Express Connect:Create and manage an ECR

Limits

• The local autonomous system number (ASN) of the Border Gateway Protocol (BGP) group of the virtual border router (VBR) associated with the ECR must be the same as the ASN of the ECR. If the ASN of the ECR is not 45104, you must associate a VBR with the ECR and configure BGP for the VBR.

• A VBR that does not support MPBGP cannot be associated with an ECR. In the Basic Information section of the VBR details page, you can check whether the VBR supports MPBGP next to Advanced features of ports.

Prerequisites

• A virtual border router (VBR) to be associated with an ECR is created. For more information, see Create and manage a VBR.

• A VPC is created before you associate an ECR with the VPC. For more information, see Create and manage a VPC.

• Note

  A VPC can receive dynamic routes from only one source at a time. If a VPC is already associated with a transit router and has dynamic routing synchronization enabled, the VPC cannot be associated with an ECR. For more information, see the Dynamic routes section in the Route table overview topic.

• A transit router (TR) is created before you associate an ECR with the TR. For more information, see the "Create a transit router" section of the Transit routers topic.

Create an ECR

1. Log on to the Express Connect Console.

2. In the left-side navigation pane, click Express Connect Router (ECR). On the Express Connect Router (ECR) page, click Create ECR.

3. In the Create ECR dialog box, configure the parameters that are described in the following table, select I have read and understand the billing rules, and then click OK.

   Parameter	Description
   Name	The name of the ECR.
   ASN	The ASN of the ECR. Default value: 45104. Valid values: 45104, 64512 to 65534, and 4200000000 to 4294967294. The value of 65025 is reserved by Alibaba Cloud.
   Resource Group	Select the resource group to which the ECR belongs.
   Tag Key	Select or enter a tag key.
   Tag Value	Select or enter a tag value.
   Description	The description of the ECR.

Associate a VBR with an ECR

1. Log on to the Express Connect Console.

2. In the left-side navigation pane, click Express Connect Router (ECR). On the Express Connect Router (ECR) page, find the ECR that you want to manage and click the name of the ECR. The details page of the ECR appears.

3. Click the VBR tab. On the VBR tab, click Associate VBR.

4. In the Associate VBR dialog box, configure the parameters described in the following table and click OK.

   Parameter	Description
   Resource Owner	The type of the account to which the VBR belongs. Valid values: Current Account: The VBR and the ECR belong to the same account. Another Account: If you want to associate a VBR with the ECR across accounts, you must authorize the ECR that belongs to the current Alibaba Cloud account to access the VBR that belongs to another Alibaba Cloud account. For more information, see the "Grant permissions to the ECR by using the VBR" section of the Grant permissions to an ECR across Alibaba Cloud accounts topic.
   Region	The region in which the VBR resides.
   Peer Account UID	The ID of the Alibaba Cloud account to which the VPC belongs. Note This parameter is required if you set the Resource Owner parameter to Another Account.
   Network Instance	The name or ID of the VBR.
   Allow Business Access Between Data Centers	Specifies whether to allow data centers to access each other. Note By default, this feature is disabled. If you want to use the feature, contact your Alibaba Cloud account manager to apply for enabling the feature.

Associate a VPC with an ECR

1. Log on to the Express Connect Console.

2. In the left-side navigation pane, click Express Connect Router (ECR). On the Express Connect Router (ECR) page, find the ECR that you want to manage and click the name of the ECR. The details page of the ECR appears.

3. Click the VPC tab. On the VPC tab, click Associate VPC.

4. In the Associate VPC dialog box, configure the parameters described in the following table and click OK.

   Parameter	Description
   Resource Owner	The type of the account to which the VPC belongs. Valid values: Current Account: The VPC and the ECR belong to the same account. Another Account: If you want to associate a VPC with the ECR across accounts, you must authorize the ECR that belongs to the current Alibaba Cloud account to access the VPC that belongs to another Alibaba Cloud account For more information, see the "Grant permissions to the ECR by using the VPC" section of the Grant permissions to an ECR across Alibaba Cloud accounts topic.
   Region	The region in which the VPC resides.
   Peer Account UID	The ID of the Alibaba Cloud account to which the VPC belongs. Note This parameter is required if you set the Resource Owner parameter to Another Account.
   VPC ID	The ID of the VPC.
   Allowed Route Prefixes	The route prefixes that you want to advertise to the data center by using the ECR. You can select Matching Mode or Incremental Mode to configure route prefixes. Note You can add IPv4 and IPv6 route prefixes to an ECR. You can select or switch the following modes when you configure route prefixes. Matching mode: Express Connect withdraws specific routes that are advertised to a data center and advertises allowed route prefixes to the data center. Incremental mode: Express Connect withdraws specific routes that are advertised to a data center and that fall within the configured route range. Routes that do not fall within the range are still advertised. Switch the match mode to the incremental mode: Express Connect re-advertises routes that do not fall within the route range to a data center. Configured route prefixes are still advertised. Switch the incremental mode to the matching mode: Express Connect withdraws the routes that are advertised to a data center and that do not fall within the route range. Configured route prefixes are still advertised. If no prefix routes are configured or configured route prefixes are cleared, Express Connect automatically advertises specific routes to a data center. If the ECR advertises only one route prefix and you modify the route prefix, Alibaba Cloud will temporarily resume the specific route to ensure your service continuity. After the modified route prefix is advertised, the configured route prefix is used. Pay attention to the impacts on your peer networks after the specific routes are advertised.

