faq - huawei · cloud connect (cc) is a service that enables you to quickly build ultra-fast,...
TRANSCRIPT
Cloud Connect
FAQ
Issue 01
Date 2020-11-30
HUAWEI TECHNOLOGIES CO., LTD.
Copyright © Huawei Technologies Co., Ltd. 2020. All rights reserved.
No part of this document may be reproduced or transmitted in any form or by any means without priorwritten consent of Huawei Technologies Co., Ltd. Trademarks and Permissions
and other Huawei trademarks are trademarks of Huawei Technologies Co., Ltd.All other trademarks and trade names mentioned in this document are the property of their respectiveholders. NoticeThe purchased products, services and features are stipulated by the contract made between Huawei andthe customer. All or part of the products, services and features described in this document may not bewithin the purchase scope or the usage scope. Unless otherwise specified in the contract, all statements,information, and recommendations in this document are provided "AS IS" without warranties, guaranteesor representations of any kind, either express or implied.
The information in this document is subject to change without notice. Every effort has been made in thepreparation of this document to ensure accuracy of the contents, but all statements, information, andrecommendations in this document do not constitute a warranty of any kind, express or implied.
Issue 01 (2020-11-30) Copyright © Huawei Technologies Co., Ltd. i
Contents
1 Frequent Questions.................................................................................................................11.1 What Is the Procedure of Configuring a Cloud Connection?................................................................................... 11.2 Why Can't VPCs Loaded to a Cloud Connection Across Regions Communicate with Each Other?........... 11.3 How Can I Test the Network Connectivity After All Configurations Are Complete?....................................... 21.4 What Can I Do If a System Exception Occurs During Network Instance Loading?......................................... 21.5 How Can I Change the Bandwidth of a Cloud Connection?.................................................................................... 21.6 Do I Need to Create Another Cloud Connection If Network Instances in Regions A and B That AreAlready Loaded to a Cloud Connection Need to Communicate with Network Instances in Region C?.......... 31.7 Why Do I Need CC Even If the Network Latency Is the Same as on the Internet?......................................... 3
2 Product Consultation.............................................................................................................. 72.1 What Is Cloud Connect?........................................................................................................................................................72.2 What Is the Procedure of Configuring a Cloud Connection?................................................................................... 72.3 What Are the Differences Between CC and VPC Peering?........................................................................................82.4 How Can I Test the Network Connectivity After All Configurations Are Complete?....................................... 92.5 What Network Instance Types Does CC Support?....................................................................................................... 92.6 Does a Cloud Connection Have Only One Shared Bandwidth Package?............................................................ 92.7 Are the Uplink and Downlink Rates of the Configured Inter-Region Bandwidth the Same?.......................92.8 What Are the Limits on the Traffic for an Inter-region Bandwidth?..................................................................... 92.9 What Are the Metrics for Monitoring the Traffic of Inter-region Bandwidths?.............................................. 102.10 What Are the Restrictions of Using CC?..................................................................................................................... 102.11 Where Can I Add a Route on the Console?............................................................................................................... 102.12 Do I Need to Purchase an EIP for Each VM in the VPCs That Access Each Other Through a CloudConnection?................................................................................................................................................................................... 102.13 How Can I Change the Bandwidth of a Cloud Connection?............................................................................... 112.14 Why Does the Modified Bandwidth Not Take Effect?........................................................................................... 112.15 How Can I Change Inter-Region Bandwidths of a Cloud Connection?............................................................112.16 Do I Need to Create Another Cloud Connection If Network Instances in Regions A and B That AreAlready Loaded to a Cloud Connection Need to Communicate with Network Instances in Region C?........122.17 Are Network Circuits Physically Isolated?.................................................................................................................. 122.18 Is CC an Out-Of-The-Box Service?................................................................................................................................ 12
3 Console Operations...............................................................................................................133.1 What Is the Procedure of Configuring a Cloud Connection?.................................................................................133.2 What Can I Do If a System Exception Occurs During Network Instance Loading?.......................................13
Cloud ConnectFAQ Contents
Issue 01 (2020-11-30) Copyright © Huawei Technologies Co., Ltd. ii
3.3 Does a Cloud Connection Have Only One Shared Bandwidth Package?.......................................................... 143.4 What Are the Restrictions of Using CC?....................................................................................................................... 143.5 How Can I Apply for the Cross-Border Permit?.......................................................................................................... 143.6 Where Can I Add a Route on the Console?................................................................................................................. 143.7 How Can I Change the Bandwidth of a Cloud Connection?..................................................................................153.8 How Can I Change Inter-Region Bandwidths of a Cloud Connection?.............................................................. 153.9 How Do I Test the Bandwidth Rate of a Cloud Connection?.................................................................................163.10 Why Does the Modified Bandwidth Not Take Effect?........................................................................................... 16
4 Bandwidth Packages.............................................................................................................174.1 Does a Cloud Connection Have Only One Shared Bandwidth Package?.......................................................... 174.2 How Can I Change the Bandwidth of a Cloud Connection?..................................................................................17
5 Bandwidth, Latency and Packet Loss............................................................................... 195.1 Why Can't VPCs Loaded to a Cloud Connection Across Regions Communicate with Each Other?.........195.2 Why Does the Modified Bandwidth Not Take Effect?..............................................................................................195.3 What Should I Do If Network Connectivity Is Abnormal in a Hybrid Cloud Built Through CC and DirectConnect?..........................................................................................................................................................................................205.4 Do I Need to Configure Bandwidth for Testing a Cloud Connection?................................................................205.5 Why Do I Need CC Even If the Network Latency Is the Same as on the Internet?.......................................205.6 Are the Uplink and Downlink Rates of the Configured Inter-Region Bandwidth the Same?.....................235.7 What Are the Limits on the Traffic for an Inter-region Bandwidth?...................................................................235.8 How Can I Change Inter-Region Bandwidths of a Cloud Connection?.............................................................. 235.9 Are Network Circuits Physically Isolated?.................................................................................................................... 24
