enterprise Edition transit router, the transit router creates an elastic network interface (ENI) in the vSwitch of the VPC. The ENI occupies one IP address in the vSwitch, and forwards network traffic between the VPC and Enterprise Edition transit router.
If the region, such as China (Hangzhou), of an Enterprise Edition transit router supports more than one zone, make sure that the VPC to be connected to the transit router has at least two vSwitches, which must be in different zones. Each vSwitch occupies one idle IP address. When you connect the VPC to the Enterprise Edition transit router, the transit router creates an ENI in each of the vSwitches. Each ENI occupies one IP address in the vSwitch and forwards network traffic between the VPC and Enterprise Edition transit router. The two vSwitches support zone-disaster recovery to ensure uninterrupted data transmission between the VPC and the transit router.
NoteFor more information about the regions and zones that support Enterprise Edition transit routers, see Regions and zones that support Enterprise Edition transit routers.
If your Enterprise Edition transit router is deployed in a region that supports multiple zones, we recommend that you create a vSwitch in each of the zones to support VPC connections. Make sure that each vSwitch can provide at least one idle IP address. This way, the network latency is reduced and the network performance is improved due to shorter data transmission distance. For more information, see How routes are selected for a VPC connection.
Manage routes
After network instances are connected to an Enterprise Edition transit router, routes of the network instances are stored in route tables. The Enterprise Edition transit router forwards traffic of the network instances based on the routes in the route table.
Each Enterprise Edition transit router has a default route table. You can also create custom route tables for Enterprise Edition transit routers. Default route tables are isolated from custom route tables to implement access control.
Associated forwarding controls how the traffic of a network instance is forwarded. An Enterprise Edition transit router can forward network traffic for a network instance by querying routes in a route only after the network instance connection is associated with the route table.
Each network instance connection can have an associated forwarding correlation with the route tables of only one Enterprise Edition transit router.
Route learning controls how a network instance advertises routes. The routes of a network instance can be advertised to an Enterprise Edition transit router only after you enable route learning between the network instance connection and the route tables of the transit router.
You can enable route learning between the network instance connection and the route tables of one or more Enterprise Edition transit router. Then, routes can be advertised from the network instance to the route tables.
You can add custom routes to the route tables of an Enterprise Edition transit router. This way, you can control traffic forwarding for network instances.
Default routing behavior
After a network instance is connected to an Enterprise Edition transit router, no routes are advertised to the network instance by default. You can enable the route synchronization feature to enable the Enterprise Edition transit router to advertise routes to the network instance. For more information, see Route synchronization.
How Basic Edition transit routers work
Beginning March 31, 2022, Basic Edition transit routers are supported only in Cloud Connect Network (CCN) areas. They are not available for purchase in Alibaba Cloud regions. By default, only Enterprise Edition transit routers are available for purchase in Alibaba Cloud regions. If your Basic Edition transit routers reside in regions that no longer support Basic Edition transit routers, we recommend that you upgrade the Basic Edition transit routers to Enterprise Edition, which supports more features and a greater networking capacity. For more information, see Upgrade Basic Edition transit routers.
Connect network instances
You can connect the following network instances to a Basic Edition transit router:
Manage routes
After network instances are connected to a Basic Edition transit router, routes of the network instances are stored in route tables. The Basic Edition transit router forwards traffic of the network instances based on the routes of the route table.
Each Basic Edition transit router has one default route table. You cannot create custom route tables for Basic Edition transit routers.
After network instances are connected to a Basic Edition transit router, all routes of the network instances are advertised to the default route table of the Basic Edition transit router. Then, the Basic Edition transit router advertises the routes to all network instances that are also connected to the transit router to enable communication among the network instances.
You can configure routing policies to control route advertisement for the route tables of a Basic Edition transit router. You can configure routing policies to specify whether to advertise the routes in the route table of a Basic Edition transit router to the network instances connected to the transit router. You can also configure routing policies to modify the attributes of the routes in the route table of a Basic Edition transit router.
If both VBRs and CCN instances are connected to a Basic Edition transit router, the system automatically creates a routing policy whose priority is 5000, action is Reject, and direction is Egress Regional Gateway. This routing policy forbids the VBRs and CCN instances from communicating with other VBRs and CCN instances that are also connected to the Basic Edition transit router. For more information, see Default routing policy.