Tencent Cloud

Recent Pages

Shared Dedicated Tunnel

Last updated: 2024-01-13 16:40:45

A dedicated tunnel is a network linkage segmentation of a connection. You can create dedicated tunnels that connect to different direct connect gateways to enable communication between your on-premises IDC and multiple VPCs. This document describes how to create a shared dedicated tunnel.
Overview
CTCC, CMCC, CUCC, CITIC and other partners with A14 and A26 telecommunications qualifications have pre-established connections with Tencent connection access points. You can access Tencent Cloud by sharing the partners' connections according to your actual needs.
A shared dedicated tunnel is a dedicated tunnel created using the partner's connection. It is applicable for scenarios where there is no need for high-bandwidth access and the cloudification time is short.
The procedure for enabling a shared dedicated tunnel is as follows:
﻿
Prerequisites
You have obtained the connection instance ID for the shared dedicated tunnel and Tencent Cloud entity accounts' UINs of the connection provider from the supplier.
Create a direct connect gateway. See Creating Direct Connect Gateway.
Directions
Step 1: Apply for a dedicated tunnel
1. Log in to the Direct Connect console.
2. In the left sidebar, choose Dedicated tunnels > Shared dedicated tunnel. Click + New, specify essential parameters such as the name, connection type, access network, gateway region, and associated direct connect gateway, and click Next.
﻿
Field
Description
Name
Enter a name for your dedicated tunnel.
Connection type
Select the shared connection.
Provider account ID
Provides a connection provider that establishes a pre-connection with Tencent: 
Currently, only suppliers with A14 and A26 telecommunication qualifications (such as CTCC, CMCC, CUCC, and CITIC) are supported to create a shared tunnel.
If you need to share your connection with a subsidiary or your other Tencent Cloud accounts, please contact Tencent technical support for assistance.
The fee of sharing the tunnel shall be borne by the tunnel user.
Shared tunnel ID
Enter the ID of the connection instance used to create the shared tunnel.
Access Network
If the tunnel type is `1.0`, you can select CCN or VPC.
If the tunnel type is `2.0`, you can select CCN, VPC, or NAT.
Region
If you select CCN, the region defaults to the region where the CCN-based direct connect gateway is located.
If you select VPC, for a 2.0 dedicated tunnel, you can only select the region where the connection is located; for a 1.0 dedicated tunnel, you can select any region.
VPC
Select the VPC instance to be connected to by the dedicated tunnel.
Direct Connect Gateway
Associate an existing direct connect gateway with the dedicated tunnel. A 2.0 tunnel does not support a NAT-type direct connect gateway.
﻿
3. Configure the following parameters on the Advanced Configuration page.
Field
Description
VLAN ID
One VLAN corresponds to one tunnel. Valid range: [0,3000).
If the value is 0, only 1 tunnel can be created. Use physical layer 3 interfaces for the connection.
If the value is between 1 and 2999, multiple tunnels can be created. Use layer 3 sub-interfaces for the connection. When only the layer 2 connection is supported, please disable the STP protocol under the interface at the IDC side. In the case of multiple dedicated tunnels, when the MSTP connection passes through multiple VLANs, the carrier line needs to enable the Trunk mode.
Bandwidth
Specify the bandwidth cap of the dedicated tunnel, which cannot exceed the maximum bandwidth of the associated connection. If the billing mode is pay-as-you-go by monthly 95th percentile, this parameter does not mean the billable bandwidth.
Tencent Cloud Primary IP1
Enter the connection IP address on the Tencent Cloud side. Do not use the following IP ranges or IP addresses: 169.254.0.0/16, 127.0.0.0/8, 255.255.255.255, 224.0.0.0 - 239.255.255.255, 240.0.0.0 - 255.255.255.254.
Tencent Cloud Primary IP2
Enter the secondary IP address of the connection on the Tencent Cloud side. The secondary IP will be automatically used to ensure the normal operation of your business when the Tencent Cloud primary IP fails and becomes unavailable. This field is not supported when the mask of the secondary IP address is 30 or 31.
User Border IP
Configure the connection IP address on the user (or carrier) side.
Routing Mode
Select:
BGP Routing: Applicable to the exchange of routing information and network accessibility across autonomous systems (AS).
Static Routing: Applicable to a simper network environment.
Health Check
Health check is enabled by default. BFD and NQA modes are provided. For details, see Dedicated tunnel health check.
Check mode
BFD and NQA modes are provided
Health Check Interval
The interval between two health checks.
Number of Failed Health Checks
Switch the route after the configured consecutive failed health checks.
BGP ASN
Enter the BGP neighbor ASN on the CPE side. Note that the Tencent Cloud ASN is 45090. If this field is left empty, a random ASN will be assigned.
BGP Key
Enter the MD5 value of the BGP neighbor, which defaults to "tencent". If it is left empty, no BGP key is required. It cannot contain 6 special characters including ?, &, space, ", \\, and +.
Note: 
If Static is selected as the routing mode, do not directly publish the following routes: 9.0.0.0/8, 10.0.0.0/8, 11.0.0.0/8, 30.0.0.0/8, 100.64.0.0/10, 131.87.0.0/16, 172.16.0.0/12 and 192.168.0.0/16` when configuring IDC IP ranges. Instead, you need to first split them as follows.
9.0.0.0/8 is split into 9.0.0.0/9 + 9.128.0.0/9.
10.0.0.0/8 is split into 10.0.0.0/9 + 10.128.0.0/9.
11.0.0.0/8 is split into 11.0.0.0/9 + 11.128.0.0/9.
30.0.0.0/8 is split into 30.0.0.0/9 + 30.128.0.0/9.
100.64.0.0/10 is split into 100.64.0.0/11 + 100.96.0.0/11.
131.87.0.0/16 is split into 131.87.0.0/17 + 131.87.128.0/17.
172.16.0.0/12 is split into 172.16.0.0/13 + 172.24.0.0/13.
192.168.0.0/16 is split into 192.168.0.0/17 + 192.168.128.0/17.
4. Configure IDC devices. You can click Download configuration guide to download related files and complete the configurations as instructed in the guide.
Parameter
Description
Remarks
CPE IP Range
Enter the customer IP range if Static is selected as the routing mode. This parameter cannot conflict with the VPC IP range in a non-NAT mode.
You can update the IP range later via "Change Tunnel" in the console.
5. Click Submit.
After being created, the shared dedicated tunnel is in Pending accepted status. It will turn to be Connected after being approved by the connection provider.
Step 2: Set the alarm recipient
After a dedicated tunnel is created, Tencent Cloud automatically configures four event alarms such as DirectConnectTunnelDown, DirectConnectTunnelBFDDown, DirectConnectTunnelBGPSessionDown, and DirectConnectTunnelRouteTableOverload, helping you monitor and manage your dedicated tunnels. For more information on the event alarms, see Alarm Overview.
The automatically created default alarm policy is not configured with recipient information, and only supports console alarms. You can configure alarm recipients. For details, see [**Configuring Alarm Policies**](https://www.tencentcloud.com/ document/product/216/38402).