6 Cross-Border Application..................................................................................................... 256.1 Why Is Cross-Border Application Required?................................................................................................................ 256.2 Who Approves Cross-Border Applications?.................................................................................................................. 256.3 How Can I Apply for the Cross-Border Permit?.......................................................................................................... 256.4 When Would I Need to Submit a Cross-Border Application?................................................................................266.5 How Long Can a Cross-Border Application Be Approved?..................................................................................... 266.6 Why Does CC Require Additional Real-Name Authentication Since HUAWEI CLOUD Already Has aReal-Name Authentication System in Cross-Border Scenarios?.................................................................................. 266.7 Can the Content of the Cloud Connect Cross-Border Circuit Service Agreement Be Modified?............... 27
7 Networking and Scenarios.................................................................................................. 287.1 Does CC Support Communication Among Different VPCs in the Same Region?...........................................287.2 Does CC Support Cross-Tenant Communication?...................................................................................................... 28
8 Cross-Account Authorization..............................................................................................298.1 Does Each Account Need to Buy a Bandwidth Package for Loading Network Instances AuthorizedAcross Accounts?.......................................................................................................................................................................... 298.2 Does Each Account Need to Create a Cloud Connect for Authorizing Network Instances AcrossAccounts?........................................................................................................................................................................................ 298.3 How Do I Configure Cross-Account Authorization to Manage Network Instances?.....................................298.4 Can a VPC Be Loaded to Two or More Cloud Connections?..................................................................................29
Cloud ConnectFAQ Contents
Issue 01 (2020-11-30) Copyright © Huawei Technologies Co., Ltd. iii
9 Permissions............................................................................................................................. 309.1 How Do I Assign CC Operation Permissions to IAM Users?.................................................................................. 30
10 Monitoring............................................................................................................................ 3110.1 Why Is the Bandwidth Monitoring Data on the Cloud Eye Console Incomplete?....................................... 3110.2 How Do I View the Bandwidth Monitoring Data of a Cloud Connection?.................................................... 3110.3 Does the Monitoring Data Take Effect Immediately After an Inter-Region Bandwidth Is Configured?............................................................................................................................................................................................................ 3110.4 What Are the Metrics for Monitoring the Traffic of Inter-region Bandwidths?............................................32
11 Quotas................................................................................................................................... 3311.1 How Can I Increase Resource Quotas?....................................................................................................................... 33
Cloud ConnectFAQ Contents
Issue 01 (2020-11-30) Copyright © Huawei Technologies Co., Ltd. iv
1 Frequent Questions
1.1 What Is the Procedure of Configuring a CloudConnection?
To configure a cloud connection, you need to perform the following steps on themanagement console:
1. Create a cloud connection, which will work as a private network for networkinstances loaded to it to communicate with each other.
2. Load network instances. Network instances to communicate with each othermust be loaded to the same cloud connection. Two types of networkinstances are supported, VPC and virtual gateway.
3. Buy a bandwidth package. To enable communication between networkinstances, you need to purchase a bandwidth package in a geographic regionor across geographic regions and bind it to the corresponding cloudconnection.
4. Configure inter-region bandwidths. Configure the inter-region bandwidths fornetwork instances in different cloud regions.
1.2 Why Can't VPCs Loaded to a Cloud ConnectionAcross Regions Communicate with Each Other?
After a cloud connection is configured, you can test the network connectivity usingICMP or Telnet. If the communication still fails, locate the fault from the followingaspects:
● Check whether the security group containing the destination ECSs allowaccess using ICMP or Telnet and the corresponding port in the inbounddirection. If access using ICMP or Telnet and the corresponding port is notallowed, the packets are filtered out by the security group.
● Check whether the destination VPC has a subnet ACL that restricts thecommunication between the source and destination VPCs. If such an ACLexists, the packets are filtered out by the ACL.
Cloud ConnectFAQ 1 Frequent Questions
Issue 01 (2020-11-30) Copyright © Huawei Technologies Co., Ltd. 1
● Check whether there are conflicts between the subnets or duplicate subnets inthe source VPC and destination VPC. If duplicate subnets exist, the packetsdestined for the subnet of the target region are routed in the VPC and are notsent to the target region.
● Check whether inter-region bandwidths are configured between source anddestination regions. If you only have a bandwidth package but have notconfigured inter-region bandwidths between different cloud regions, thedefault bandwidth is only 10 kbit/s, and ICMP packets or Telnet test cannot besupported.
1.3 How Can I Test the Network Connectivity After AllConfigurations Are Complete?
You can test whether the VPCs in different regions can communicate with eachother by testing the connectivity of ECSs in these VPCs. ICMP and Telnet are oftenused for the testing.
1.4 What Can I Do If a System Exception Occurs DuringNetwork Instance Loading?
When you are loading a VPC instance, the system displays a message "A routingconflict has occurred in this VPC. This route is already being used in otherscenarios, such as VPC peering and VPN." Check whether the VPC is used in any ofthe following scenarios:
● Custom route● Direct Connect● VPN● VPC peering connection
If the VPC is used in these scenarios, route conflicts may occur. In this case, youneed to cancel the application scenario of the VPC or do not load the VPC instanceto the cloud connection based on your network plan.
1.5 How Can I Change the Bandwidth of a CloudConnection?
CC allows you to increase or decrease the bandwidth of a purchased bandwidthpackage.
To change the bandwidth, perform the following operations:
1. Log in to the management console.
2. Click in the upper left corner to select a region and a project.3. Under Network, click Cloud Connect.4. In the navigation pane on the left, choose Cloud Connect > Bandwidth
Packages.
Cloud ConnectFAQ 1 Frequent Questions
Issue 01 (2020-11-30) Copyright © Huawei Technologies Co., Ltd. 2
5. Locate the target bandwidth package and click Modify Bandwidth in theOperation column.
6. Set a new bandwidth and click OK.7. Confirm the modification and click Pay Now.
NO TE
● Modifying the bandwidth does not interrupt services. Unsubscribing a bandwidthpackage that has been bound to a cloud connection or unbinding a bandwidthpackage from a cloud connection will interrupt services. Before you unsubscribe abandwidth package that has been bound to a cloud connection, unbind it from thecloud connection.
