Last updated: 2019-09-17 18:56:07PDF
Each autonomous system used in BGP routing is assigned a unique autonomous system number (ASN). ASNs are distributed in batches to Regional Internet Registries (RIRs) by the Internet Assigned Numbers Authority (IANA, which is also responsible for assigning IP addresses). An RIR further assigns an ASN to an entity from the batch of ASNs it received from IANA. To obtain an ASN, an entity must submit an application in accordance with the procedures stipulated by the RIR in its locality. An ASN will be assigned after the application is approved.
Peering connection is the connection established among different VPCs, supporting cross-account and cross-region communication between VPCs.
Internet Protocol Security (IPsec) is a protocol packet that protects the network transfer protocol family of the IP protocol (i.e., a set of interrelated protocols) by encrypting and authenticating the IP protocol groupings.
It is mainly composed of the following protocols:
- Authentication header: Provides connectionless data integrity, message authentication, and replay attack prevention for IP datagrams.
- Encapsulated security payload: Provides confidentiality, data source authentication, connectionless integrity, replay attack prevention, and limited transport stream confidentiality.
- Security association: Provides algorithms, data packets, and parameters required by authentication header and encapsulate security payload operations.
A route table contains a set of routing policies for defining the network traffic direction of each subnet in a VPC. Each subnet is associated with one and only one route table, while each route table can be associated with multiple subnets in the same VPC.
A virtual private cloud (VPC) builds a separate network space in Tencent Cloud, which is very similar to a traditional network run in your IDC, except that the services hosted in a VPC are your Tencent Cloud services such as CVM, CLB, and TencentDB. You do not need to worry about the procurement and OPS of network devices; instead, you only need to customize IP ranges, IP addresses, routing policies, etc. through easy-to-use software programs. You can use EIPs, NAT gateways, and public gateways to flexibly access the internet or interconnect a VPC with your IDC through VPN or Direct Connect. In addition, the peering connection service of VPC can help you easily implement a unified server for global access and 2-region-3-DC disaster recovery, and the security group and network ACL features of VPC ensures comprehensive network security.
Virtual local area network (VLAN) is a network management technology based on LAN switching. A switch can generally be divided into 255 VLANs, and the ID of each VLAN can be any number between 1 and 4096. VLAN IDs are used to distinguish VLANs. The TAG UNTag member attribute can be set to tag downstream or upstream datagrams of a port.
A connection is a physical line that connects Tencent Cloud with your local IDC. Dedicated tunnels can be established between one connection and Direct Connect gateways in multiple regions.
A subnet is a flexible way to segment a VPC into different IP ranges. Applications and services can be deployed in different subnets to securely and elastically host multi-layer web applications in a VPC.
Direct Connect is a fast way to connect Tencent Cloud with your local IDC. A connection can be established to communicate with Tencent Cloud resources in multiple regions for elastic and reliable hybrid cloud deployment. Direct Connect supports two-line hot backup access mode free of single points of failure to meet the high networking requirements in demanding industries such as finance.
Dedicated tunnels are network linkage components of a connection. Dedicated tunnels that connect to different Direct Connect gateways can be created to enable communication between your local IDC and multiple VPCs.
Direct Connect Gateway
A Direct Connect gateway is a connection traffic entry for a VPC to which multiple dedicated tunnels can be connected for communication with multiple local IDCs.