Operation guide for Express Connect partners - Express Connect

After you acquire the permissions to create shared ports, you can create shared ports for tenants to access resources on Alibaba Cloud. Each shared port can be associated with a virtual border router (VBR). This topic describes the operations that Express Connect partners must perform when tenants use pre-installed Express Connect circuits to connect to Alibaba Cloud.

Requirements

Before you start, make sure that the following requirements are met:

Two or more Express Connect circuits are connected to different access points of Alibaba Cloud. Permissions to access relevant resources on Alibaba Cloud are acquired. To apply for permissions to access relevant resources on Alibaba Cloud, contact your account manager.
The service terms in Limits on networks are met.
The switch that connects to the network of the tenant supports bandwidth adjustment and traffic monitoring. Traffic monitoring is enabled for the switch to collect statistics about bandwidth (bit/s), packet loss rate (bit/s), packet forwarding rate (pps), and data transfer (bytes).
The following traffic throttling features are configured on the customer-premises equipment (CPE): Quality of Service (QoS) policies and Address Resolution Protocol (ARP) throttling. In most cases, the limit is set to one ARP packet per second per tenant.
If Internet Control Message Protocol (ICMP) throttling is configured, the limit on ICMP echo requests must be set to a value greater than 500 pps.
The maximum bandwidth is set for the hosted connection that you want to create for the tenant. The sum of the maximum bandwidth that you set for all hosted connections over an Express Connect circuit cannot be greater than the maximum bandwidth of the Express Connect circuit.
A virtual local area network (VLAN) ID is assigned to each shared port. The VLAN IDs of shared ports that belong to the same Express Connect circuit must be unique.
For tenants that require high availability, they can associate their shared ports with different Express Connect circuits.

Prerequisites

The permissions to create shared ports are acquired. To apply for the permissions, go to Quota Center. For more information, see Apply for the permissions to create shared ports.
The Express Connect circuits are installed and enabled. For more information, see Create and manage a dedicated connection over an Express Connect circuit.
To create a shared port for a new hosted connection of a tenant, you must acquire the account ID of the tenant.
To create a shared port for an existing hosted connection of a tenant, take note of the following items:
- Before you start, you must notify the tenant and request the tenant to enable billing for outbound data transfer.
- Make sure that the VBR associated with the hosted connection supports bandwidth adjustment.
- By default, the tenant must pay for the shared port. If you want to pay for the shared port with the current Express Connect partner account, contact your business manager to acquire the required permissions.

Apply for the permissions to create shared ports

Log on to the Express Connect console.
In the left-side navigation pane, choose Products > Whitelist Quotas.
On the Products with Whitelist Quotas page, click Express Connect in the Networking section.
On the Whitelist Quotas page, click Apply in the Actions column that corresponds to the quota that you want to manage. In this example, the quota name is Shared port below 1G can be purchased and the quota ID is ec/can_buy_1G_vpconn.

In the Apply for Whitelist Quotas dialog box, set the following parameters and click OK.

Parameter	Description
Quota ID	The value of this parameter is automatically displayed on the page.
Description	The description of the quota is automatically displayed on the page.
Quota Value	Select an option in the Quota Value section. Valid values: Valid From Valid Until In this example, Valid From is selected.
Time	Specify the validity period of the new quota. Note This parameter is required only when the Quota Value parameter is set to Valid From. Set the time when the quota takes effect and expires. The validity period of the quota is 24 hours, and the quota takes effect on the day when you apply for a quota increase.
Reason	Enter the reason why you apply for the quota. The following example is provided for reference. YYYY (tenant name + Alibaba Cloud account ID) wants to connect services to Alibaba Cloud and needs a bandwidth of XX Mbit/s. The permissions to create shared ports are required.
Notify Result	Select whether to notify the application result. Yes No

Create a shared port for a new hosted connection of a tenant

If this is the first time a tenant uses your pre-installed Express Connect circuit, you must create a shared port to establish a connection based on the business requirements of the tenant.

Log on to the Express Connect console.
In the top navigation bar, select a region.
You can use one of the following methods to navigate to the Create Shared Port panel.
- On the Physical Connection page, find the Express Connect circuit that you want to manage and click Create Shared Port in the Actions column.
- On the Physical Connection page, click the ID of the Express Connect circuit that you want to manage. On the Shared Physical Connection tab, click Create Shared Port.

In the Create Shared Port panel, set the parameters of the shared port and click OK.

Parameter	Description
Account ID	Enter the account ID of the tenant for which you want to create the shared port. By default, Pay by Other Account is selected. If you use the default setting, the tenant pays the resource usage fee for the shared port.
VLAN ID	You can isolate VBRs by assigning a VLAN ID to each VBR. Valid values: 0 to 2999. If the VLAN ID is set to 0, the switch port of the VBR is a Layer 3 router interface instead of a VLAN interface. When a Layer 3 router interface is used, each Express Connect circuit corresponds to a VBR. If the VLAN ID is set to a value from 1 to 2999, the switch port of the VBR is a Layer 3 VLAN subinterface. When a Layer 3 VLAN subinterface is used, each VLAN ID corresponds to one VBR. In this case, the Express Connect circuit with which the VBR is associated can be used to connect to virtual private clouds (VPCs) that belong to different Alibaba Cloud accounts. VBRs in different VLANs are isolated from each other at Layer 2. Note After you create a shared port for a tenant, you must notify the tenant to accept the shared port. Then, the tenant can create a VBR that uses the specified VLAN ID for the shared port. The tenant is not allowed to change the VLAN ID of the VBR.
Shared Physical Connection Bandwidth Limit	You can specify a bandwidth value based on the business requirements of the tenant.
Resource Group	Select the resource group to which the Express Connect circuit belongs from the drop-down list. You can click Manage Resource Group to create or modify a resource group in the Resource Management console. For more information, see Create a resource group.

