Community

Blog Events Webinars Tutorials Forum
  1. Blog
  2. Events
  3. Webinars
  4. Tutorials
  5. Forum
Create Account
×
Community Blog CEN Pricing: Plumbing The Depths - Friday Blog, Week 57

CEN Pricing: Plumbing The Depths - Friday Blog, Week 57

Creating reliable, cross border private networks isn't hard, but understanding the billing sure can be! Join us as we dive into CEN network billing on...

By: Jeremy Pedersen

Plumbing The Depths: CEN Billing On Alibaba Cloud

This week, we take a dive into Cloud Enterprise Network (CEN) billing.

Cloud Enterprise Network is a tool for routing between private networks on Alibaba Cloud, allowing users to seamlessly connect VPC network groups.

The connections made over CEN are always private, meaning they pass over Alibaba Cloud's own network backbone, rather than the public Internet.

Within a single Region, CEN traffic is free of charge. Not surprisingly, traffic between Regions is not free, because inter-region private bandwidth is a scarce commodity!

Adding to this, CEN depends on Transit Routers (TRs) to push traffic around, and there are two different versions of TR, one of which charges additional fees on top of the bandwidth charges for inter-region connections.

Confused yet? You aren't the only one! Let's dive in and answer some important questions, including:

  1. With CEN, which things are charged for, and which are free?
  2. What do CEN costs look like, in different scenarios and with different network architectures?
  3. How does using CEN compare in cost to other solutions, like VPN-based network peering?
  4. When does it make sense to use CEN, and when should I look at other solutions? What are those other solutions?

The Basics: A Crash Course In CEN Billing

Luckily, the CEN documentation has a billing page that breaks all the costs down.

Unluckily, that page is not an easy read! Let's break down the different billable items and consider how they interact.

We'll start with a hypothetical network diagram, shamelessly borrowed from the documentation, of course:

cen_architecture

Here you can see the major components of the CEN. The yellow dotted "box" at the center of the diagram is the CEN instance itself.

Essentially, this is a route table which keeps track of the networks that are attached to CEN and figures out how traffic should be routed between them.

This component - the CEN instance - is always free.

So where do the costs come from? One important "cost center" is CEN's Transit Routers (TRs). There are two version of TR:

  1. Basic Edition
  2. Enterprise Edition

Basic Edition doesn't charge any additional fees, but Enterprise Edition charges for two things:

  1. The number of VPCs (private networks) or VBRs (leased lines) attached to the TR.
  2. The amount of traffic flowing into the TR (traffic back to the VPCs/VBRs from the TR is free).

The third cost comes from connections between regions. Routing traffic from one region to another requires that users purchase a bandwidth package.

Bandwidth packages are not explicitly tied to a particular Region. Instead, each package covers a geographical area that could contain multiple Alibaba Cloud Regions.

Example: A bandwidth package for "Mainland China <-> North America" could cover a connection from the Shanghai region to US East, and at the same time also cover a CEN connection from Beijing to US West (Silicon Valley). You can split bandwidth packages up, using a single package to cover multiple region-to-region connections.

Let's put it all together (again, shamelessly borrowing from the official documentation here):

cen_billing

Can you guess how many things we need to pay for in this scenario? Here's the full list:

  1. A connection fee to connect the Hangzhou VPC to the Enterprise Edition Hangzhou TR.
  2. A data forwarding fee for traffic from the Hangzhou VPC to the Enterprise Edition Hangzhou TR.
  3. A connection fee to connect the Hangzhou VBR (a leased line) to the Enterprise Edition Hangzhou TR.
  4. A data forwarding fee for traffic from the Hangzhou VBR to the Enterprise Edition Hangzhou TR.
  5. A connection fee to connect the Shenzhen VPC to the Enterprise Edition Shenzhen TR.
  6. A data forwarding fee to connect the Shenzhen VPC to the Enterprise Edition Shenzhen TR.
  7. At least one Mainland China Bandwidth Package, to cover the cross-region connections between Shenzhen, Hangzhou, and Qingdao.

