Express Tunnel Gateway
The express tunnel gateway is the port for local VPC to connect the physical express tunnel. When users connect and configure the routing table for the physical express tunnel in the local VPC, the next hop shall point to the corresponding express tunnel gateway.
The express tunnel gateway has the following attributes
| Attributes | Value specification | Description |
|---|---|---|
| Gateway name | String form | Customized express tunnel gateway name by the user |
| ID | String form | Express tunnel gateway identification generated by the system, unique to this VPC |
| Status | Available/not configured | Current status of the express tunnel gateway |
| Local region | North China - Beijing/South China - Guangzhou/East China - Suzhou | Region of the express tunnel gateway |
| Local network | Local VPC ID/name | Local private network |
| Bind physical express tunnel | Physical express tunnel ID and express tunnel channel ID | Only one physical express tunnel can be bound at present. |
Using Constraints
If physical express tunnels are used to achieve traffic interconnection, the following requirements shall be met:
- After the construction of physical express tunnels and configuration of express tunnel gateways are completed, if traffic interconnection of the two ends is required, a routing entry pointing to the peer network shall be configured in the routing table at both ends, and the next hop of the local VPC routing table shall point to the corresponding express tunnel gateway;
- For one VPC, one channel of one physical express tunnel can only be connected to one express tunnel gateway in this VPC;
- The local access points of the express tunnel gateway and the physical express tunnel shall be in the same region;
- The express tunnel peer network and the local VPC CIDR cannot overlap.
Create Express Tunnel Gateway
- Select "Express Tunnel Gateway" in the navbar to the left of the VPC console of the virtual private cloud, and click the button of "Create New Express Tunnel gateway".
- Fill in the following configuration information:
Basic Configurations
| Configuration items | Description |
|---|---|
| Gateway name | Name of the express tunnel gateway |
| Export bandwidth | 2Mbps to 10,000Mbps |
| Bind physical express tunnel | You can select to bind /not to bind the physical express tunnel. To bind the physical express tunnel, enter the physical express tunnel ID and express tunnel channel ID in the pop-up window. |
| Cloud network | For network segment interconnected with the user side on Baidu Cloud, users can select this vpc network segment or customize one or more network segments |
| Description | Description of the express tunnel gateway |
Linkage Detection
| Configuration items | Description |
|---|---|
| Enable or not | The switch of link detection is disabled by default |
| Detection method | Detection method is PING(ICMP ) |
| Source IP | The source IP is “Automatically Assign” by default. If you select customized IP, the customized IP shall be a free IP in the VPC. |
| Destination IP | Destination IP is the interconnected IP bound to the channel IDC and is obtained automatically after the express tunnel channel is bound. |
| Health check interval | Value of the interval for checking the path is an integer from 1 to 60. It is recommended to set it to 3 seconds |
| Unhealthy threshold | If the number of consecutive failure of health examination exceeds the threshold, the path will be considered unhealthy. The input range is 2-5, and the default is 3 |
| Healthy threshold | For unhealthy paths, if the number of consecutive success of health examination exceeds the threshold, the path is considered healthy. The input range is 2-5, and the default is 3 |
| Generate routes automatically | It is enabled by default to automatically generate a route for connectivity detection for users. If it is disabled, users need to manually add a route to the IDC interconnection IP for connectivity detection. |
Note
- If no express tunnel channel is bound, link detection cannot be configured.
- The status of the express tunnel gateway with link detection disabled is always available after the physical express tunnel is successfully bound.
- After filling in the configuration information, click “OK” to complete the creation of the express tunnel gateway.
(Optional) Bind the physical express tunnel
Usage scenario:
This step is required when an express tunnel gateway of the user is not bound to a physical express tunnel.
- On the express tunnel gateway list page, select the express tunnel gateway name, and click “Bind” in the operation bar.
-
A configuration box pops up, enter the following configuration information:
Configuration items Description Bind physical express tunnel Physical express tunnel ID and express tunnel channel ID to be bound Cloud network You can select this vpc network segment or customize one or more network segments
Note
Every VPC supports to create a maximum of 10 express tunnel gateways. If you need to create more quotas, submit a Ticket for application.
Edit the Express Tunnel Gateway
Click the “Edit” button behind the express tunnel gateway to enter the page for editing the express tunnel gateway.
- In the basic configuration, the gateway name, exit bandwidth, cloud network and description can be edited, while the physical express tunnel and express tunnel channel which are bound cannot be edited.
- In link detection, if link detection is configured, the switch, health examination interval, unhealthy threshold and health threshold can be edited while the detection method, source IP and destination IP cannot be edited. If link detection has not been configured before, it will be the same as creating a page.
- Enable or not: “On” means enabling the link detection, “Off” means deleting the link detection configuration, and “Suspend” means not deleting the link detection configuration but suspending it.
Configure the Routing of Express Tunnel Gateway
After the express tunnel is successfully connected, you need to configure a routing table to achieve traffic interconnection between the cloud environment and the user-side network. The current express tunnel supports load balance and switching of host and backup.
The followings are steps to configure the routing table in Baidu AI Cloud:
- Select “Routing Table” in the navigation bar, and in the list of routing tables, click “Add Route”.
-
Enter the routing table associated with accessing the user-side network.
Configuration items Description Source network segment Enter source network segment Destination network segment Enter destination network segment Route type Select “Express Tunnel Gateway”, and single line routing and multi-line routing can be configured. Multi-line routing supports host and backup and load balance modes. Next hop instance Select the express tunnel gateway which has been created Description Edit the description of the route entry - Click “OK” to complete the routing table configuration. When the BCC in the sub-net associated with this routing table accesses the user-side network, the traffic will point to the express tunnel gateway.
CPE Equipment Configuration of Local Data Center
Static route is configured between the express tunnel gateway and the local IDC. The CPE equipment in the local engine room need to be configured with the following static routes:
- For CPE equipment in local engine room, the next hop when configured to the first express tunnel gateway link detection source IP is the interconnected IP address of the first express tunnel channel on the cloud.
- For CPE equipment in local engine room, the next hop when configured to the second express tunnel gateway link detection source IP is the interconnected IP address of the second express tunnel channel on the cloud.
View of monitoring data
- Log in the administrative console, select "Product Service>Virtual Private Cloud (VPC)", select express tunnel gateway in the navbar to the left, and enter the list of express tunnel gateway instances.
- Select "Monitor" behind the instance, and the monitoring floating window at the right side of the page appears.
- Click "View More" to enter the monitoring of the details page of the instance.
Manage Alarms
You can manage the alarm strategy of the express tunnel gateway. Please see BCM Administration Alarm for detailed operating steps.