A routing policy specifies how a Smart Access Gateway (SAG) device learns the private CIDR block of an on-premises network. After you configure a routing policy, SAG devices can automatically advertise the learned private CIDR block of an on-premises network to Alibaba Cloud.

Procedure

  1. Log on to the SAG console.
  2. In the top navigation bar, select the region.
  3. On the Smart Access Gateway page, find the SAG instance that you want to manage, and use one of the following method to go to the Network Configuration tab.
    • Click the ID of the SAG instance that you want to manage. On the instance details page, click the Network Configuration tab.
    • Click Network Configuration in the Actions column.
  4. On the Network Configuration tab, click Method to Synchronize with On-premises Routes in the left-side navigation pane.
  5. On the Method to Synchronize with On-premises Routes tab, create a routing policy.
    • Static Routing: Static routing is the default policy and requires you to manually add private CIDR blocks. SAG does not automatically learn the CIDR blocks of on-premises networks. After you add a private CIDR block, it is advertised to Cloud Connect Network (CCN).

      Click Add Static Route. In the Add Static Route dialog box, enter the private CIDR block that you want to advertise to Alibaba Cloud and click OK.

      Note
      • The subnet mask of the CIDR block must be 8 to 32 bits in length, which is based on the private CIDR block that the on-premises network falls within. For example, if the IP address of an on-premises terminal is 192.168.0.100 and the subnet mask is 255.255.0.0, the CIDR block is 192.168.0.0/16.
      • By default, you can add up to 10 private CIDR blocks to an SAG instance. If you want to request a quota increase, submit a ticket.
    • Dynamic Routing: Dynamic routing enables SAG devices to learn and advertise the private CIDR block of an on-premises network to CCN. If you enable dynamic routing, a dynamic routing protocol, such as BGP or OSPF, is used between the SAG device and the on-premises device, which can be a switch or an Internet-facing router.

      For more information about how to configure a dynamic routing protocol, see Configure BGP routing and Configure OSPF routing.