当前位置:网站首页>[latest] how to realize hybrid cloud active / standby redundant communication through cloud networking and VPN connection?
[latest] how to realize hybrid cloud active / standby redundant communication through cloud networking and VPN connection?
2022-06-24 01:48:00 【TCS-F】
As cloud applications continue to expand , More and more customers adopt Cloud networking and VPN Double line redundancy mode Realize two-way communication of hybrid cloud services , The following details how to implement :
When the user business is deployed in the data center under the cloud and on the cloud respectively VPC In the middle of the day , It can be connected through the cloud or VPN Connect to realize the interworking of on cloud and off cloud services , To improve the high availability of the business , You can create cloud networking and VPN Connection service , To configure The two links are the primary and standby links , To achieve redundant communication . This article guides you on how to configure cloud networking and VPN The active and standby links are used to realize on cloud and off cloud service communication .
Business scenario
As shown in the figure below , The user is in VPC and IDC The central government has deployed business , In order to realize the business interaction between the cloud and the cloud , Users need to deploy network connection services to realize business interoperability , For high availability communication , The deployment scheme is as follows :
- Cloud networking ( Lord ): Local IDC Through the physical line , Connect to Cloud networking private line gateway , Dedicated line gateway and VPC Are connected to the cloud network , So as to realize the full service communication under the cloud and on the cloud . When the physical dedicated line link is normal , Local IDC And VPC All traffic between them is Forwarding through the cloud networking via the physical dedicated line .
- VPN Connect ( To prepare ): Local IDC And on the cloud VPC Through establishment VPN Safety tunnel To realize on cloud and off cloud business communication , When the leased line link is abnormal , The traffic can be switched to this link , Ensure business availability .
Prerequisite
- User local IDC The gateway device has IPsec VPN function , It can also be used as the user side VPN Gateway device , And VPC Side VPN Equipment setup IPsec Tunnel communication .
- user IDC The side gateway device has been configured with static IP.
- Data preparation is as follows : Configuration item example value network configuration VPC Information subnet CIDR192.168.1.0/24VPN Gateway public network IP203.xx.xx.82IDC Information subnet CIDR10.0.1.0/24 Gateway public network IP202.xx.xx.5.
Operation process
- 1 Configure dedicated line access
- 2 To configure VPN Connect
- 3 Configure network probe
- 4 Configure alarms
- 5 Switch between active and standby routes
Operation steps
Step one : To configure IDC Through the cloud network
- Sign in Dedicated line access console , Click... On the left navigation bar 【 Physics line 】 Create a physical line .
- Click... On the left navigation bar 【 Dedicated gateway 】 Create a dedicated gateway , This example selects cloud networking .
- Click cloud networking private line gateway ID Enter details page , stay 【IDC gateway 】 Enter the user in IDC Network segment , for example 10.0.1.0/24.
- Sign in Cloud networking console , single click 【 newly build 】 Create an instance of cloud networking .
- Sign in Dedicated channel console , single click 【 newly build 】 Create a dedicated channel to connect to the cloud networking dedicated gateway , Configure the channel name here 、 Select cloud networking as the access network , Select the created cloud networking private line gateway 、 Configure the interconnection between Tencent cloud side and user side IP、 Routing method selection BGP Routing, etc. , After the configuration is completed, download the configuration guide and click IDC The device is configured .
- take VPC Associate with the dedicated line gateway to the cloud networking instance , That is to say VPC and IDC Networking through the cloud 、 Cloud networking dedicated line gateway for interworking . explain : For more detailed configuration, please refer to IDC Through the cloud network .
Step two : To configure IDC adopt VPN Connect to the cloud
- Sign in VPN Gateway console , single click 【 newly build 】 establish VPN gateway , In this example, the associated network selects the private network .
- Click... On the left navigation bar 【 Peer gateway 】, Configure the peer gateway ( namely IDC Side VPN The logical object of the gateway ), Fill in IDC Side VPN The gateway's public network IP Address , for example 202.xx.xx.5.
- Click... On the left navigation bar 【VPN passageway 】, Please configure SPD Strategy 、IKE、IPsec Other configuration .
- stay IDC Configure on the local gateway device VPN Channel information , The configuration here requires and step 3 Medium VPN The channel information is consistent , otherwise VPN The tunnel cannot be connected normally .
- stay VPC Configure the next hop in the routing table associated with the communication subnet as VPN gateway 、 The destination is IDC Routing strategy of communication network segment . explain : For more detailed configuration, please refer to :
If it is 1.0 and 2.0 Version of VPN gateway , Please refer to establish VPC To IDC The connection of (SPD Strategy ). If it is 3.0 Version of VPN gateway , Please refer to establish VPC To IDC The connection of ( Routing table )
Step three : Configure network probe
explain : After the above two steps are configured ,VPC Go to IDC There are already two paths , The next hop is cloud networking 、VPN gateway , According to the route default priority : Cloud networking > VPN gateway , Cloud networking is the main path ,VPN The gateway is an alternate path .
To understand the connection quality of the active and standby paths , You need to configure network probes for two paths respectively , Real time monitoring of the delay to the network connection 、 Key indicators such as packet loss rate , To detect the availability of active and standby routes .