● If bandwidth package is about to expire in 24 hours, you cannot increase ordecrease the bandwidth.
1.6 Do I Need to Create Another Cloud Connection IfNetwork Instances in Regions A and B That AreAlready Loaded to a Cloud Connection Need toCommunicate with Network Instances in Region C?
No.
If you have a cloud connection and have already loaded network instances inregions A and B to the cloud connection, you just need to load the networkinstances in region C to the cloud connection and configure the inter-regionbandwidths between every two regions.
In this way, network instances in the three regions can communicate with eachother.
1.7 Why Do I Need CC Even If the Network Latency Isthe Same as on the Internet?
You may need to consider the following when you are using CC:
● Network performance● Transmission distance● CC's advantages
Network Performance Measuring Metrics● Packet loss rate: indicates the proportion of packets lost during network
transmission. This metric measures the network capability of correctlyforwarding data. The difference between the number of packets from thesender and the number of packets to the receiver is the number of packetslost during network transmission. The ratio of the number of lost packets tothe number of expected packets is the packet loss rate.
● Jitter: refers to the fluctuation in the latency of the packets flowing throughthe network. Physical devices, such routers, that forward data packets on thenetwork have buffers. When a large amount of data is transmitted and
Cloud ConnectFAQ 1 Frequent Questions
Issue 01 (2020-11-30) Copyright © Huawei Technologies Co., Ltd. 3
exceeds the transmission capability of the cable, physical devices will bufferexcessive data packets. As a result, packets that are not buffered or bufferedfor a short time arrive quickly, while packets that are buffered for a long timearrive slowly. The time difference between them is called network jitter.
● Latency: indicates the average round-trip time for transmitting data packetsbetween two network nodes. For a store-and-forward device, the delay startswhen the last bit of the last data frame enters the device and ends when thefirst bit of the data frame appears on the outbound interface. The timedifference is the delay of the storage and forwarding device.Generally, there are the following types of delays:– Propagation delay: the time taken to transmit a data packet in the
transmission medium. The propagation delay is in direct proportion to thephysical distance between the two ends and the packet size. The longerthe physical distance and the larger the packet, the longer thetransmission delay is.
– Device delay: the time taken by a physical device, such as a router, toforward a data packet. The device delay is related to the forwardingperformance of the switching device.
– Packet conversion delay: the time taken for encoding and decoding datapackets at both ends.
– Jitter buffer delay: Generally, in the IP communication of the voiceservice, a buffer is configured to overcome the network jitter to preventthe voice quality from being discontinuous due to network jitter. Thebuffer also causes a certain delay.
Transmission Distance
CC uses the DCI backbone network for communications, and the latency dependson the transmission distance and transmission loss.
● A long distance results in high transmission loss and network latency.● A short-distance results in low transmission loss and network latency.
Advantages of CC Compared with the Internet
Construct the following two scenarios to compare CC with the Internet in networkperformance.
Table 1-1 Configuration items
ECS Specification 2 vCPUs and 4 GB memory
Bandwidth 4 Mbit/s
Regions CN North-Beijing1 (AZ1) and AP-Hong Kong (AZ1)
East China-Shanghai1 (AZ1) and Asia Pacific-HongKong (AZ1)
Test Time From 2020/09/09 18:30 to 2020/09/10 09:30 (15hours in total)
Cloud ConnectFAQ 1 Frequent Questions
Issue 01 (2020-11-30) Copyright © Huawei Technologies Co., Ltd. 4
How This Works Load the VPCs in two regions to a cloud connectionto enable network communications between them.Bind EIPs to the servers so that they cancommunication with each over the Internet.
Quality of network between CN North-Beijing1 (AZ1) and AP-Hong Kong (AZ1)
Figure 1-1 Internet test result
Figure 1-2 CC test result
Table 1-2 Test result comparison
Item Packet Loss Average Latency Jitter
CC 0% 38.9 ms 1.57 ms
Internet 0.04% 42.882 ms 2.105 ms
Quality of network between East China-Shanghai1 (AZ1) and Asia Pacific-HongKong (AZ1)
Figure 1-3 Internet test result
Figure 1-4 CC test result
Table 1-3 Test result comparison
Item Packet Loss Average Latency Jitter
CC 0% 32.14 ms 0.514 ms
Internet 1.73% 33.24 ms 2.838 ms
Cloud ConnectFAQ 1 Frequent Questions
Issue 01 (2020-11-30) Copyright © Huawei Technologies Co., Ltd. 5
By comparing the test results of the two scenarios, you can see that CC is slightlyahead of the Internet in network latency. However, CC outperforms the Internet inthe packet loss and jitter.
In summary, CC can provide more accurate data transmission and more stablenetwork communications.
Cloud ConnectFAQ 1 Frequent Questions
Issue 01 (2020-11-30) Copyright © Huawei Technologies Co., Ltd. 6
2 Product Consultation
2.1 What Is Cloud Connect?Cloud Connect (CC) is a service that enables you to quickly build ultra-fast, high-quality, and stable networks between VPCs across regions and between VPCs andon-premises data centers. CC helps build a globally interconnected cloud networkwith enterprise-class scalability and communication capability. With CC, you canrealize the following:
● Communications among VPCs in a region● Communications among VPCs from different cloud regions● Communications between on-premises data centers and multiple VPCs in
different cloud regions after on-premises data centers are connected toHUAWEI CLOUD through Direct Connect or VPN
● Improved experience of accessing background services
2.2 What Is the Procedure of Configuring a CloudConnection?
To configure a cloud connection, you need to perform the following steps on themanagement console:
1. Create a cloud connection, which will work as a private network for networkinstances loaded to it to communicate with each other.
2. Load network instances. Network instances to communicate with each othermust be loaded to the same cloud connection. Two types of networkinstances are supported, VPC and virtual gateway.
3. Buy a bandwidth package. To enable communication between networkinstances, you need to purchase a bandwidth package in a geographic regionor across geographic regions and bind it to the corresponding cloudconnection.
