Hybrid Cloud: Enabling a New CIDR Block in a VPC to Communicate with IDC
Different networks need to communicate with each other over routing protocols. Alibaba Cloud Express Connect (EC) uses static routing protocols in the cloud, so you need to configure static routes to enable communication. Because static routes are unidirectional, you must configure the route on both the source and the destination routers. This document describes how to add a static route in specific scenarios.
Prerequisite: A hybrid cloud has been enabled. However, the new CIDR block in the VPC cannot communicate with the IDC.
As shown in the preceding figure, CIDR block 172.16.0.0/12 (in green) of the IDC can communicate with CIDR block 192.168.0.0/24 of the Alibaba Cloud VPC. Now, a new CIDR block 192.168.1.0/24 in the VPC needs to communicate with the IDC. New routes are needed at ① and ③ (in red) in the preceding figure.
1. Add Route ③ from the Alibaba Cloud VBR to the VPC
Choose Express Connect > Physical Connections > Virtual Border Router (VBRs). Click Manage on the right side of the target VBR.
https://vpc.console.aliyun.com/expressConnect
Click Add Route on the right side of the Route Entry List.
Add a route
In CIDR, enter 192.168.1.0/24, the newly added CIDR block in the VPC.
In Next-Hop Direction, select To VPC.
In Next Hop, select Ri-B (namely, the VBR API that is connected to the VPC).
The route now has been added.
2. Add Route ① from the IDC to the Alibaba Cloud VPC
The IDC is usually connected to the physical connection through a Layer 3 network device.
For example, this may be a router or Layer 3 switch from vendors such as Huawei, Cisco, or Ruijie.
The commands for adding static routes are similar for devices from these vendors. The following shows how to add a route using the device provided by Cisco.
Command CIDR Block Mask Next Hop
ip route 192.168.1.0 255.255.255.0 10.0.0.2
10.0.0.2 is the IP address of the Alibaba Cloud API.
255.255.255.0 is a mask and “/24” indicates a class-C CIDR block. The CIDR block has 254 available IP addresses.
The route has now been added.
3. Configuring a Static Route for a Leased Line in a Hybrid Cloud
To ensure communication between an off-cloud system and an on-cloud system, you must configure the routes correctly. Configuration mode of static routes
The topology is simply IDC — VBR — VPC.
Each physical connection requires a Layer 3 VBR as a route relay to Alibaba Cloud.
Cross-CIDR communication requires routing and forwarding. When the IDC communicates with the Alibaba Cloud VPC through the VBR using static routing, the route needs to be configured for both the source and destination routers for each logical link.
To ensure communication between the IDC and VBR, you need to configure 1 and 2. To ensure communication between the VBR and VPC, you need to configure 3 and 4.
If a new CIDR block is added to the IDC rather than to the VPC, you only need to configure routes ② and ④ in the preceding figure.