- Sign in Network probe console .
- single click 【 newly build 】, Create a network probe , Fill in the network probe name , Select private network 、 subnet 、 Detection purpose IP, And specify the next hop route at the source , Such as cloud networking .
- Please execute again step 2, Specify that the next hop route at the source end is VPN gateway . When the configuration is complete , You can view cloud networking and VPN Network detection delay and packet loss rate of connecting the active and standby paths . explain : For more detailed configuration, please refer to Network detection .
Step four : Configure alarms
In order to detect the abnormal link in time , Configurable alarm strategy for network detection , In order to detect the abnormal link , It can be done by Email and SMS And get the alarm information in time , Help you to forewarn risks in advance .
- Log in to... Under cloud monitoring Alarm strategy console .
- single click 【 newly build 】, Fill in the strategy name 、 Policy type selection 【 Private networks / Network detection 】, Select a specific network detection instance for the alarm object , Configure triggering conditions, alarm notification and other information , And click 【 complete 】 that will do .
Step five : Switch between active and standby routes
When the network detection abnormal alarm of the main path of cloud networking is received , You need to manually disable the primary route , Switch the flow to VPN Gateway backup route .
- Sign in Routing table console .
- single click VPC Communication subnet associated routing table ID, Enter the routing details page , single click
Disable the next hop as the primary route for cloud networking , here VPC Go to IDC Traffic will switch from cloud networking to VPN gateway .
value 11000 Yuan latest user voucher : Get it now
cloudy 11.11 The latest package combination of activities : Click to see
Recommended reading :
- Based on Tencent cloud CVM Self built high availability Redis practice https://cloud.tencent.com/act/cps/redirect?redirect=11&
- Based on Tencent cloud CVM build Hadoop Cluster and do data migration https://cloud.tencent.com/act/cps/redirect?redirect=12&
- Tencent cloud CVM Tag practice sharing https://cloud.tencent.com/act/cps/redirect?redirect=14&
- Host migration practice sharing https://cloud.tencent.com/act/cps/redirect?redirect=15&
- Local IDC Computer room database disaster recovery solution https://cloud.tencent.com/act/cps/redirect?redirect=16&
- Solutions for inter account cloud resource intranet interworking based on cloud networking https://cloud.tencent.com/act/cps/redirect?redirect=34664&
- Lightweight application server best practices :https://cloud.tencent.com/act/pro/lighthouse_new
边栏推荐
- Property management source code based on wechat applet
- Dart series: generics in dart classes
- Tencent cloud database tdsql elite challenge --q & A
- Tcapulusdb Jun · industry news collection (November 22)
- How to set up AI speech synthesis? What is the function of speech synthesis?
- How does SAP retail view which Po the allocation table is created with reference to?
- Collation of commonly used glusterfs commands
- November 15, 2021: add four numbers II. Here are four integer arrays nums1, num
- 8、 Pipeline pipeline construction project
- Zoom supports automatic generation of subtitles; Shareplay goes online; Safari update leads to a large number of bugs | webrtc wind direction
猜你喜欢
It's too difficult for me. Ali has had 7 rounds of interviews (5 years of experience and won the offer of P7 post)
I, a 27 year old female programmer, feel that life is meaningless, not counting the accumulation fund deposit of 430000
![[SQL injection 12] user agent injection foundation and Practice (based on burpsuite tool and sqli labs LESS18 target machine platform)](/img/c8/f6c2a62b8ab8fa88bd2b3d8f35f592.jpg)
[SQL injection 12] user agent injection foundation and Practice (based on burpsuite tool and sqli labs LESS18 target machine platform)
![[SQL injection 13] referer injection foundation and Practice (based on burpseuite tool and sqli labs less19 target platform)](/img/b5/a8c4bbaf868dd20b7dc9449d2a4378.jpg)
[SQL injection 13] referer injection foundation and Practice (based on burpseuite tool and sqli labs less19 target platform)
随机推荐
How to use voice synthesis? Can voice synthesis modify the voice?
Use Navicat software to connect self built database (Linux system)
Web user experience design promotion practice
NFS file systems - mount and optimize
Moment. JS to UTC format
How to implement NSQ delay streaming technology in easycvr?
Tencent cloud Weibo was selected into the analysis report on the status quo of China's low code platform market in 2021 by Forrester, an international authoritative research institution
MySQL architecture
[tcapulusdb knowledge base] how to get started with tcapulus SQL driver?
Tcapulusdb pays high tribute to Chinese journalists!
[planting grass by technology] three big gifts prepared by Tencent cloud for you on the double 11, welcome to touch~
Baysor: cell segmentation in imaging based spatial transcriptomics
Tke cluster setup linkerd2
Learn 30 programming languages in 1 minute
Cost composition and calculation method of system software
2021-11-14:Fizz Buzz。 I'll give you an integer n and find the number from 1 to n
Tcapulusdb Jun · industry news collection (November 22)
Gin framework: implementing distributed log tracing
Practical case - Tencent security hosting service MSS helped "zero accident" during the period of digital Guangdong re insurance!
SMS marketing is the key to retain customers