4. Configure inter-region bandwidths. Configure the inter-region bandwidths fornetwork instances in different regions.
Cloud ConnectFAQ 2 Product Consultation
Issue 01 (2020-11-30) Copyright © Huawei Technologies Co., Ltd. 7
2.3 What Are the Differences Between CC and VPCPeering?
CC differs from VPC Peering in the following aspects:
● Interworking capability: VPC Peering connects two VPCs in the same region,while CC can connect multiple VPCs either in the same region or in differentregions.
● Network capability: After you create a VPC peering connection, you need tomanually configure routes. However, CC frees you from such configuration.
● Bearer network: VPC Peering uses the data center network, while CC uses theDCI backbone network.
● Billing: VPC Peering is free of charge. As to CC, communication between VPCsin the same region is free of charge. However, inter-region multi-VPCinterworking requires a bandwidth package, which is not free.
Table 2-1 compares these differences.
Table 2-1 Differences between Cloud Connect and VPC Peering
Item VPC Peering CC
Interworkingcapability
VPCs within aregion
Supported Supported
VPCs acrossregions
Not supported Supported
Cross-bordercompliance
Not supported Supported
Networking capability Manual routingconfiguration
Automatic routingconfiguration
Bearer network Data centernetwork in theregion
Inter-region DCIbackbonenetwork
Pricing Free of charge Free of chargewithin a regionand billed basedon standardpricing acrossregions
Cloud ConnectFAQ 2 Product Consultation
Issue 01 (2020-11-30) Copyright © Huawei Technologies Co., Ltd. 8
2.4 How Can I Test the Network Connectivity After AllConfigurations Are Complete?
You can test whether the VPCs in different cloud regions can communicate witheach other by testing the connectivity of ECSs in these VPCs. ICMP and Telnet areoften used for the testing.
2.5 What Network Instance Types Does CC Support?Currently, only VPCs and Direct Connect virtual gateways are supported. VPNs willconnect to CC in the near future.
2.6 Does a Cloud Connection Have Only One SharedBandwidth Package?
Yes. A cloud connection can have only one bandwidth package bound eitherwithin a geographic region or between geographic regions.
2.7 Are the Uplink and Downlink Rates of theConfigured Inter-Region Bandwidth the Same?
Yes.
If you purchase a 10 Mbit/s bandwidth package for communication between theChinese mainland and Asia Pacific and allocate 5 Mbit/s bandwidth between theCN East-Shanghai region and the AP-Hong Kong region from the bandwidthpackage, the maximum bandwidths from the CN East-Shanghai region to the AP-Hong Kong region and from the AP-Hong Kong region to the CN East-Shanghairegion are 5 Mbit/s.
2.8 What Are the Limits on the Traffic for an Inter-region Bandwidth?
The traffic that you can use when you are using CC is determined by theconfigured inter-region bandwidth. The peak inbound or outbound traffic canreach the configured inter-region bandwidth.
CC does not limit the traffic within the inter-region bandwidth you configured.
For example, if the inter-region bandwidth configured between region A andregion B is 20 Mbit/s, the peak traffic from region A and the peak traffic fromregion B can reach 20 Mbit/s.
Cloud ConnectFAQ 2 Product Consultation
Issue 01 (2020-11-30) Copyright © Huawei Technologies Co., Ltd. 9
2.9 What Are the Metrics for Monitoring the Traffic ofInter-region Bandwidths?
There are two metrics used by Cloud Eye to monitor the traffic: Inbound Trafficand Outbound Traffic.
Inbound Traffic indicates the traffic from the other region to the current region,while Outbound Traffic indicates the traffic from the current region to the otherregion.
2.10 What Are the Restrictions of Using CC?Similar to other VPC communication products, CC has the following restrictions:
● Subnet CIDRs carried in the network instance added to CC must not overlap.● You can apply for up to cloud connections. Each cloud connection can be
loaded to at most six regions. In each region, a maximum of six networkinstances can be loaded to a cloud connection.
2.11 Where Can I Add a Route on the Console?When a network instance is loaded to a cloud connection, a route is automaticallydelivered. You can also add special routes under Other CIDR Block when you loadthe network instance. You can view the routes on the Route Information tabpage.
2.12 Do I Need to Purchase an EIP for Each VM in theVPCs That Access Each Other Through a CloudConnection?
If the ECSs are used only within the VPCs, you do not need EIPs.
If you want to access the ECSs from the Internet or use the ECSs to provideservices accessible from the Internet, you need to purchase an EIP for each ECS.
Cloud ConnectFAQ 2 Product Consultation
Issue 01 (2020-11-30) Copyright © Huawei Technologies Co., Ltd. 10
2.13 How Can I Change the Bandwidth of a CloudConnection?
CC allows you to increase or decrease the bandwidth of a purchased bandwidthpackage.
To change the bandwidth, perform the following operations:
1. Log in to the management console.
2. Click in the upper left corner to select a region and a project.3. Under Network, click Cloud Connect.4. In the navigation pane on the left, choose Cloud Connect > Bandwidth
Packages.5. Locate the target bandwidth package and click Modify Bandwidth in the
Operation column.6. Set a new bandwidth and click OK.7. Confirm the modification and click Pay Now.
NO TE
● Modifying the bandwidth does not interrupt services. Unsubscribing a bandwidthpackage that has been bound to a cloud connection or unbinding a bandwidthpackage from a cloud connection will interrupt services. Before you unsubscribe abandwidth package that has been bound to a cloud connection, unbind it from thecloud connection.
● If bandwidth package is about to expire in 24 hours, you cannot increase ordecrease the bandwidth.
2.14 Why Does the Modified Bandwidth Not TakeEffect?
Modifying the bandwidth requires five minutes to take effect. Test the bandwidthfive minutes after the bandwidth is modified.
2.15 How Can I Change Inter-Region Bandwidths of aCloud Connection?
1. Log in to the management console.
2. Click in the upper left corner to select a region and a project.3. Under Network, click Cloud Connect.4. In the cloud connection list, click the name of the target cloud connection and
then click Inter-Region Bandwidths.5. Locate the target inter-region bandwidth and click Modify in the Operation
column.
