Issue
A virtual private cloud (VPC) route table prompts Conflict on the System Route tab.
A Cloud Enterprise Network (CEN) instance prompts Route Conflict on the Network Instance Route Table tab.
Possible causes
Check for the following causes:
The CIDR blocks of two or more VPCs overlap with each other.
The VPC is attached to a CEN instance while maintaining a peering connection, and the peer route overlaps with a route of the CEN instance.
The route quota of the CEN instance has been exhausted.
Solutions
Troubleshoot the error based on its symptoms.
CIDR blocks of two or more VPCs overlap with each other
For example, VPC1 and VPC2 in the China (Hangzhou) region are attached to the same CEN instance, and the CIDR blocks of VPC1 and VPC2 are allocated as described in the following table. As a result, the VPC route tables prompt Conflict on the System Route tab, and the CEN instance prompts Route Conflict on the Network Instance Route Table tab.
Network instance | CIDR block |
VPC1 | Primary CIDR block: 172.16.0.0/16 CIDR block of vSwitch1: 172.16.0.0/24 CIDR block of vSwitch2: 172.16.1.0/29 CIDR block of vSwitch3: 172.16.102.40/29 CIDR block of vSwitch4: 172.16.100.0/24 |
VPC2 | Primary CIDR block: 172.16.0.0/16 CIDR block of vSwitch1: 172.16.0.0/24 CIDR block of vSwitch2: 172.16.1.0/29 CIDR block of vSwitch3: 172.16.10.0/24 CIDR block of vSwitch4: 172.16.2.0/24 |
View the overlapping CIDR blocks.
You can view overlapping CIDR blocks in the VPC console or in the CEN console.
Log on to the VPC console, click the ID of the VPC, and then view the overlapping CIDR block on the System Route tab.
Log on to the CEN console, find the CEN instance that you want to manage, and then navigate to the Basic Information > Transit Router tab. Click the ID of the transit router to which the VPC is connected, and view the overlapping CIDR block on the Network Instance Route Table tab.
Fix the overlapping CIDR blocks.
The following solutions address overlapping CIDR blocks:
Delete the vSwitch with the overlapping CIDR block. For more information, see What do I do if the CIDR blocks of vSwitches overlap with each other?
In the CEN console, delete the VPC with the overlapping CIDR block. For more information, see Delete a network instance connection.
Overlapping CIDR blocks cannot be used to communicate with other VPCs. CEN preferentially selects the CIDR blocks of other VPCs that are attached to the CEN instance.
Use a NAT gateway. For more information, see Allow VPCs with overlapping CIDR blocks to access each other by using VPC NAT gateways.
The VPC is attached to a CEN instance while maintaining a peering connection
This issue arises only in VPCs that are connected to Basic Edition transit routers. VPCs connected to Enterprise Edition transit routers are free of this issue.
The following scenario is used as an example. VPC1, VPC2, and VPC3 are deployed in the same region. VPC1 and VPC2 are connected over a peering connection. VPC1 and VPC3 are connected over CEN. The following table describes the CIDR blocks of VPC1, VPC2, and VPC3. The connection between VPC1 and VPC2 is configured first. After the connection between VPC1 and VPC3 is configured, VPC3 prompts the Route Conflict error message.
View the overlapping CIDR blocks.
You can view overlapping CIDR blocks in the VPC console or in the CEN console.
Log on to the VPC console, navigate to the System Route tab of VPC3, and then view the overlapping CIDR block.
Log on to the CEN console and click the ID of the CEN instance. On the Basic Information > Transit Router tab, click the ID of the transit router to which the VPC3 is connected, click the Network Instance Route Table tab, and then view the overlapping CIDR block.
Fix the overlapping CIDR blocks.
When you configure a route for a peering connection, you can set the destination CIDR block to a smaller CIDR block, such as 172.16.0.0/25 or 172.16.0.0/20. This ensures that the destination CIDR block is different from the CIDR block of VPC3.
NotePeering connection routes learned by VPCs are classified as custom routes, which have a higher priority than the routes learned by the CEN instance.
CEN route quota exhaustion
Log on to the CloudMonitor console.
In the left-side navigation pane, choose Event Center > System Event.
On the System Event page, view the system events of CEN and check whether the
QuotaExceeded:Route
event exists.We recommend that you create a threshold-triggered alert rule for the route quota so that you can receive quota notifications in time. For more information, see Monitor route usage.
Applicable scope
VPC
CEN