After you create a shared port, on the Shared Physical Connection tab, Pending for Acceptance is displayed in the Status column of the shared port.

In the message that appears, click OK.
Notify the tenant to accept the shared port and pay the resource usage fee. For more information, see Operation guide for tenants.

Create a shared port for an existing hosted connection of a tenant

If you have created a hosted connection for a tenant before, you can add a shared port to the hosted connection. The service of the tenant is not interrupted in this process. The newly added shared port is displayed in the tenant account. After the tenant accepts the shared port, you must confirm it in the console. Then, the VBR is automatically transferred to the tenant account and associated with the shared port.

After the VBR is transferred to the tenant account, Alibaba Cloud no longer charges VBR fees. If you have prepaid VBR fees, you can request a refund. For more information, see Rules for canceling the subscription of an Alibaba Cloud service.

Log on to the Express Connect console.
In the top navigation bar, select a region.
On the Physical Connection page, click the ID of the Express Connect circuit that you want to manage.
On the VBR tab, find the VBR of the tenant.
If the tenant does not set a bandwidth value for the VBR, you must perform the following operations to set a bandwidth value: Choose > Bandwidth Settings in the Actions column. In the Bandwidth Settings panel, set Bandwidth Cap and click OK.
Note
You cannot set Bandwidth Cap to Speed Unlimited.
On the VBR tab, find the VBR that you want to manage and choose > Transform to Shared Port in the Actions column. In the message that appears, click OK.
By default, Pay by Other Account is selected. If you use the default setting, the tenant pays the resource usage fee for the shared port.
Notify the tenant to accept the shared port and pay the resource usage fee. For more information, see Operation guide for tenants.
On the VBR tab, find the VBR of the tenant and choose > Confirm. In the message that appears, click OK.

Change the VLAN ID of a shared port

VBRs that belong to different VLANs are isolated from each other based on VLAN IDs. Express Connect partners can change the VLAN IDs of shared ports based on business requirements. However, the VLAN ID of each shared port must be unique in the same Express Connect circuit.

Log on to the Express Connect console.
In the top navigation bar, select a region.
On the Physical Connection page, click the ID of the Express Connect circuit that you want to manage.
Click the Shared Physical Connection tab, find the shared Express Connect circuit that you want to manage and click Edit in the Actions column.
In the Modify Shared Port dialog box, change VLAN ID and click OK.

Disable an instance

You can disable instances in your Express Connect service after the payment of the instances become overdue. For example, you can disable a connection over an Express Connect circuit, a VBR, or a shared port. Disabled instances will not be charged or automatically released. You can resume the instances anytime.

Log on to the Express Connect console.
In the top navigation bar, select a region.
You can disable a connection over an Express Connect circuit, a VBR, or a shared port.
- Disable a connection over an Express Connect circuit
  1. On the Physical Connection page, find the connection over the Express Connect circuit that you want to disable and click Terminate Connection in the Actions column.
  2. In the Terminate Physical Connection message, click OK.
- Disable a VBR
  1. On the Physical Connection page, click the ID of the Express Connect circuit that you want to manage.
  2. On the VBR tab, find the VBR that you want to disable and choose > Terminate Connection in the Actions column.
  3. In the Terminating the VBR message, click OK.
- Disable a shared port
  1. On the Physical Connection page, click the ID of the Express Connect circuit that you want to manage.
  2. Click the Shared Physical Connection tab, find the shared port that you want to disable and then click Terminate Connection in the Actions column.
  3. In the Terminate Physical Connection message, click OK.
After you disable an instance, the status changes to Disabled. You can click Recover in the Actions column to resume the instance.

Delete a VBR

You can delete VBRs that you no longer need. You can delete VBRs that belong to your account anytime. To delete VBRs that belong to another account, disable the VBRs first. For more information, see Disable an instance.

Note

This section describes how to delete a VBR that belongs to a tenant account. To delete a VBR that belongs to your current account, see Delete a VBR.

Log on to the Express Connect console.
In the top navigation bar, select a region.
On the Physical Connection page, click the ID of the Express Connect circuit that you want to manage.
On the VBR tab, find the VBR that you want to delete and choose > Delete in the Actions column.
In the Delete VBR message, click OK.

Delete a shared port

You can delete shared ports that you no longer need. Before you delete a shared port, you must delete the VBR that is associated with the shared port. For more information, see Delete a VBR.

Log on to the Express Connect console.
In the top navigation bar, select a region.
On the Physical Connection page, click the ID of the Express Connect circuit that you want to manage.
Click the Shared Physical Connection tab, find the shared port that you want to delete and click Delete in the Actions column.
In the Confirm Deletion message, click OK.

References

CreateVirtualPhysicalConnection: creates a hosted connection.
CreateVpconnFromVbr: adds a shared port to a hosted connection.
UpdateVirtualPhysicalConnection: changes the VLAN ID of a hosted connection.
TerminatePhysicalConnection: disables a connection over an Express Connect circuit.
TerminateVirtualBorderRouter: disables a VBR.
DeleteVirtualBorderRouter: deletes a VBR.
DeletePhysicalConnection: deletes a connection over an Express Connect circuit.
CreatePhysicalConnectionOccupancyOrder: generates an order for resource usage when an Express Connect partner is specified to pay the resource usage fee.