Cloud ConnectFAQ 2 Product Consultation
Issue 01 (2020-11-30) Copyright © Huawei Technologies Co., Ltd. 11
6. Modify the bandwidth and click OK.
2.16 Do I Need to Create Another Cloud Connection IfNetwork Instances in Regions A and B That AreAlready Loaded to a Cloud Connection Need toCommunicate with Network Instances in Region C?
No.
If you have a cloud connection and have already loaded network instances inregions A and B to the cloud connection, you just need to load the networkinstances in region C to the cloud connection and configure the inter-regionbandwidths between every two regions.
In this way, network instances in the three regions can communicate with eachother.
2.17 Are Network Circuits Physically Isolated?No. CC leverages HUAWEI CLOUD backbone network, and the network circuits arelogically isolated.
2.18 Is CC an Out-Of-The-Box Service?Operations on the CC console include creating cloud connections, loading networkinstances, purchasing bandwidth packages, configuring inter-region bandwidths,and submitting the cross-border application.
● All operations take effect immediately, except for the cross-border application.● The cross-border application takes effect only after being approved by China
Unicom.
Cloud ConnectFAQ 2 Product Consultation
Issue 01 (2020-11-30) Copyright © Huawei Technologies Co., Ltd. 12
3 Console Operations
3.1 What Is the Procedure of Configuring a CloudConnection?
To configure a cloud connection, you need to perform the following steps on themanagement console:
1. Create a cloud connection, which will work as a private network for networkinstances loaded to it to communicate with each other.
2. Load network instances. Network instances to communicate with each othermust be loaded to the same cloud connection. Two types of networkinstances are supported, VPC and virtual gateway.
3. Buy a bandwidth package. To enable communication between networkinstances, you need to purchase a bandwidth package in a geographic regionor across geographic regions and bind it to the corresponding cloudconnection.
4. Configure inter-region bandwidths. Configure the inter-region bandwidths fornetwork instances in different cloud regions.
3.2 What Can I Do If a System Exception Occurs DuringNetwork Instance Loading?
When you are loading a VPC, the system displays a message "A routing conflicthas occurred in this VPC. This route is already being used in other scenarios, suchas VPC Peering and VPN." Check whether the VPC is used in any of the followingscenarios:
● Custom route
● Direct Connect
● VPN
● VPC peering connection
Cloud ConnectFAQ 3 Console Operations
Issue 01 (2020-11-30) Copyright © Huawei Technologies Co., Ltd. 13
If the VPC is used in these scenarios, route conflicts may occur. In this case, youneed to cancel the application scenario of the VPC or do not load the VPC to thecloud connection based on your network plan.
3.3 Does a Cloud Connection Have Only One SharedBandwidth Package?
Yes. A cloud connection can have only one bandwidth package bound eitherwithin a geographic region or between geographic regions.
3.4 What Are the Restrictions of Using CC?Similar to other VPC communication products, CC has the following restrictions:
● Subnet CIDRs carried in the network instance added to CC must not overlap.● You can apply for up to cloud connections. Each cloud connection can be
loaded to at most six regions. In each region, a maximum of six networkinstances can be loaded to a cloud connection.
3.5 How Can I Apply for the Cross-Border Permit?To apply for the permit for cross-border businesses, you need to provide thefollowing materials and ensure that all materials are stamped with yourcompany's official seal:
● A sealed copy of the company's business license● A sealed copy of Cloud Connect Cross-Border Circuit Service Agreement● A sealed copy of China Unicom Letter of Commitment to Information Security
of the Cross-Border Circuit Service
Perform the following operations to submit a cross-border application:
1. Log in to the management console.2. Under Network, click Cloud Connect.3. In the navigation pane on the left, choose Cloud Connect > Cross-Border
Application.4. Click Submit Application.5. Fill in the enterprise and representative information, and upload the prepared
materials.6. Click Submit.
After the application is submitted, the status of the cross-border application isPending approval. The review takes about one working day. When the statusbecomes Approved, the cross-border application is completed.
3.6 Where Can I Add a Route on the Console?When a network instance is loaded to a cloud connection, a route is automaticallydelivered. You can also add special routes under Other CIDR Block when you load
Cloud ConnectFAQ 3 Console Operations
Issue 01 (2020-11-30) Copyright © Huawei Technologies Co., Ltd. 14
the network instance. You can view the routes on the Route Information tabpage.
3.7 How Can I Change the Bandwidth of a CloudConnection?
CC allows you to increase or decrease the bandwidth of a purchased bandwidthpackage.
To change the bandwidth, perform the following operations:
1. Log in to the management console.
2. Click in the upper left corner to select a region and a project.3. Under Network, click Cloud Connect.4. In the navigation pane on the left, choose Cloud Connect > Bandwidth
Packages.5. Locate the target bandwidth package and click Modify Bandwidth in the
Operation column.6. Set a new bandwidth and click OK.7. Confirm the modification and click Pay Now.
NO TE
● Modifying the bandwidth does not interrupt services. Unsubscribing a bandwidthpackage that has been bound to a cloud connection or unbinding a bandwidthpackage from a cloud connection will interrupt services. Before you unsubscribe abandwidth package that has been bound to a cloud connection, unbind it from thecloud connection.
● If bandwidth package is about to expire in 24 hours, you cannot increase ordecrease the bandwidth.
3.8 How Can I Change Inter-Region Bandwidths of aCloud Connection?
1. Log in to the management console.
2. Click in the upper left corner to select a region and a project.3. Under Network, click Cloud Connect.4. In the cloud connection list, click the name of the target cloud connection and
then click Inter-Region Bandwidths.5. Locate the target inter-region bandwidth and click Modify in the Operation
column.6. Modify the bandwidth and click OK.
Cloud ConnectFAQ 3 Console Operations
Issue 01 (2020-11-30) Copyright © Huawei Technologies Co., Ltd. 15
3.9 How Do I Test the Bandwidth Rate of a CloudConnection?
You can use iperf to send packets to an ECS in the VPC loaded to the cloudconnection.
3.10 Why Does the Modified Bandwidth Not TakeEffect?
Modifying the bandwidth requires five minutes to take effect. Test the bandwidthfive minutes after the bandwidth is modified.
