The network is part of the infrastructure , Network disaster recovery construction is an important indicator of data center acceptance . Imagine that there is a single point in the network link of a data center , Just like a city where all roads are one-way streets , In the event of a traffic accident , Small will lead to road congestion , Large will lead to traffic paralysis in the whole city .IDC Time , The business is less involved in network disaster recovery , It mainly depends on the degree of data center network disaster recovery construction ; When it comes to the cloud age , After the cloud service provider products the underlying network capabilities , Cloud customers are more involved in network disaster recovery , Improve business stability . This article gives an overview of cloud network , Cloud network disaster tolerance complexity and typical cases to introduce cloud network disaster tolerance construction .

1. Cloud Network Overview

Cloud network overview is mainly divided into cloud service provider infrastructure network architecture and cloud products , Let cloud customers have a deeper understanding of cloud network , Make good use of cloud network .

1.1 Cloud service provider network architecture

This section focuses on the following issues from the perspective of business disaster recovery construction ：

1） Are the underlying cloud networks in different availability zones of cloud service providers completely independent ？

Take Tencent cloud for example , When building a data center in a usable area , The bottom network and the power of the computer room shall be unified ; So different zones , The underlying networks are completely independent , Whether at the data level or the control level , Are completely isolated without intersection .

2） How long is the network delay in different availability zones in the same region ？

Take Tencent cloud for example , When selecting the computer room address in the same region , Distance greater than 60 km , It is required that the delay of different availability zones is less than 3ms, To meet the basic needs of cloud customers for local disaster recovery construction . When considering disaster recovery construction for cloud businesses , Virtual machines in different availability zones interact with each other PING To evaluate the specific delay . Take Guangzhou as an example , As a reference ：

3） Network stability between different availability zones

Take Tencent cloud for example , The WAN is connected through BR Core router interworking , Metropolitan area network DR Core router interworking architecture , As shown in the figure below ：

• Wan stability , The links between different regions provide redundancy for multiple optical fibers , At the same time, different regions form a ring , If part of the optical fiber of the direct link is interrupted , Priority is given to load recovery , In extreme cases , All direct links in different regions are interrupted , Restore service through the loop , Ensure business stability .
• Metropolitan area network stability , Different zones give priority to through trains to reduce network delay in different zones ; At the same time through “ Four fibers and three routes ” To improve the automatic self-healing capability of optical fiber interruption （ Less than 50ms）. If DR Part of the optical fiber of the through train is interrupted , adopt “ Four fibers and three routes ” To quickly restore business ; If DR All optical fibers are interrupted between , adopt BR Link to restore service .

4） How to deal with abnormal extreme conditions of the entire public network

Take Tencent cloud for example , Different regions will connect with the current ISP; For example, Guangzhou public network is abnormal , Cloud scheduling capability through intranet , Combined with network load capacity , From different regions ISP Visit the public network . for example 2019 year 3 month , The public network of Shanghai Telecom is abnormal , The cloud side has been used from fault discovery to recovery 2 minute . See http://www.etudu.com/?id=67.

1.2 Cloud network products

For cloud network products , From the business flow dimension, it is mainly divided into ：

2. Network disaster recovery complexity

Disaster recovery construction in the same city or in different places , There are three main factors at the network level ：

1） Cross region or cross region network delay , Impact on upper level business .

Network delay , The means to optimize the infrastructure are very limited , After all, it is limited by the actual physical distance and the speed of light . If the service is sensitive to network delay , It is usually to add middleware or buffer layer to reduce latency .

2） Disaster tolerance capability of cloud infrastructure across regions or regions .

Generally, the data centers of cloud service manufacturers have disaster tolerance capability , Here, it is suggested to choose large factories .

3）IDC To the cloud network high availability construction .

Hybrid cloud disaster recovery mode , Here, consider IDC And the disaster tolerance of the line on the cloud , It is generally recommended that two dedicated lines be connected to different POP Click to build disaster recovery ; At the same time establish VPN perhaps GRE Public network escape routes to restore business in an emergency .

3. Network disaster recovery cases

3.1 Public network CLB disaster

Public network CLB The multi availability zone capability has been launched , But you need the account disclosure support . If the stock public network CLB It is a single zone , It is recommended to upgrade to multi availability zone . Currently, smooth upgrade is not supported . Specific process ：

1. Need to purchase new multi availability zones CLB, Binding back end RS,

2. Cutting flow gray to multi availability area CLB, After normal business , Cut off all flow

3. Observe the flow of single availability zone , When there is no traffic or number of links , Official Downline .

Be careful ： For the entrance VIP Write about death , The cost of client upgrade is high .

3.2 Hybrid cloud network disaster recovery

Hybrid cloud network disaster tolerance is divided into two parts ：

1）idc And the cloud machine room , The main lines are divided into special lines and VPN. Special line is the main line , Different POP Point access ;VPN Supplemented , The most emergency escape route , At the same time, pay attention to the cloud vpn The maximum bandwidth bearer of the gateway is 1G, If business requirements are not met , It is recommended to use GRE The scheme acts as an emergency channel .

2） Cloud side gateway disaster recovery , Mainly for dedicated line access , Through the cloud connected private line network and vpc Dedicated line gateway to achieve high availability ; Usually , The cloud networking dedicated line gateway is mainly used ,VPC Supplemented by dedicated line gateway .

Fault deduction ：

1） Some special line channels are abnormal , The traffic will be automatically dispatched to other dedicated lines , Limited impact on business perception .

2） All special line channels are abnormal , The service traffic shall be dispatched to the public network to recover the service , You need to call API Interface disabled VPC Type dedicated line gateway routing , And add VPN/GRE Route to manually resume business . Mainly because of the current VPC At present, type a dedicated line gateway only supports static routing , As a result, the route cannot converge automatically .

3） The cloud networking dedicated line gateway is abnormal , Business traffic will be automatically scheduled to VPC Type dedicated line gateway to restore service , Limited impact on business perception .