Use CEN To Connect VPC Networks

1. Experiment

1.1 Knowledge points

This experiment shows how to use Alibaba Cloud’s Cloud Enterprise Network (CEN) service to connect two VPC networks. CEN can create a private communications channel between two VPC networks and between a VPC network and a local IDC. This service supports the quick convergence of the network and ensures the quality and security of the cross-network communication through automatic route distribution and learning. This enables intercommunication between all resources in the network, supporting the creation of an enterprise-level interconnected network.This experiment shows how to use a CEN instance to connect two VPC networks.

1.2 Experiment process

• Add a security group rule
• Attach VPC networks to a CEN instance

1.3 Cloud resources required

• ECS
• VPC

1.4 Prerequisites

• If you’re using your own Alibaba Cloud account instead of the account provided by this lab to operate the experiment, please note that you’ll need to choose the same Ubuntu 16.04 operating system for your ECS in order to run the experiment smoothly.
• Before starting the experiment, please confirm that the previous experiment has been closed normally and exited.

2. Start the experiment environment

Click Start Lab in the upper right corner of the page to start the experiment.

.

After the experiment environment is successfully started, the system has deployed resources required by this experiment in the background, including the ECS instance, RDS instance, Server Load Balancer instance, and OSS bucket. An account consisting of the username and password for logging on to the Web console of Alibaba Cloud is also provided.

After the experiment environment is started and related resources are properly deployed, the experiment starts a countdown. You have two hours to perform experimental operations. After the countdown ends, the experiment stops, and related resources are released. During the experiment, pay attention to the remaining time and arrange your time wisely. Next, use the username and password provided by the system to log on to the Web console of Alibaba Cloud and view related resources:

Go to the logon page of Alibaba Cloud console.

Fill in the sub-user account and click Next.

Fill in the sub-user password and click Log on.

After you successfully log on to the console, the following page is displayed.

3. Add a security group rule

Click Elastic Computer Service, as shown in the following picture.

Click US (Silicon Valley). Two ECS instances are automatically created.Their internal IP addresses show that they belong to different VPC networks.

Click the ID of an ECS instance.

Add a security group rule, as shown in the following figure.

Indicates that ICMP-based network access is supported.

After the rule is added, the ECS instance can be pinged from other instances in the same VPC network.

Then, add the same security group rule on the other ECS instance.

Remotely log on to either of the two ECS instances with its public IP address.For more information about how to log on to an ECS instance, see login.

The default account name and password of the ECS instance:

Account name: root

Password: nkYHG890..

After you log on to the ECS instance, ping the private IP address of the other ECS instance. The ping test fails because the two ECS instances belong to different VPC networks.

4. Attach VPC networks to a CEN instance

Go to the CEN console, as shown in the following figure.

If the following prompt appears, please activate the forwarding router service first.

You can see that a CEN instance has been created. Click the instance ID.

Click the sign for adding a VPC.

Set the parameters, as shown in the following figure.

Add a VPC network and the switch below.

The VPC is added, as shown in the following figure. A transit router is automatically created when you add the first VPC.

Add another VPC network.

Both VPC networks are attached.

Return to the command line of the ECS instance you logged on to, and ping the private IP address of the other ECS instance again.

<font color='red'>Users can cut off the above result picture when they are doing the experiment and send it to the teacher, indicating that the current experiment has been completed.</font>

The ping test is successful, indicating that the two VPC networks are connected.

Reminder:
Before you leave this lab, remember to log out your Alibaba RAM account before you click the ‘stop’ button of your lab. Otherwise you’ll encounter some issue when opening a new lab session in the same browser:

5. Experiment summary

Alibaba Cloud’s Cloud Enterprise Network (CEN) provides high speed network transmission with low latency. The maximum rate of local intercommunication reaches the port forwarding rate of your local IDC. CEN has access and forwarding nodes in over 60 regions around the world, allowing users everywhere to access Alibaba Cloud through their nearby nodes to bypass public networks and avoid latency and damage to business. This ensures quick intercommunication between your local IDC and Alibaba Cloud resources.