Cloud ConnectFAQ 3 Console Operations
Issue 01 (2020-11-30) Copyright © Huawei Technologies Co., Ltd. 16
4 Bandwidth Packages
4.1 Does a Cloud Connection Have Only One SharedBandwidth Package?
Yes. A cloud connection can have only one bandwidth package bound eitherwithin a geographic region or between geographic regions.
4.2 How Can I Change the Bandwidth of a CloudConnection?
CC allows you to increase or decrease the bandwidth of a purchased bandwidthpackage.
To change the bandwidth, perform the following operations:
1. Log in to the management console.
2. Click in the upper left corner to select a region and a project.3. Under Network, click Cloud Connect.4. In the navigation pane on the left, choose Cloud Connect > Bandwidth
Packages.5. Locate the target bandwidth package and click Modify Bandwidth in the
Operation column.6. Set a new bandwidth and click OK.7. Confirm the modification and click Pay Now.
Cloud ConnectFAQ 4 Bandwidth Packages
Issue 01 (2020-11-30) Copyright © Huawei Technologies Co., Ltd. 17
NO TE
● Modifying the bandwidth does not interrupt services. Unsubscribing a bandwidthpackage that has been bound to a cloud connection or unbinding a bandwidthpackage from a cloud connection will interrupt services. Before you unsubscribe abandwidth package that has been bound to a cloud connection, unbind it from thecloud connection.
● If bandwidth package is about to expire in 24 hours, you cannot increase ordecrease the bandwidth.
Cloud ConnectFAQ 4 Bandwidth Packages
Issue 01 (2020-11-30) Copyright © Huawei Technologies Co., Ltd. 18
5 Bandwidth, Latency and Packet Loss
5.1 Why Can't VPCs Loaded to a Cloud ConnectionAcross Regions Communicate with Each Other?
After a cloud connection is configured, you can test the network connectivity usingICMP or Telnet. If the communication still fails, locate the fault from the followingaspects:
● Check whether the security group containing the destination ECSs allowaccess using ICMP or Telnet and the corresponding port in the inbounddirection. If access using ICMP or Telnet and the corresponding port is notallowed, the packets are filtered out by the security group.
● Check whether the destination VPC has a subnet ACL that restricts thecommunication between the source and destination VPCs. If such an ACLexists, the packets are filtered out by the ACL.
● Check whether there are conflicts between the subnets or duplicate subnets inthe source VPC and destination VPC. If duplicate subnets exist, the packetsdestined for the subnet of the target region are routed in the VPC and are notsent to the target region.
● Check whether inter-region bandwidths are configured between source anddestination regions. If you only have a bandwidth package but have notconfigured inter-region bandwidths between different cloud regions, thedefault bandwidth is only 10 kbit/s, and ICMP packets or Telnet test cannot besupported.
5.2 Why Does the Modified Bandwidth Not TakeEffect?
Modifying the bandwidth requires five minutes to take effect. Test the bandwidthfive minutes after the bandwidth is modified.
Cloud ConnectFAQ 5 Bandwidth, Latency and Packet Loss
Issue 01 (2020-11-30) Copyright © Huawei Technologies Co., Ltd. 19
5.3 What Should I Do If Network Connectivity IsAbnormal in a Hybrid Cloud Built Through CC andDirect Connect?
● Check whether the routes of cloud resources are added to the route table ofthe on-premises data center.
● Check whether the routes of the on-premises data center are added tocustom routes of the VPCs connected through the cloud connection andDirect Connect connection.
5.4 Do I Need to Configure Bandwidth for Testing aCloud Connection?
CC provides you with 10 kbit/s bandwidth for ping tests of cloud connections forfree. If the network instances are in different cloud regions, you need to configureinter-region bandwidths so that the network instances can communicate witheach other.
5.5 Why Do I Need CC Even If the Network Latency Isthe Same as on the Internet?
You may need to consider the following when you are using CC:
● Network performance● Transmission distance● CC's advantages
Network Performance Measuring Metrics● Packet loss rate: indicates the proportion of packets lost during network
transmission. This metric measures the network capability of correctlyforwarding data. The difference between the number of packets from thesender and the number of packets to the receiver is the number of packetslost during network transmission. The ratio of the number of lost packets tothe number of expected packets is the packet loss rate.
● Jitter: refers to the fluctuation in the latency of the packets flowing throughthe network. Physical devices, such routers, that forward data packets on thenetwork have buffers. When a large amount of data is transmitted andexceeds the transmission capability of the cable, physical devices will bufferexcessive data packets. As a result, packets that are not buffered or bufferedfor a short time arrive quickly, while packets that are buffered for a long timearrive slowly. The time difference between them is called network jitter.
● Latency: indicates the average round-trip time for transmitting data packetsbetween two network nodes. For a store-and-forward device, the delay startswhen the last bit of the last data frame enters the device and ends when the
Cloud ConnectFAQ 5 Bandwidth, Latency and Packet Loss
Issue 01 (2020-11-30) Copyright © Huawei Technologies Co., Ltd. 20
first bit of the data frame appears on the outbound interface. The timedifference is the delay of the storage and forwarding device.Generally, there are the following types of delays:– Propagation delay: the time taken to transmit a data packet in the
transmission medium. The propagation delay is in direct proportion to thephysical distance between the two ends and the packet size. The longerthe physical distance and the larger the packet, the longer thetransmission delay is.
– Device delay: the time taken by a physical device, such as a router, toforward a data packet. The device delay is related to the forwardingperformance of the switching device.
– Packet conversion delay: the time taken for encoding and decoding datapackets at both ends.
– Jitter buffer delay: Generally, in the IP communication of the voiceservice, a buffer is configured to overcome the network jitter to preventthe voice quality from being discontinuous due to network jitter. Thebuffer also causes a certain delay.
Transmission DistanceCC uses the DCI backbone network for communications, and the latency dependson the transmission distance and transmission loss.
● A long distance results in high transmission loss and network latency.● A short-distance results in low transmission loss and network latency.
Advantages of CC Compared with the InternetConstruct the following two scenarios to compare CC with the Internet in networkperformance.