Associate a TR with an ECR

1. Log on to the Express Connect Console.

2. In the left-side navigation pane, click Express Connect Router (ECR). On the Express Connect Router (ECR) page, find the ECR that you want to manage and click the name of the ECR. The details page of the ECR appears.

3. Click the TR tab. On the TR tab, click Associate TR.

4. In the Associate TR dialog box, configure the parameters that are described in the following table and click OK.

   Parameter	Description
   CEN ID	The ID of the CEN instance to which the TR belongs.
   Region	The region in which the TR resides.
   TR	The ID or name of the TR.
   Allowed Route Prefixes	The route prefixes that you want to advertise to the data center by using the ECR. You can select Matching Mode or Incremental Mode to configure route prefixes. Note You can add IPv4 and IPv6 route prefixes to an ECR. You can select or switch the following modes when you configure route prefixes. Matching mode: Express Connect withdraws specific routes that are advertised to a data center and advertises allowed route prefixes to the data center. Incremental mode: Express Connect withdraws specific routes that are advertised to a data center and that fall within the configured route range. Routes that do not fall within the range are still advertised. Switch the match mode to the incremental mode: Express Connect re-advertises routes that do not fall within the route range to a data center. Configured route prefixes are still advertised. Switch the incremental mode to the matching mode: Express Connect withdraws the routes that are advertised to a data center and that do not fall within the route range. Configured route prefixes are still advertised. If no prefix routes are configured or configured route prefixes are cleared, Express Connect automatically advertises specific routes to a data center. If the ECR advertises only one route prefix and you modify the route prefix, Alibaba Cloud will temporarily resume the specific route to ensure your service continuity. After the modified route prefix is advertised, the configured route prefix is used. Pay attention to the impacts on your peer networks after the specific routes are advertised.
   Advanced Settings	The system selects the following settings by default. To modify the settings, click Edit. On the page that appears, modify the settings. Associate with Default Route Table of Transit Router After this feature is enabled, the ECR is automatically associated with the default route table of the transit router. The transit router forwards network traffic from the ECR by querying the default route table. Propagate System Routes to Default Route Table of Transit Router After this feature is enabled, the ECR advertises the BGP routes learned from the VBR to the default route table of the transit router for communication between network instances. Advertise Routes to ECR After this feature is enabled, the transit router automatically advertises routes to the ECR.

Grant permissions to a CEN instance

1. Log on to the Express Connect Console.

2. In the left-side navigation pane, click Express Connect Router (ECR). On the Express Connect Router (ECR) page, find the ECR that you want to manage and click the name of the ECR. The details page of the ECR appears.

3. On the CEN Authorization tab, click Authorize CEN of Another Account to Load Instance.

4. In the Join CEN dialog box, configure the parameters that are described in the following table and click OK.

   Parameter	Description
   CEN Instance ID	The ID of the CEN instance of another Alibaba Cloud account.
   CEN Account	The ID of the Alibaba Cloud account to which the CEN instance belongs.
   Payer	The account that pays for fees generated for connecting the CEN instance to your network instance. Valid values: CEN Owner ECR Owner

Disable or enable a route

You can disable a route from taking effect. After a route is disabled, you can enable the route again.

1. Log on to the Express Connect Console.

2. In the left-side navigation pane, click Express Connect Router (ECR). On the Express Connect Router (ECR) page, find the ECR that you want to manage and click the name of the ECR. The details page of the ECR appears.

3. Click the Routes tab. On the Routes tab, find the route that you want to disable or enable and click Disable or Enable in the Actions column. In the message that appears, click OK.

Delete an ECR

1. Log on to the Express Connect Console.

2. In the left-side navigation pane, click Express Connect Router (ECR). On the Express Connect Router (ECR) page, find the ECR that you want to delete and click Delete in the Actions column.

3. In the dialog box that appears, confirm that your services are not affected after you delete the ECR, and click OK.

More operations

In the left-side navigation pane, click Express Connect Router (ECR). On the Express Connect Router (ECR) page, find the ECR that you want to manage and click the name of the ECR. On the details page of the ECR, you can perform operations based on your business requirements. The following table describes the operations.