Help Center > > Best Practices> Communication Among Multiple VPCs Across Regions

Communication Among Multiple VPCs Across Regions

Updated at: Sep 23, 2019 GMT+08:00

Background

Generally, resources in VPCs in different regions can use EIPs or VPN connections to communicate with each other. However, the Elastic IP and VPN services are based on Internet. EIPs are unstable, and data cannot be encrypted, which may cause data leakage. VPN connections use IPSec to encrypt data. Though security is guaranteed, communication may become unstable. In this case, you can use CC to provide a secure, stable, reliable, and high-performance network for communication among VPCs. You need to create a cloud connection, load VPCs in each region to the cloud connection, purchase different types of bandwidth packages, and configure inter-region bandwidths.

Scenarios

You have created two VPCs in the CN East-Shanghai2 region, each of which has two subnets, and a VPC in the AP-Hong Kong region and the AF-Johannesburg region, respectively. To meet business requirements, VPCs in each region must have high-performance, high-availability, and low-latency network. CC can help solve this problem. The following figure shows a typical application scenario where CC is used to enable communication among VPCs in different regions.

Figure 1 Cross-region multi-VPC communication (logic diagram)

When configuring the cloud connection, pay attention to the following:

  • CIDR blocks of subnets in the VPCs cannot overlap or conflict with each other.
  • Existing routing entries, including these added for VPC Peering, Direct Connect, and the VPN service, cannot conflict with the routes of subnets loaded to the cloud connection.

Prerequisites

  • VPCs and subnets that need to communicate with each other across regions have been created.
  • Your account has sufficient balance to purchase bandwidth packages.

Procedure

  1. Create a cloud connection.

    A cloud connection works as a private network for VPCs or virtual gateways loaded to it to communicate with each other. To create a cloud connection, perform the following steps:

    1. Log in to the management console.
    2. Click Service List. Under Network, click Cloud Connect.
      Figure 2 Accessing the CC console
    3. On the displayed page, click Create Cloud Connection.
      Figure 3 Create Cloud Connection
    4. (Optional) In the Create Cloud Connection dialog box, enter the name and description of the cloud connection.
      Figure 4 Configuring the parameters

      For details about the parameters, see Table 1.

      Table 1 Parameter description

      Parameter

      Description

      Example Value

      Name

      Specifies the name of the cloud connection. The value can contain only letters, digits, underscores (_), and hyphens (-).

      CloudConnect

      Enterprise Project

      Provides a cloud resource management mode, in which cloud resources and members are centrally managed by project.

      default

      Description

      Provides supplementary information about the cloud connection. Generally, the value contains a maximum of 255 characters.

      A Cloud Connect instance for Demo

    5. Click OK.

  2. Load network instances.

    Load the network instances that need to communicate with each other to the created cloud connection. To load network instances to a cloud connection, perform the following steps:

    1. Locate the newly created cloud connection named CloudConnect from the cloud connection list and then click its name.
      Figure 5 Locating the cloud connection
      NOTE:
      On the displayed page, you can view information about the cloud connection, such as its name, ID, status, creation time, and description. The following four tabs are displayed: Network Instances, Bandwidth Packages, Inter-Region Bandwidths, and Route Information.
      Figure 6 Cloud connection details
    2. Under Network Instances, click Load Network Instance.
      Figure 7 Load Network Instance
    3. In the Load Network Instance dialog box, select CN East–Shanghai2 for Region and Virtual private cloud for Instance Type, select the VPC to be interconnected and the corresponding subnets, and click OK.
      Figure 8 Loading a network instance
    4. Repeat the preceding operations to load the other VPC in the CN East-Shanghai2 region, the VPC in the AP-Hong Kong region, and the VPC in the AF-Johannesburg region to the cloud connection.
      Figure 9 Loading VPCs to the cloud connection
      NOTE:
      After the loading is complete, the VPCs in the three regions are on the same network. You can view VPC routing entries in each region on the Route Information tab page.
      Figure 10 Routing information

    For connectivity tests, CC allocates 1 Kbit/s bandwidth between two regions by default. You can ping an ECS in one VPC to an ECS in another VPC to check the network connectivity between the two VPCs. The two VPCs in the same region can communicate with each other by default after being loaded to the connection. You do not need to buy a bandwidth package.

