Cloud Connect Network (CCN) is a device access matrix built on distributed Alibaba Cloud access gateways. As an important component of Smart Access Gateway (SAG), CCN is the entry point that connects your on-premises network to Alibaba Cloud: attach an SAG device to a CCN, and traffic from your branch or data center flows through the CCN into Alibaba Cloud.
CCN supports two connection modes:
Same-area connectivity — Connect CCN to a Cloud Enterprise Network (CEN) in the same area. The on-premises network associated with the CCN communicates directly with cloud resources without requiring cross-region bandwidth.
Cross-area connectivity — Connect CCN to a CEN in a different area. Purchase a bandwidth plan for the CEN and configure cross-region bandwidth to enable communication between the on-premises network and cloud resources.
For more information about CEN, see What is Cloud Enterprise Network?
Key concepts
CCN area — A geographic grouping unique to CCN. Each area covers multiple Alibaba Cloud regions. An area is not the same as a region: one area maps to several regions, and connectivity rules are determined at the area level, not the region level.
SAG device — The physical or virtual gateway deployed at your branch or data center. An SAG device must be attached to a CCN in the same area. Cross-area attachment is not supported.
CEN — Cloud Enterprise Network. Connects CCN to your Alibaba Cloud VPCs and establishes full-mesh connectivity across your hybrid network.
Bandwidth plan — A CEN resource that allocates cross-region bandwidth. Required only when your CCN and cloud network are in different areas.
Mapping between CCN areas and CEN regions
Each CCN area covers one or more CEN regions. A CCN in an area can connect to networks in any of the regions that area covers.
| CCN area | Corresponding CEN regions |
|---|---|
| The Chinese mainland | China (Qingdao), China (Beijing), China (Zhangjiakou), China (Hohhot), China (Ulanqab), China (Shenzhen), China (Heyuan), China (Guangzhou), China (Hangzhou), China (Shanghai), China (Chengdu) |
| China (Hong Kong) | China (Hong Kong) |
| Singapore | Singapore |
| Malaysia (Kuala Lumpur) | Malaysia (Kuala Lumpur) |
| Indonesia (Jakarta) | Indonesia (Jakarta) |
| Japan (Tokyo) | Japan (Tokyo) |
| Germany (Frankfurt) | Germany (Frankfurt) |
When you create a CCN, you must select an area. For a list of supported areas, see CCN areas.
For example, to connect a branch in Hangzhou to a Virtual Private Cloud (VPC) in the China (Shanghai) region using an SAG device, connect the CCN in the Chinese mainland (associated with the Hangzhou branch) to the CEN that contains the VPC.
When do you need a bandwidth plan?
| Scenario | Bandwidth plan required? |
|---|---|
| CCN and VPC are in the same CCN area (for example, a Chinese mainland CCN connecting to any China mainland region) | No |
| CCN and VPC are in different CCN areas (cross-border) | Yes |
Example: A CCN in the Chinese mainland area, VPC1 in China (Qingdao), VPC2 in China (Beijing), and VPC3 in China (Hong Kong) are all attached to the same CEN.
The on-premises network associated with the Chinese mainland CCN communicates directly with VPC1 and VPC2 — both are within the Chinese mainland area, so no cross-region bandwidth is needed.
To enable communication between the on-premises network and VPC3 in China (Hong Kong), you must configure cross-region bandwidth in the CEN because China (Hong Kong) is a separate CCN area.
Cross-region bandwidth is not required for communication between regions within the same CCN area. It is required for communication between different CCN areas.