Contact Us

Contact our sales team or business advisors to help your business.

Technical Support

Open a ticket if you're looking for further assistance. Our Ticket is 7x24 avaliable.

7x24 Phone Support

tencent cloud

Recent Pages

Shared Dedicated Tunnel

Overview

Prerequisites

Directions

Step 1: Apply for a dedicated tunnel

Step 2: Set the alarm recipient

Was this page helpful?

Was this page helpful?

Field	Description
Name	Enter a name for your dedicated tunnel.
Connection type	Select the shared connection.
Provider account ID	Provides a connection provider that establishes a pre-connection with Tencent: Currently, only suppliers with A14 and A26 telecommunication qualifications (such as CTCC, CMCC, CUCC, and CITIC) are supported to create a shared tunnel. If you need to share your connection with a subsidiary or your other Tencent Cloud accounts, please contact Tencent technical support for assistance. The fee of sharing the tunnel shall be borne by the tunnel user.
Shared tunnel ID	Enter the ID of the connection instance used to create the shared tunnel.
Access Network	If the tunnel type is `1.0`, you can select CCN or VPC. If the tunnel type is `2.0`, you can select CCN, VPC, or NAT.
Region	If you select CCN, the region defaults to the region where the CCN-based direct connect gateway is located. If you select VPC, for a 2.0 dedicated tunnel, you can only select the region where the connection is located; for a 1.0 dedicated tunnel, you can select any region.
VPC	Select the VPC instance to be connected to by the dedicated tunnel.
Direct Connect Gateway	Associate an existing direct connect gateway with the dedicated tunnel. A 2.0 tunnel does not support a NAT-type direct connect gateway.

Field	Description
VLAN ID	One VLAN corresponds to one tunnel. Valid range: [0,3000). If the value is 0, only 1 tunnel can be created. Use physical layer 3 interfaces for the connection. If the value is between 1 and 2999, multiple tunnels can be created. Use layer 3 sub-interfaces for the connection. When only the layer 2 connection is supported, please disable the STP protocol under the interface at the IDC side. In the case of multiple dedicated tunnels, when the MSTP connection passes through multiple VLANs, the carrier line needs to enable the Trunk mode.
Bandwidth	Specify the bandwidth cap of the dedicated tunnel, which cannot exceed the maximum bandwidth of the associated connection. If the billing mode is pay-as-you-go by monthly 95th percentile, this parameter does not mean the billable bandwidth.
Tencent Cloud Primary IP1	Enter the connection IP address on the Tencent Cloud side. Do not use the following IP ranges or IP addresses: 169.254.0.0/16, 127.0.0.0/8, 255.255.255.255, 224.0.0.0 - 239.255.255.255, 240.0.0.0 - 255.255.255.254.
Tencent Cloud Primary IP2	Enter the secondary IP address of the connection on the Tencent Cloud side. The secondary IP will be automatically used to ensure the normal operation of your business when the Tencent Cloud primary IP fails and becomes unavailable. This field is not supported when the mask of the secondary IP address is 30 or 31.
User Border IP	Configure the connection IP address on the user (or carrier) side.
Routing Mode	Select: BGP Routing: Applicable to the exchange of routing information and network accessibility across autonomous systems (AS). Static Routing: Applicable to a simper network environment.
Health Check	Health check is enabled by default. BFD and NQA modes are provided. For details, see Dedicated tunnel health check.
Check mode	BFD and NQA modes are provided
Health Check Interval	The interval between two health checks.
Number of Failed Health Checks	Switch the route after the configured consecutive failed health checks.
BGP ASN	Enter the BGP neighbor ASN on the CPE side. Note that the Tencent Cloud ASN is 45090. If this field is left empty, a random ASN will be assigned.
BGP Key	Enter the MD5 value of the BGP neighbor, which defaults to "tencent". If it is left empty, no BGP key is required. It cannot contain 6 special characters including ?, &, space, ", \\, and +.

Parameter	Description	Remarks
CPE IP Range	Enter the customer IP range if Static is selected as the routing mode. This parameter cannot conflict with the VPC IP range in a non-NAT mode.	You can update the IP range later via "Change Tunnel" in the console.

tencent cloud

Sign Up

Log in

Recent Pages

Shared Dedicated Tunnel

Overview

Prerequisites

Directions

Step 1: Apply for a dedicated tunnel

Step 2: Set the alarm recipient

Was this page helpful?

Was this page helpful?