What is Alibaba Cloud Enterprise Network?
Cloud Enterprise Network (CEN) is an Alibaba Cloud service that allows customers to create a global network of Virtual Private Clouds (VPCs), Virtual Border Routers (VBRs), and Cloud Connected Networks (CCNs). CEN enables customers to build a secure, private, and enterprise-class interconnected network between VPCs in different regions and local data centres.
What is Alibaba Cloud Express Connect?
Express Connect is Alibaba Cloud’s private interconnection service which enables customers to create a private connection between their remote data centres and their Virtual Private Clouds, as well as connections between different VPCs.
What is the difference?
There are multiple reasons you might consider using CEN over Express Connect:
- Express Connect requires customers to deploy and configure Peering Connections (previously known as Router Interfaces) to enable the communication between VPCs, and between a VPC and on-premises IDC. These Peering Connections – virtual devices to establish a communication channel between endpoints – must be configured manually, and they represent a point-to-point network connection, not a full-mesh network.
Another major difference is in the way bandwidth between regions is managed.
Express Connect supports fixed bandwidth between regions, while CEN supports shared bandwidth packages, making the whole process of connecting networks and share network bandwidth extremely straightforward.
- CEN also features dynamic route learning, address conflict detection, automatic route forwarding and learning, and system monitoring.
A CEN Instance is the basic resource for creating and managing your global network of VPCs, VBRs, and CCNs.
To connect your network worldwide, you must first create a CEN Instance, attach networks to it, and then purchase a bandwidth package and configure it for cross-region communication.
These refer to the networks attached to CEN which are all connected, and include VPCs, VBRs, and CCNs.
A bandwidth package is required to allow for cross-region communication. Setting up a bandwidth package is a simple process and requires customers to specify the interconnection areas for the network resources to communicate. An Area is a collection of Alibaba Cloud Regions. A list of those Regions can be found here.
Create a Virtual Cross Connect to Alibaba Cloud
Please refer to our Knowledge base article linked here to check the steps to create a VXC to Alibaba Cloud and to configure the VBR.
Remember to configure BGP between your on-premises Layer 3 device and Alibaba Cloud.
To configure BGP on the Alibaba Cloud Console, you need to configure a BGP Group and a BGP Peer. You can do this from the Virtual Border Router page, under Express Connect.
Fill out the information required:
If everything is correct, click ‘OK’.
After the BGP Group is created, move to ‘BGP Peers’, and click ‘Create BGP Peer’.
Fill out the information required:
(Select the BGP Group you have previously created, and type on-premises side BGP neighbour IP.)
After the BGP Group and BGP Peers have been defined, configure BGP on your on-premises network, and verify on the VBR Route Table that you are receiving the routes.
Create a Cloud Enterprise Network Instance
First, you will need to log in to your Alibaba Cloud Console, click ‘Products’, and select ‘Cloud Enterprise Network’, located in the ‘Networking’ section.
In order to connect your on-premises data centre and your VPCs together using CEN, you need to define a CEN Instance. Click ‘Create CEN Instance’, assign a name to your CEN Instance, and attach a network.
In the screenshot, the VBR is attached to the CEN Instance, so our CEN and our on-premises IDC are connected.
Click ‘OK’ and verify the status of the CEN Instance and of the Network attached to it.
Adding a VPC to a CEN Instance
Adding a network to a CEN instance is straightforward, and just requires you to click ‘Attach Network’, and then select the type of network you want to attach to the instance. Remember, you can attach VBRs, VPCs, and CCNs.
In your CEN console, click ‘Attach Network’.
Select the type of network you want to attach (in this scenario, a VPC), the region where this VPC is defined, and select the right VPC.
On the CEN page, verify that your VBR and your VPC are correctly attached to the CEN Instance. The status must show ‘Attached’.
If you click ‘Routes’, you can also verify which routes the CEN instance has learned from the attached networks.
Every time you attach a new network to the CEN instance, routes will be learned automatically, and there is no need to configure Peering Connections anymore between your VPCs and VBRs.
This can be seen clearly in the screenshot below which shows the CEN Route Table after attaching the VPC in Hong Kong.
You can also do a ping test to verify the connectivity between IDC, the VPC in Singapore, and the VPC in Hong Kong.
Note: Alibaba Cloud requires you to purchase a bandwidth package to connect networks in different regions. By default, 1Kbps bandwidth is provided for connectivity test.
Click here for more information on how to buy bandwidth packages.