"But wait!", I can already hear you asking, "what happened to Qingdao?". Because Qingdao is using a Basic Edition Transit Router, there are no connection or data forwarding costs.

Basic vs Enterprise Transit Routers

There's a full rundown of the differences between transit router types here. Essentially, it boils down to this:

  • Enterprise TRs support custom route tables
  • Enterprise TRs support automatic route learning
  • Enterprise TRs support Network Flowlogs
  • Enterprise TRs support QoS policies

Bottom Line: If all you need is basic inter-region networking, then Basic Edition TRs will work fine for you!

Summing Up (Again)

Let's just summarize all of this one more time to make sure it's as clear as possible:

  1. CEN instances are free.
  2. Basic Edition transit routers (TRs) are free.
  3. Enterprise Edition TRs charge for connections to the TR.
  4. Enterprise Edition TRs charge for data passing into the TR.
  5. CEN charges for cross-region traffic, regardless of the TR type you're using (Basic or Enterprise).

Whew, that's everything!

Figuring Out The Costs: A Real World Scenario

We now need to work out the exact costs for the three major CEN components:

  1. Enterprise TR connection costs
  2. Enterprise TR traffic costs
  3. Bandwidth Package costs for cross-Region traffic

Below, I summarize these costs at the time of writing (2022-04-21).

Bandwidth Package Costs

Note that the prices below can change at any time. The prices below were what was listed on the CEN console's purchase page on 2022-04-21.

These costs are for a 2 Mbps connection (prices vary based on connection bandwidth, and bandwidth can vary from 2 Mbps up to more than 1 Gbps).

  • Mainland China <-> Mainland China: 68.00 USD / month.
  • Mainland China <-> North America: 340.00 USD / month.
  • Mainland China <-> Asia Pacific: 264.00 USD / month.
  • Mainland China <-> Europe: 306.00 USD / month.
  • Mainland China <-> Australia: 544.00 USD month.
  • North America <-> North America: 56.00 USD / month.
  • North America <-> Asia Pacific: 144.00 USD / month.
  • North America <-> Europe: 144.00 USD / month.
  • North America <-> Australia: 544.00 USD / month.
  • Asia Pacific <-> Asia Pacific: 56.00 USD / month.
  • Asia Pacific <-> Europe: 144.00 USD / month.
  • Asia Pacific <-> Australia: 522.00 USD / month.
  • Europe <-> Europe: 56.00 USD / month.
  • Europe <-> Australia: 518.00 USD / month.

Enterprise Edition TR Costs

Data Transfer Fees

There's a flat data transfer fee for traffic into any Enterprise TR, in any region: 0.02 USD / GB.

Connection Fees

There are two general "classes" of connection fee:

  • TRs inside Mainland China: 0.05 USD / hour / connection.
  • TRs outside Mainland China: 0.06 USD / hour / connection.

Real-Life Scenario: Region-to-Region Connection From Shanghai To Tokyo

Assume we need a point-to-point connection from a VPC in Shanghai China, to another VPC in Tokyo.

We will consider two possibilities: one in which we need custom routes (Enterprise TR) and one in which we do not (Basic TR).

Without Custom Routing

In the case where we don't need Enterprise Edition TR, we have only a single cost: bandwidth.

We will need a Mainland China <-> Asia Pacific bandwidth package.

Let's assume we need 2 Mbps for a month. The monthly cost is 264.00 USD / month, as specified earlier in this blog post.

Total Monthly Cost: 264.00 USD.

That's it! Pretty easy to figure out, right?

With Custom Routing

With Enterprise TR, we will still have the fixed cost of 264.00 USD / month for the bandwidth package, but we also have to worry about the connection and bandwidth costs for our two Enterprise Edition TRs (one in Tokyo and one in Shanghai), each of which is connected to a single VPC.

