FAQ - Express Connect - Alibaba Cloud Documentation Center

This topic provides answers to some frequently asked questions about Cloud Enterprise Network (CEN).

What are the differences between CEN and Express Connect?

Both CEN and Express Connect can be used to establish a connection between a virtual private cloud (VPC) and a data center. However, VPC and CEN differ in network connection, route management, and bandwidth management.


Item	CEN	Express Connect
Network connection	Point-to-multipoint connection Network instances that are attached to the same CEN instance can communicate with each other through a secure, reliable, and high-speed tunnel established by CEN.	Point-to-point connection A VPC or data center that is connected through an Express Connect circuit can only communicate with the peer VPC.
Route management	Dynamic learning CEN supports dynamic route learning and route advertisement. This increases route convergence and improves the quality and security of network connections.	Manual configuration You must manually configure routes for data centers or VPCs that are connected through Express Connect circuits.
Bandwidth management	Flexible inter-region bandwidth plan You can purchase inter-region bandwidth plans for CEN to reduce costs and allocate resources. You can modify the maximum bandwidth and change the peer region after you purchase an inter-region bandwidth plan.	Region-to-region bandwidth plan When you purchase the Express Connect service, you must specify the bandwidth that is used for the connection between the local region and the peer region. After you purchase a bandwidth plan, you can modify the maximum bandwidth but you cannot change the peer region.

What fees am I charged for using a Basic Edition transit router?

You must pay for the bandwidth plan that you use to establish an inter-region connection on the Basic Edition transit router.

Note Beginning on March 31, 2022, CEN no longer provides Basic Edition transit routers. We recommend that you use Enterprise Edition transit routers. Enterprise Edition transit routers support more features. For more information, see Functions and features.

What do I do if the system prompts an error when I connect a transit router to a virtual border router (VBR)?

The following figure shows the DEVICE_MODEL_FORBIDDEN error message. This error message indicates that the underlying access device does not allow you to connect VBRs to transit routers. You can Submit a ticket to request Alibaba Cloud to connect your VBR to your transit router. VBR connection error

How do I use an unoptimized Enterprise Edition transit router to create a VPC connection?

When you use an unoptimized Enterprise Edition transit router to create a VPC connection, you must specify the primary and secondary zones when you connect an Enterprise Edition transit router to a VPC. The VPC must have at least one vSwitch in each zone of the transit router. Each vSwitch occupies at least one IP address. When the VPC is connecting to the Enterprise Edition transit router, an elastic network interface (ENI) is automatically created on each vSwitch of the VPC. Each ENI occupies one IP address of the vSwitch. The ENIs forward network traffic between the VPC and the Enterprise Edition transit router.

Data transferred from the connected VPC is preferentially forwarded by the elastic network interface (ENI) in the primary zone to the Enterprise Edition transit router. If the ENI in the primary zone is not working, the ENI in the secondary zone takes over.

Make sure that the following requirements are met when you specify the primary zone and secondary zone:

The primary zone and secondary zone must belong to the same VPC. At least one vSwitch must be deployed in each zone.
Take note of the route tables and network access control lists (ACLs) that are associated with the vSwitches in the zones that you specify when you create ENIs. The route tables and network ACLs affect how network traffic from the Enterprise Edition transit router to the VPC is processed in the VPC. If the vSwitches to which the ENIs are attached use different route tables and network ACLs, the vSwitches may process network traffic from the Enterprise Edition transit router to the VPC in different ways. For more information about network ACLs, see Overview of network ACLs.

Log on to the CEN console.
On the Instances page, find the CEN instance that you want to manage and click the instance ID.
Choose Basic Settings > Transit Router, find the transit router that you want to manage, and then click the ID of the transit router.

On the Connection with Peer Network Instance page, set the following parameters and click OK.

The following table lists only some key parameters. For more information about the other parameters, see Create a VPC connection.


Parameter	Description
Network Type	Select VPC.
Region	Select the region where the VPC that you want to connect is deployed.
Transit Router	The system automatically displays the transit router in the selected region.
Select the primary and secondary zones for the transit router	Select the primary and secondary zones for the transit router. After you specify the zones, the system creates ENIs in the vSwitches that are deployed in the specified zones.
Networks	Select the ID of the VPC that you want to connect.
VSwitch	Select a vSwitch in the primary zone and the secondary zone.