Table 5-1 Configuration items
ECS Specification 2 vCPUs and 4 GB memory
Bandwidth 4 Mbit/s
Regions CN North-Beijing1 (AZ1) and AP-Hong Kong (AZ1)
East China-Shanghai1 (AZ1) and Asia Pacific-HongKong (AZ1)
Test Time From 2020/09/09 18:30 to 2020/09/10 09:30 (15hours in total)
How This Works Load the VPCs in two regions to a cloud connectionto enable network communications between them.Bind EIPs to the servers so that they cancommunication with each over the Internet.
Quality of network between CN North-Beijing1 (AZ1) and AP-Hong Kong (AZ1)
Cloud ConnectFAQ 5 Bandwidth, Latency and Packet Loss
Issue 01 (2020-11-30) Copyright © Huawei Technologies Co., Ltd. 21
Figure 5-1 Internet test result
Figure 5-2 CC test result
Table 5-2 Test result comparison
Item Packet Loss Average Latency Jitter
CC 0% 38.9 ms 1.57 ms
Internet 0.04% 42.882 ms 2.105 ms
Quality of network between East China-Shanghai1 (AZ1) and Asia Pacific-HongKong (AZ1)
Figure 5-3 Internet test result
Figure 5-4 CC test result
Table 5-3 Test result comparison
Item Packet Loss Average Latency Jitter
CC 0% 32.14 ms 0.514 ms
Internet 1.73% 33.24 ms 2.838 ms
By comparing the test results of the two scenarios, you can see that CC is slightlyahead of the Internet in network latency. However, CC outperforms the Internet inthe packet loss and jitter.
In summary, CC can provide more accurate data transmission and more stablenetwork communications.
Cloud ConnectFAQ 5 Bandwidth, Latency and Packet Loss
Issue 01 (2020-11-30) Copyright © Huawei Technologies Co., Ltd. 22
5.6 Are the Uplink and Downlink Rates of theConfigured Inter-Region Bandwidth the Same?
Yes.
If you purchase a 10 Mbit/s bandwidth package for communication between theChinese mainland and Asia Pacific and allocate 5 Mbit/s bandwidth between theCN East-Shanghai region and the AP-Hong Kong region from the bandwidthpackage, the maximum bandwidths from the CN East-Shanghai region to the AP-Hong Kong region and from the AP-Hong Kong region to the CN East-Shanghairegion are 5 Mbit/s.
5.7 What Are the Limits on the Traffic for an Inter-region Bandwidth?
The traffic that you can use when you are using CC is determined by theconfigured inter-region bandwidth. The peak inbound or outbound traffic canreach the configured inter-region bandwidth.
CC does not limit the traffic within the inter-region bandwidth you configured.
For example, if the inter-region bandwidth configured between region A andregion B is 20 Mbit/s, the peak traffic from region A and the peak traffic fromregion B can reach 20 Mbit/s.
5.8 How Can I Change Inter-Region Bandwidths of aCloud Connection?
1. Log in to the management console.
2. Click in the upper left corner to select a region and a project.3. Under Network, click Cloud Connect.4. In the cloud connection list, click the name of the target cloud connection and
then click Inter-Region Bandwidths.5. Locate the target inter-region bandwidth and click Modify in the Operation
column.
Cloud ConnectFAQ 5 Bandwidth, Latency and Packet Loss
Issue 01 (2020-11-30) Copyright © Huawei Technologies Co., Ltd. 23
6. Modify the bandwidth and click OK.
5.9 Are Network Circuits Physically Isolated?No. CC leverages HUAWEI CLOUD backbone network, and the network circuits arelogically isolated.
Cloud ConnectFAQ 5 Bandwidth, Latency and Packet Loss
Issue 01 (2020-11-30) Copyright © Huawei Technologies Co., Ltd. 24
6 Cross-Border Application
6.1 Why Is Cross-Border Application Required?According to the laws and administrative regulations of the Ministry of Industryand Information Technology (MIIT) of the People's Republic of China, only threemajor operators in the Chinese mainland are qualified to operate cross-borderbusinesses. To support your business outside the Chinese mainland, HUAWEICLOUD has jointed China Unicom to centrally create and manage user profiles forcross-border business. HUAWEI CLOUD provides cloud services and resources, andChina Unicom provides the cross-border circuit service.
6.2 Who Approves Cross-Border Applications?Cross-border applications are approved by China Unicom, a HUAWEI CLOUDbusiness partner who provides the cross-border circuit service for you.
6.3 How Can I Apply for the Cross-Border Permit?To apply for the permit for cross-border businesses, you need to provide thefollowing materials and ensure that all materials are stamped with yourcompany's official seal:
● A sealed copy of the company's business license● A sealed copy of Cloud Connect Cross-Border Circuit Service Agreement● A sealed copy of China Unicom Letter of Commitment to Information Security
of the Cross-Border Circuit Service
Perform the following operations to submit a cross-border application:
1. Log in to the management console.2. Under Network, click Cloud Connect.3. In the navigation pane on the left, choose Cloud Connect > Cross-Border
Application.4. Click Submit Application.
Cloud ConnectFAQ 6 Cross-Border Application
Issue 01 (2020-11-30) Copyright © Huawei Technologies Co., Ltd. 25
5. Fill in the enterprise and representative information, and upload the preparedmaterials.
6. Click Submit.
After the application is submitted, the status of the cross-border application isPending approval. The review takes about one working day. When the statusbecomes Approved, the cross-border application is completed.
6.4 When Would I Need to Submit a Cross-BorderApplication?
To comply with China's laws and regulations on cross-border communications, youneed to apply for a permit before you can buy a bandwidth package forcommunications between the Chinese mainland and another country or region.Currently, CC is live in four geographic regions, and cross-border application isrequired in the following scenarios:
● Communications between the Chinese mainland and Asia Pacific
● Communications between the Chinese mainland and South Africa
● Communications between the Chinese mainland and western Latin America
To apply for the permit, you need to provide related files stamped with yourcompany's official seal and submit them online. China Unicom, a cross-borderbusiness partner of HUAWEI CLOUD, reviews and approves the application onlinewithin one working day. After the application is approved, you can buy bandwidthpackages for cross-border communications.