  • Connection cost for Shanghai VPC <-> Shanghai TR: 0.05 USD / hour x 24 hours x 30 days/month = 36.00 USD
  • Connection cost for Tokyo VPC <-> Tokyo TR: 0.06 USD / hour x 24 hours x 30 days/month = 43.20 USD

We also have data transfer costs to consider. We will assume "maximum utilization": 1 Mbps of traffic constantly flowing from Tokyo -> Shanghai, and another 1 Mbps of traffic from Shanghai -> Tokyo (so our 2 Mbps bandwidth package is fully utilized at all times).

Note that 1 Mbps is about 450 MB / hour. This works out to about 324,000 MB per month, which is approximately 316 GB.

  • Bandwidth cost Shanghai -> Tokyo: 316 GB/month x 0.02 USD/GB = 6.32 USD
  • Bandwidth cost Tokyo -> Shanghai: 316 GB/month x 0.02 USD/GB = 6.32 USD

Adding it all up: 6.32 x 2 + 43.20 + 36.00 + 264.00 = 355.84 USD

Total Monthly Cost: 355.84 USD

We can see here that using Enterprise Edition TRs is about 1.35x more expensive than using Basic Edition TRs. The difference will grow more noticeable as more connections are made to each TR, as well.

How Does This Compare To VPN Peering?

What if we used VPN Gateway instead? We will start with the following assumptions:

  • We are setting up VPN Gateway on both sides of the connection (Tokyo and Shanghai) to allow peering between our two VPCs
  • We are using the minimum bandwidth specification (10 Mbps) on both sides of the connection
  • We are setting up an IPsec VPN, not an SSL VPN
  • We have 1 Mbps worth of traffic in each direction at all times, just like in the CEN case above.

In this case, we'll have the following costs:

  1. 10 Mbps VPN Gateway in Shanghai: 0.059 USD / hour.
  2. 10 Mbps VPN Gateway in Tokyo: 0.091 USD / hour.
  3. Traffic from Shanghai -> Tokyo: 0.125 USD / GB / hour.
  4. Traffic from Tokyo -> Shanghai: 0.120 USD / GB / hour.

Further assumptions:

  • A month is 30 days (720 hours) long.
  • 1 Mbps = 0.44 GB / hour.

Adding it all up: 0.059 USD/hour x 720 hours + 0.091 USD/hour x 720 hours + 0.125 USD/GB/hour x 0.44 GB/hour x 720 hours + 0.120 USD/GB/hour x 0.44 GB/hour x 720 hours = 185.62

Total Monthly Cost: 185.62 USD

This is a lot cheaper than CEN!

What's The Bottom Line?

  • Use CEN when you need complex, multi-point network connections with the maximum possible reliability.
  • Use CEN when you need VPC-to-VPC peering within a single Alibaba Cloud region (but make sure you're using Basic Edition TRs whenever possible!)
  • Use VPN tunnels or other software-centric peering methods when you are looking for a low cost solution.
  • Use VPN tunnels when your bandwidth needs vary (VPN traffic is a variable cost, while CEN bandwidth packages are a fixed cost).

We could go a lot deeper into it, but that'll do for this week! See you next time. ^_^

I've Got A Question!

Great! Reach out to me at jierui.pjr@alibabacloud.com and I'll do my best to answer in a future Friday Q&A blog.

You can also follow the Alibaba Cloud Academy LinkedIn Page. We'll re-post these blogs there each Friday.

Not a LinkedIn person? We're also on Twitter and YouTube.

Networking CEN Enterprise Networking Training and Certification
1 1 0
Share on

Read previous post:

On Failure - Friday Blog, Week 56

Read next post:

A Tangled Web: Advanced Networking on Alibaba Cloud - Friday Blog, Week 58

JDP

71 posts | 157 followers

You may also like

Comments

Osama Hafez April 22, 2022 at 10:16 pm

Thanks

JDP

71 posts | 157 followers

Related Products

More Posts by JDP

See All