  3. Submit a cross-border application.

    In this practice, since two VPCs reside outside the Chinese mainland, a cross-border application must be submitted. Before purchasing bandwidth packages, you need to prepare materials for cross-border application to China Unicom according to the regulations of the Ministry of Industry and Information Technology. Skip this step if your business does not cross the border of the Chinese mainland (for example, communication across regions within the Chinese mainland or across regions outside the Chinese mainland).

    1. In the navigation pane on the left of the CC console, choose Cross-Border Application.
      Figure 11 Cross-border application
    2. On the displayed page, you can view the three steps required for completing a cross-border application. Click download in the first step or Download Material Template to download the document templates and examples.
      Figure 12 Downloading material templates
    3. After all materials are ready, click Cross-Border Application to complete the information and upload the prepared materials.
      Figure 13 Completing information and uploading materials required for cross-border application

    4. Click Submit and wait for the approval from the provider, which requires one working day.

  4. Buy bandwidth packages.

    To enable cross-region communication, you need to purchase bandwidth packages as desired and bind the purchased packages to the cloud connection.

    1. Locate the created cloud connection and click its name to go to the details page. Under Bandwidth Packages, click Buy Bandwidth Package.
      Figure 14 Buying a bandwidth package (1)
    2. On the Buy Bandwidth Package page, set the name, billing mode, bandwidth package applicability, geographic region, bandwidth size, and required duration, determine whether to enable automatic renewal, and determine whether to bind the purchased bandwidth package to the cloud connection right now. When setting the bandwidth package applicability, select Inter-geographic region for there are two VPCs are outside the Chinese mainland.
      1. To enable network communication between the CN East-Shanghai2 region and the AP-Hong Kong region, select Chinese mainland and Asia Pacific as geographic regions, and set the bandwidth to 30 Mbit/s.
      2. To enable network communication between the CN East-Shanghai2 region and AF-Johannesburg region, select Chinese mainland and South Africa as geographic regions, and set the bandwidth to 2 Mbit/s.

      After the bandwidth packages are purchased, bind them to the created cloud connection. Confirm the information and click Buy Now.

      Figure 15 Buying a bandwidth package (2)
    3. On the Bandwidth Packages page, view the purchased bandwidth package and its detailed information, including the billing mode, order information, bound cloud connection, and used bandwidth, and remaining bandwidth. You can also modify, unbind, renew, and unsubscribe from the bandwidth package.
      Figure 16 Bandwidth packages

  5. Configure inter-region bandwidths.

    After purchasing the bandwidth packages, configure the bandwidths for communication between regions on the cloud connection details page.

    1. Locate the created cloud connection and click its name to go to the details page. Under Inter-Region Bandwidths, click Configure Inter-Region Bandwidth.
      Figure 17 Configuring inter-region bandwidths (1)
    2. In the displayed dialog box, select CN East–Shanghai2 and AP–Hong Kong for Interworking Regions. The bandwidth package that you have purchased is displayed. Set the bandwidth to 30 Mbit/s.
      Figure 18 Configuring inter-region bandwidths (2)

      Repeat the preceding steps to configure a 2 Mbit/s bandwidth for communication between CN East-Shanghai2 and AF–Johannesburg.

    3. View the configured inter-region bandwidths on the Inter-Region Bandwidths tab page.
      Figure 19 Viewing inter-region bandwidths

      Now, network communications among VPCs between the Chinese mainland to Hong Kong, and between the Chinese mainland to South Africa are established.

Did you find this page helpful?

Submit successfully!

Thank you for your feedback. Your feedback helps make our documentation better.

Failed to submit the feedback. Please try again later.

Which of the following issues have you encountered?







Please complete at least one feedback item.

Content most length 200 character

Content is empty.

OK Cancel