6.5 How Long Can a Cross-Border Application BeApproved?
Cross-border applications must be approved within one working day.
6.6 Why Does CC Require Additional Real-NameAuthentication Since HUAWEI CLOUD Already Has aReal-Name Authentication System in Cross-BorderScenarios?
● In HUAWEI CLOUD real-name authentication, Huawei collects and savesinformation for billing and issuing invoices.
● CC requires additional real-name authentication in cross-border scenariosfrom the Chinese mainland to regions or countries outside the Chinesemainland. This is because the CC cross-border service capability is provided byChina Unicom. Your real-name authentication information on HUAWEICLOUD will be directly provided to China Unicom for qualification review andapproval. Related information is collected and saved by China Unicom foraudit and archiving.
Cloud ConnectFAQ 6 Cross-Border Application
Issue 01 (2020-11-30) Copyright © Huawei Technologies Co., Ltd. 26
6.7 Can the Content of the Cloud Connect Cross-BorderCircuit Service Agreement Be Modified?
No.
The Cloud Connect Cross-Border Circuit Service Agreement is a standard contractconfirmed with Shenzhen Unicom and therefore cannot be modified.
Cloud ConnectFAQ 6 Cross-Border Application
Issue 01 (2020-11-30) Copyright © Huawei Technologies Co., Ltd. 27
7 Networking and Scenarios
7.1 Does CC Support Communication Among DifferentVPCs in the Same Region?
VPCs in the same region can communicate with each other by default after beingadded to CC. The communication does not require bandwidth packages. However,in the overall solution design, if only cross-VPC communication in the same regionis required, you are advised to use the VPC peering connections.
7.2 Does CC Support Cross-Tenant Communication?Yes. Currently, you can authorize your own VPCs to cloud connections of otherusers for loading. As a result, your network instances and others can communicatewith each other.
Cloud ConnectFAQ 7 Networking and Scenarios
Issue 01 (2020-11-30) Copyright © Huawei Technologies Co., Ltd. 28
8 Cross-Account Authorization
8.1 Does Each Account Need to Buy a BandwidthPackage for Loading Network Instances AuthorizedAcross Accounts?
No.
If you want to load other user's network instances, you need to create the cloudconnection, and others do not need one.
8.2 Does Each Account Need to Create a Cloud Connectfor Authorizing Network Instances Across Accounts?
No.
If you want to load other user's network instances to your cloud connections, youneed to buy the bandwidth package, and others do not need one.
8.3 How Do I Configure Cross-Account Authorization toManage Network Instances?
For details, see Authorizing Network Instances Across Accounts.
8.4 Can a VPC Be Loaded to Two or More CloudConnections?
No.
A VPC can be loaded to only one cloud connection.
Cloud ConnectFAQ 8 Cross-Account Authorization
Issue 01 (2020-11-30) Copyright © Huawei Technologies Co., Ltd. 29
9 Permissions
9.1 How Do I Assign CC Operation Permissions to IAMUsers?
Check whether your account is an IAM user account. If yes, perform operations onthe IAM console as the HUAWEI CLOUD account user to authorize you theoperation permissions. Ensure that your account have the Tenant Guest, VPCAdministrator, and Cross Connect Administrator permissions.
Cloud ConnectFAQ 9 Permissions
Issue 01 (2020-11-30) Copyright © Huawei Technologies Co., Ltd. 30
10 Monitoring
10.1 Why Is the Bandwidth Monitoring Data on theCloud Eye Console Incomplete?
Cloud Eye collects data every 5 minutes, which is called a metric collection point. 1or 2 points are lost during data collection. Generally, 5% of data is lost duringdata collection. All data is automatically supplemented after 2 hours.
10.2 How Do I View the Bandwidth Monitoring Data ofa Cloud Connection?
● Navigate to the Cloud Eye console, choose Cloud Service Monitoring >Cloud Connect in the navigation pane, locate the cloud connection, and clickView Metric in the Operation column to view its monitoring data.
● On the Inter-Region Bandwidths tab page, click the icon in the Monitoringoperation.For detailed operations, see Viewing Metrics.
10.3 Does the Monitoring Data Take EffectImmediately After an Inter-Region Bandwidth IsConfigured?
The inter-region bandwidth does not take effect immediately.
Each time you modify or change the inter-region bandwidth of a cloud connection,the underlying data synchronization policy is triggered, and the datasynchronization policy is executed at a specified interval. Generally, it takes aboutone day to complete data synchronization.
Cloud ConnectFAQ 10 Monitoring
Issue 01 (2020-11-30) Copyright © Huawei Technologies Co., Ltd. 31
10.4 What Are the Metrics for Monitoring the Traffic ofInter-region Bandwidths?
There are two metrics used by Cloud Eye to monitor the traffic: Inbound Trafficand Outbound Traffic.
Inbound Traffic indicates the traffic from the other region to the current region,while Outbound Traffic indicates the traffic from the current region to the otherregion.
Cloud ConnectFAQ 10 Monitoring
Issue 01 (2020-11-30) Copyright © Huawei Technologies Co., Ltd. 32
11 Quotas
11.1 How Can I Increase Resource Quotas?
What Is the Quota?Quotas are enforced for service resources on the platform to prevent unforeseenspikes in resource usage. Quotas can limit the number of resources available tousers. You can apply for increasing quotas if necessary.
This FAQ describes how to increase resource quotas.
How Do I Apply for a Higher Quota?1. Log in to the management console.2. In the upper right corner of the page, choose Resources > My Quotas.
The Service Quota page is displayed.
Figure 11-1 My quota
3. Click Increase Quota.4. On the Create Service Ticket page, configure parameters as needed.
In the Problem Description area, fill in the content and reason foradjustment.
Cloud ConnectFAQ 11 Quotas
Issue 01 (2020-11-30) Copyright © Huawei Technologies Co., Ltd. 33
5. Select the agreement and click Submit.
Cloud ConnectFAQ 11 Quotas
Issue 01 (2020-11-30) Copyright © Huawei Technologies Co., Ltd. 34