Resource Limits
|
Connections per user | 10 | Yes | Each user can have up to 10 connections. |
Dedicated tunnels per connection | 5 | Yes | Up to 5 dedicated tunnels can be created in each connection |
DC gateways per VPC | 2 (One standard gateway and one NAT gateway) | No | Up to 2 Direct Connect gateways can be configured in each VPC. |
Local IP translations per DC gateway | 100 | Yes | Up to 100 local IP translations can be configured for each Direct Connect gateway. |
Peer IP translations per DC gateway | 100 | Yes | Up to 100 peer IP translations can be configured for each Direct Connect gateway. |
Local source IP port translations per DC gateway | 20 | Yes | Up to 20 local source IP port translations can be configured for each dedicated gateway. |
Local destination IP port translations per DC gateway | 100 | Yes | Up to 100 local destination IP port translations can be configured for each Direct Connect gateway. |
Static routes per dedicated tunnel | Dedicated tunnel 1.0: 20 | No | Up to 20 static routes can be configured for a dedicated tunnel 1.0. |
| Dedicated tunnel 2.0: 50 | Yes | Up to 50 static routes can be configured for a dedicated tunnel 2.0. To adjust the quota, please submit a ticket. |
BGP routes per dedicated tunnel | Dedicated tunnel 1.0: 100 | No | Up to 100 BGP routes can be configured for a dedicated tunnel 1.0. |
| Dedicated tunnel 2.0: 100 | Yes | Up to 100 BGP routes can be configured for a dedicated tunnel 2.0. To adjust the quota, please submit a ticket. |
Access Limits
Direct Connect
When a Direct Connect gateway is created, the content of IP translation and IP port translation are left empty by default. In this case, neither of them takes effect.
Dedicated tunnels support BGP routing and static routing.
Note the following limits for delivering routes:
127.0.0.0/8
、 224.0.0.0/4
、240.0.0.0/4
、169.254.0.0/16
、255.255.255.255/32
、0.0.0.0/0-0.0.0.0/32
.
Subnets and other IP addresses in the same network segment. To allow mutual access, submit a ticket to enable peer IP redistribution. IP translation
IP address pools cannot fall within the CIDR block of the VPC in which the direct connect gateway resides.
ACL rules for multiple IP address pools should not overlap. Otherwise, this will cause network address translation conflicts.
IPs among multiple IP address pools cannot overlap.
IP address pools only support a single IP or IP ranges, and /24
IP ranges should be consistent. For example, 192.168.0.1 - 192.168.0.6
is supported, but 192.168.0.1 - 192.168.1.2
is not.
Address pools should not contain the broadcast address (255.255.255.255
), Class D addresses (224.0.0.0 - 239.255.255.255
), or Class E addresses (240.0.0.0 - 255.255.255.254
).
Local source IP port translation supports up to 100 IP address pools, each supporting up to 20 ACL rules. You can submit a ticket to increase the quota if needed. To switch from IP translation to IP port translation, remove the original IP translation rules and refresh the page to edit the IP port translation rules.
IP port translation
The source IP must fall within the CIDR range of the VPC in which the Direct Connect gateway resides.
The source IP port must be unique. In other words, an IP port in a VPC can only be mapped to one IP port.
The mapped IP port cannot fall within the CIDR range of the VPC.
The mapped IP port must be unique. In other words, multiple IP ports in a VPC cannot be mapped to one IP port.
Original IPs and mapped IPs do not support the broadcast address (255.255.255.255
), Class D addresses (224.0.0.0 - 239.255.255.255
), and Class E addresses (240.0.0.0 - 255.255.255.254
).
Local destination IP port translation supports up to 100 IP port mappings. You can submit a ticket to increase the quota if needed. If both IP translation and IP port translation are configured, IP translation takes priority when both are hit.
Network Limits
To establish a connection between the cusotmer IDC and Tencent Cloud, check that the MAC addresses of both parties meet the following requirements.
MAC
The Tencent Cloud access exchange uses a fixed MAC address of 3c:fd:fe:29:cb:c2. This MAC address cannot be used by the customer IDC access device. Otherwise, the MAC address conflict will cause MAC address flapping (switching jump), which leads to network problems such as unreachable networks, slow response, and no response.
Note:
MAC address flapping (switching jump) occurs when a MAC address is learned by two outbound interfaces in the same VLAN and the MAC address entry learned later overrides the earlier one, making the MAC address unstable.
The following are scenarios where MAC address flapping occurs.
As shown in the figure above, customer exchange B connects to Tencent Cloud exchanges A and A1 through two connections (connections 1 and 2).
MAC address flapping occurs in exchange B when Tencent Cloud returns packets to the customer IDC.
Access Limits
To prevent network congestion due to network loops, you are advised to use layer-3 network sub-interfaces to connect to Tencent Cloud Direct Connect devices.
Was this page helpful?