IDC and VPC in Different Regions Realize Interworking by an Express Tunnel
Introduction
Through the physical express tunnel, you can establish private network communication between the local data center (IDC) and the virtual private cloud (VPC) of Baidu AI Cloud to build a hybrid cloud. Then seamlessly extend the local IT infrastructure to Baidu AI Cloud to respond to business fluctuations and improve stability of applications by aid of the massive computing, storage, network and CDN resources of Baidu AI Cloud.
Network Topology
Network architecture of this case is as follows:
- The user has IDCs respectively in Beijing and Guangzhou.
- The user deploys cloud service respectively in Beijing and Guangzhou.
- Ensure that the VPC network segments in different regions and the network segments of the data center do not conflict.
The IP address segments of each VPC and data center are shown in the following table.
| Network | IP address segment |
|---|---|
| Beijing VPC1 | 10.1.0.0/16 |
| Guangzhou VPC2 | 10.2.0.0/16 |
| Beijing IDC1 | 10.3.0.0/16 |
| Guangzhou IDC2 | 10.4.0.0/16 |
Deploy Plan
Beijing IDC Is Connected to the Beijing Access Point of Baidu AI Cloud through an Express Tunnel
1.Log into the Baidu AI Cloud console and select "Product Services > Express Tunnel" to enter the physical express tunnel list page. Click "Apply for Physical Express Tunnel" to enter page for applying for physical express tunnel and submit a physical express tunnel application. After passing the check of the network engineers of Baidu AI Cloud, the physical express tunnel status becomes "Available".
2.Apply for an express tunnel channel on the details page of the physical express tunnel instance. Assigned to: Use the user id of this express tunnel channel. If it is a partner of express tunnels, fill in the authorized user id. Routing parameters: 10.3.0.0/16.Wait for the check of the network engineers of Baidu AI Cloud. If there is no conflict of the parameters applied, after passing the check, the status of the express tunnel channel will become Available.
3.Create an express tunnel gateway and bind a channel. Create an express tunnel gateway in Beijing VPC. Since the cloud network parameter is a route from EVR to BVRouter then into VPC when translated to EVR, Beijing VPC needs to be contained here.
4.Configure a route on the user IDC1 side. The user configures the route on the IDC1 gateway.
| Destination network segment | Next hop |
|---|---|
| 10.1.0.0/16 | Interconnection IP on the cloud side |
5.Configure a route on Baidu AI Cloud VPC1 side.
| Source network segment | Destination network segment | Route type | Next hop instance |
|---|---|---|---|
| 10.1.0.0/16 | 10.3.0.0/16 | Dedicated Line Gateway | Instance 1 of express tunnel gateway |
6.To verify, use the VM in VPC and the IP in IDC1 to PING each other.
Guangzhou IDC Is Connected to the Guangzhou Access Point of Baidu AI Cloud through an Express Tunnel
The configuration is the same as Beijing IDC Is Connected to the Guangzhou Access Point of Baidu AI Cloud through an Express Tunnel
Beijing VPC1 Establishes Peer Connection with Guangzhou VPC2
Please see the peer connection Operation Guide
Configure a Route to Achieve Interconnection Between IDC and VPC
1.Configure a route in user IDC1.
| Destination network segment | Next hop |
|---|---|
| 10.1.0.0/16 | Interconnection IP on the cloud side |
| 10.2.0.0/16 | Interconnection IP on the cloud side |
| 10.4.0.0/16 | Interconnection IP on the cloud side |
2.Configure a route in user IDC2.
| Destination network segment | Next hop |
|---|---|
| 10.1.0.0/16 | Interconnection IP on the cloud side |
| 10.2.0.0/16 | Interconnection IP on the cloud side |
| 10.3.0.0/16 | Interconnection IP on the cloud side |
3.Add an express tunnel route and a peer connection route in Beijing VPC1, and add a cloud network.
Add a VPC route
| Source network segment | Destination network segment | Route type | Next hop instance |
|---|---|---|---|
| 10.2.0.0/16 | 10.4.0.0/16 | Dedicated Line Gateway | Dedicated Line Gateway 2 |
| 10.1.0.0/16 | 10.4.0.0/16 | Dedicated Line Gateway | Dedicated Line Gateway 2 |
| 10.3.0.0/16 | 10.4.0.0/16 | Dedicated Line Gateway | Dedicated Line Gateway 2 |
| 10.2.0.0/16 | 10.1.0.0/16 | peer connection | peer connection |
| 10.2.0.0/16 | 10.3.0.0/16 | peer connection | peer connection |
| 10.4.0.0/16 | 10.1.0.0/16 | peer connection | peer connection |
| 10.4.0.0/16 | 10.3.0.0/16 | peer connection | peer connection |
Add a VPC route
| Cloud network |
|---|
| 10.1.0.0/16 |
| 10.2.0.0/16 |
| 10.4.0.0/16 |
3.Add an express tunnel route and a peer connection route in Guangzhou VPC2, and add a cloud network.
Add a VPC route
| Source network segment | Destination network segment | Route type | Next hop instance |
|---|---|---|---|
| 10.1.0.0/16 | 10.3.0.0/16 | Dedicated Line Gateway | Dedicated Line Gateway 2 |
| 10.2.0.0/16 | 10.3.0.0/16 | Dedicated Line Gateway | Dedicated Line Gateway 2 |
| 10.4.0.0/16 | 10.3.0.0/16 | Dedicated Line Gateway | Dedicated Line Gateway 2 |
| 10.1.0.0/16 | 10.2.0.0/16 | peer connection | peer connection |
| 10.1.0.0/16 | 10.4.0.0/16 | peer connection | peer connection |
| 10.3.0.0/16 | 10.2.0.0/16 | peer connection | peer connection |
| 10.3.0.0/16 | 10.4.0.0/16 | peer connection | peer connection |
Add a VPC route
| Cloud network |
|---|
| 10.1.0.0/16 |
| 10.2.0.0/16 |
| 10.3.0.0/16 |
5.To verify, use Beijing VPC1, Guangzhou VPC2, Beijing IDC1 and Guangzhou IDC2 to PING each other for test.