Peer Connection
Overview
The peer connection provides the VPC-level network interconnection services to help users to realize the traffic interoperability among different virtual networks. The same user and different users can realize the virtual network interconnection in the same region or across regions. The connection modes for the two conditions are respectively introduced:
| Type | Current account | Cross-account |
|---|---|---|
| Configuration items | Local and opposite terminal networks | Local and opposite terminal VPC IDs and opposite terminal account ID |
| Operation steps | 1.Create a peer connection 2.Then establish interconnection 3.Configure the route table to realize the traffic interworking. |
1.Create a peer connection 2.Wait for the opposite terminal to accept the connection request. 3.Then establish interconnection 4.Configure the route table to realize the traffic interworking. |
Before configuring, you need to know:
- A maximum of 10 peer connection instances are created in an individual VPC. An individual user creates a maximum of 10 peer connection instances.
- Only one peer connection can coexist between each pair of VPCs.
Cross-account Peer Connection
Take the cross-account peer connection, the opening steps to realize the peer connection between two users are as follows:
- Local VPC segment: 172.16.2.0/24
-
Opposite terminal VPC segment: 192.168.2.0/24
1.Log in to the management console of Baidu AI Cloud, select "Virtual Private Cloud (VPC)" in the navigation bar, and then select the region where the VPC service is located at the top left corner.
2.Click the name of one VPC instance to enter the details page of the instance. In the left navigation bar, select "Peer Connection", and click the [Create a peer Connection] key.
3.Enter the following configuration information:
| Configuration items | Description | Example |
|---|---|---|
| Payment and region | VPC purchase method and region | Prepayment, North China - Beijing |
| Network | Current VPC network, automated acquisition by the system | 172.16.2.0/24 |
| Local interface name | Local interface name of customized peer connection | int-1 |
| Connection type | Current account: Interconnection of the same account cross-account: Initiator - acceptor interconnection |
Cross-account |
| Local connection role | Initiator: peer connection creator acceptor: terminal accepting the connection application |
Initiator |
| Opposite terminal account ID | User IDs of current account/opposite terminal account | 966c7ecdd8901111111111111111 |
| Opposite terminal network | ID of opposite terminal VPC instance of peer connection | vpc-1111111111 |
| Opposite terminal region | Region where the opposite terminal VPC of peer connection is located, North China - Beijing/South China - Guangzhou/Hong Kong Zone II/East China - Suzhou |
North China - Beijing |
| Bandwidth upper limit | Channel bandwidth upper limit of peer connection, upper limit: 1000Mbps | 100 Mbps |
4.Select the purchased duration, and click [Next] . Confirm the order and complete payment.
5.The peer connection of the initiator has been completed. Wait for the acceptor to operate.
6.In the peer connection interface in the console, the acceptor clicks the [Connection Application] key, and the box of connection application list pops up.
7.Confirm the opposite terminal network information, enter the local port name, and click [Accept] .
8.Establish interconnection channels at both terminals.
9.Configure the associated route tables at both terminals. Select "Routing Table" in the navigation bar, and in the list of routing tables, click "Add Route".
- Source network segment Local subnet network or custom segment
- Destination network segment: Target IP or target segment of opposite terminal subnet network
- For the route type, select "Peer Connection".
- For the next-hop instance, select the local interface name/ID with the peer connection established.
Peer Connection of the Same Account
1.Log in to the management console of Baidu AI Cloud, select "Virtual Private Cloud (VPC)" in the navigation bar, and then select the region where the VPC service is located at the top left corner.
2.Click the name of one VPC instance to enter the details page of the instance. In the left navigation bar, select "peer Connection", and click the [Create a peer Connection] key.
3.Enter the local port name and opposite terminal port name, and select the opposite terminal network and bandwidth upper limit.
4.Click [Next] , confirm the order and complete payment. The interconnection is established.
5.Configure the route tables associated at both terminals. Select "Route Table" in the navigation bar, configure the route table to realize the traffic interworking.
View Monitoring Data
The users can view the egress and ingress monitoring data of the peer connection, including bandwidth and traffic.
1.Log in to the management console of Baidu AI Cloud, select "Virtual Private Cloud (VPC)" in the navigation bar, and then select the region where the VPC service is located at the top left corner.
2.Click the name of one VPC instance to enter the details page of the instance. In the left navigation bar, select "Peer Connection".
3.Select the peer connection instance ID to be viewed, and click the [Monitor] key.
4.Select "Traffic" or "Bandwidth", sampling period and query duration, and generate monitoring data.
Reject Connection Request
You can reject the peer connection in case of an untrusted connection.
1.Log in to the management console of Baidu AI Cloud, select "Virtual Private Cloud (VPC)" in the navigation bar, and then select the region where the VPC service is located at the top left corner.
2.Click the name of one VPC instance to enter the details page of the instance. In the left navigation bar, select "Peer Connection".
3.In the page of peer connection list, click the [Connection Application] key, and click [Reject] in the pop-up box of connection application list.
4.The peer connection instance of the initiator displays "Consultation Failed".
Connection Request Timeout
When the connection request timeout initiated by the initiator is 7 days, the status of the peer connection instance of the initiator after time-out displays "Consultation Failed". At this time, the user needs to manually delete the consultation failed connection and reinitiate a connection request to the opposite terminal VPC.
Delete a Peer Connection
Currently, the peer connection service of Baidu AI Cloud supports the deletion of postpaid instances and consultation failed instances, and the connection instances in other status cannot be manually deleted by the users. To delete an instance, please submit a Ticket. Our staff will contact you as soon as possible.
Enable the DNS Synchronization
Application scenarios
This function is to synchronize DNS server records between two VPC after the peer connection is established.
Scenario 1: When the peer connection is established and two VPC are connected, the instances in VPC1 should use the intranet of the peer connection to access other product service domain names (such as BSG and RDS) in VPC2.
Scenario 2: The local DNS records of two VPCs are automatically synchronized, which makes it convenient for the users to use the local domain names to organize business in the two VPC.
Operation steps
The peer connection of the same account can enable the DNS synchronization at the initiator or the receiver, and the synchronization is enabled at the other terminals; for the cross-account peer connection, the DNS synchronization should be enabled at both terminals.
Note:
The switch of DNS synchronization is closed by default.
Configure the following 3 steps at the initiator. For the cross-account use, please re-execute these steps at the receiver:
- Log in to the management console of Baidu AI Cloud, and click "Product Service > Network > Virtual Private Cloud (VPC)". Then click the specific VPC instance name to enter the details page of the instance.
-
In the left navigation bar, select "Peer Connection", and check the peer connection to be synchronized in the list page. In "More Operations", select "Enable DNS Synchronization".
- In the peer connection list items, the DNS synchronization is completed when you see the status of "DNS Synchronization" is updated to "Enabled".
Close the DNS synchronization
In the "Peer Connection" list page of VPC, select "Peer Connection", and check the peer connection to be closed in the list page. In "More Operations", select "Close DNS Synchronization".