In this article, we will discuss Hybrid Connectivity options available in Alibaba Cloud Networking Services. As we all know, industry and enterprises are leaning more towards hybrid connectivity options to connect their own on-premises Internet Data Center (IDC) to Cloud Computing Service Provider Data Center or Virtual Private Cloud. As an industry does not want to migrate 100% of their workload on the Cloud, they are preferring more different types of Hybrid Connectivity Cloud Computing Service providers, like Alibaba Cloud. Alibaba Cloud has so many different types of services under Networking like Express Connect, Cloud Enterprise Network, VPN Gateway by which the enterprises can have hybrid connectivity options as per their requirements and budget.
Express Connect is a service by Alibaba Cloud Networking by which we can directly connect our two Virtual Private Clouds to either both VPCs in the same region or different regions, and either both VPCs are of the same Alibaba account or different Alibaba accounts. Also, using intranet private connectivity along with two VPCs, by using Express Route we can connect VPC with On-premises IDC. So, to connect two VPCs in Alibaba Cloud creates a Route Interface connection on the VRouter of both connecting VPCs, by which Express Connect uses the own backbone transmission network of Alibaba cloud.
Route Interface is basically a virtual device which is providing communication channels and control to connect two VPCs. That one VPC will become the connection initiator and another VPC will become a connection receiver to establish connectivity between two VPCs. Now to connect VPC with On-Premise IDC, we need to use the physical connection which works on the physical layer. Physical Connection is basically a private network circuit established between Alibaba Cloud VPC Access Point and your on-premises IDC data center connectivity device. For this, we need to contact the private network carrier who will rent us a lease line cable and connect our on-premise IDC to Alibaba Cloud Access Point on Cloud.
So, for this, we need to create a Virtual Border Router (VBR) to connect our on-premises IDC to Alibaba Cloud VPC for a hybrid cloud environment. Virtual Border Router is a service which maps a leased line with VSwitch to access it and it also works as a Border Gateway Protocol Router between our on premises equipment to the VPC on the cloud. So, Express Connect is basically a private network connectivity option; it does not use public internet for hybrid connectivity so it is reliable and secure. Express Connect service provides three types of connectivity specifications: Small (10 Mbps to 40 Mbps), Middle (100 Mbps to 900 Mbps) and Large (1 Gbps to 4.5 Gbps) hybrid connectivity.
Another Service is Cloud Enterprise Network that allows us to create a large global network of hybrid cloud computing solutions which is able to connect your VPCs across the global regions and your on-premise local data center together. It's highly scalable, reliable, and secure. CEN has three components -
1. CEN Instance - To connect our network globally we need to create CEN Instance first and attach the network to it.
2. Networks (Including VPC and VBR) - This is the second component by which we need to attach network with CEN instance so that each can communicate with each other across the globe.
3. Bandwidth - This component is required only for cross region communications in which we need to specify interconnection areas.
Another popular hybrid connectivity option available in Alibaba Cloud is VPN Gateway - This is basically Site to Site and Point to Site connectivity options available in Alibaba Cloud over the internet using the encrypted tunnel between VPC to on premise DC or VPC to remote employee computer / Laptop. So, Alibaba Cloud is providing both IPSec Protocol tunnel for Site to Site Connectivity and Secure Socket Layer Protocol tunnel for Point to Site Connectivity.
The point to note here is that VPN Gateway is not providing Internet access services. So, using VPN Gateway, we can have site to site, multi site connectivity, VPC to VPC Connection, point to site connectivity to remote laptops, phones, desktops etc and we can have combined IPSec and SSL VPN connections and we can have multinational intranet connections using VPN Gateway and Express Connect. Per VPN Gateway we can have 10 IPSec connections and 1 SSL Server which can have 50 clients.