Step 1: Create a VPC

Before creating your VPCs, determine how many VPCs, the number of subnets, and what IP address ranges you will need. For details, see Network Planning.

In the instructions presented here, our sample VPC is named vpc-test and its default subnet called subnet-01.

1. Log in to the management console.
2. Click in the upper left corner and select the desired region and project.
3. Under Network, click Virtual Private Cloud.
4. Click Create VPC.
5. Set the VPC and subnet parameters.
   Figure 2 Creating a VPC and subnet
   

   Table 1 VPC parameter description

   Parameter	Description	Example Value
   Region	Specifies the desired region. Regions are geographic areas that are physically isolated from each other. The networks inside different regions are not connected to each other, so resources cannot be shared across different regions. For lower network latency and faster access to your resources, select the region nearest you.	CN North-Beijing1
   Name	Specifies the VPC name.	vpc-test
   CIDR Block	Specifies the Classless Inter-Domain Routing (CIDR) block of the VPC. The CIDR block of a subnet can be the same as the CIDR block for the VPC (for a single subnet in the VPC) or a subset of the CIDR block for the VPC (for multiple subnets in the VPC). The following CIDR blocks are supported: 10.0.0.0/8-24 172.16.0.0/12-24 192.168.0.0/16–24	192.168.0.0/16
   Enterprise Project	When creating a VPC, you can add the VPC to an enabled enterprise project. An enterprise project facilitates project-level management and grouping of cloud resources and users. The name of the default project is default. For details about creating and managing enterprise projects, see the Enterprise Management User Guide.	default
   Tag	Specifies the VPC tag, which consists of a key and value pair. You can add a maximum of ten tags to each VPC. The tag key and value must meet the requirements listed in Table 3.	Key: vpc_key1 Value: vpc-01

   Table 2 Subnet parameter description

   Parameter	Description	Example Value
   AZ	An AZ is a geographic location with independent power supply and network facilities in a region. AZs are physically isolated, and AZs in the same VPC are interconnected through an internal network.	AZ3
   Name	Specifies the subnet name.	subnet-01
   CIDR Block	Specifies the CIDR block for the subnet. This value must be within the VPC CIDR block.	192.168.0.0/24
   Advanced Settings	Two options are available, Default and Custom. You can set Advanced Settings to Custom to configure advanced subnet parameters.	Default
   Gateway	Specifies the gateway address of the subnet.	192.168.0.1
   DNS Server Address	By default, there are two DNS server addresses configured (two private DNS server addresses or one private DNS server address and one public DNS server address. A private DNS server address takes precedence over a public DNS server address). In this way, services in the VPC can access cloud services through the private DNS server address, reducing the latency. If you want to use a public DNS server for resolution, you can change the default DNS server addresses.	100.125.x.x
   Tag	Specifies the subnet tag, which consists of a key and value pair. You can add a maximum of ten tags to each subnet. The tag key and value must meet the requirements listed in Table 4.	Key: subnet_key1 Value: subnet-01

   Table 3 VPC tag key and value requirements

   Parameter	Requirements	Example Value
   Key	Cannot be left blank. Must be unique for the same VPC and can be the same for different VPCs. Can contain a maximum of 36 characters. Can contain letters, digits, underscores (_), and hyphens (-).	vpc_key1
   Value	Can contain a maximum of 43 characters. Can contain letters, digits, underscores (_), periods (.), and hyphens (-).	vpc-01

   Table 4 Subnet tag key and value requirements

   Parameter	Requirements	Example Value
   Key	Cannot be left blank. Must be unique for each subnet. Can contain a maximum of 36 characters. Can contain letters, digits, underscores (_), and hyphens (-).	subnet_key1
   Value	Can contain a maximum of 43 characters. Can contain letters, digits, underscores (_), periods (.), and hyphens (-).	subnet-01

   In this example, only the default subnet will be created. If you need more subnets, you can click Add Subnet to create subnets as desired.

   You can set Advanced Settings to Custom to configure advanced subnet parameters. In this example, Advanced Settings is set to Custom.

6. Click Create Now.

Step 2: Buy an ECS

On the management console, under Computing, click Elastic Cloud Server, and then click Buy ECS. For details, see Elastic Cloud Server User Guide.

Configure the network as follows:

Figure 3 Network configuration

• Network: Select the created VPC vpc-test and subnet subnet-01.
• Security Group: Select the default security group Sys-default. Table 5 describes the default rules for the default security group. You can also create a security group and add rules to the security group. For details, see Creating a Security Group and Adding a Security Group Rule.

  Table 5 Default security group rules

  Direction	Protocol	Port/Range	Source/Destination	Description
  Outbound	All	All	Destination: 0.0.0.0/0	Allows all outbound traffic.
  Inbound	All	All	Source: ID of the current security group (for example, sg-xxxxx)	Allows communication among ECSs within the security group and denies all inbound traffic (incoming data packets).
  Inbound	TCP	22	Source: 0.0.0.0/0	Allows all IP addresses to access Linux ECSs over SSH.
  Inbound	TCP	3389	Source: 0.0.0.0/0	Allows all IP addresses to access Windows ECSs over RDP.

• EIP: Select Not required.

Step 3: Buy an EIP and Bind It to an ECS

The EIP service provides independent public IP addresses and bandwidth for Internet access. You can buy an EIP and bind it to an ECS to allow the ECS to access the Internet.

If you already have an EIP that has not been bound to any resource, you can directly bind the EIP to the ECS.

Buying an EIP

1. Log in to the management console.
2. Click in the upper left corner and select the desired region and project.
3. On the console homepage, under Network, click Virtual Private Cloud.
4. In the navigation pane on the left, choose Elastic IP and Bandwidth > EIPs.
5. Click Buy EIP.
6. Set parameters as prompted.
   Figure 4 Buying an EIP
   

   Table 6 Parameter descriptions

   Parameter	Description	Example Value
   Billing Mode	The following billing modes are available: Yearly/Monthly Pay-per-use	Pay-per-use
   Region	Specifies the desired region. Regions are geographic areas that are physically isolated from each other. The networks inside different regions are not connected to each other, so resources cannot be shared across different regions. For lower network latency and faster access to your resources, select the region nearest you.	CN North-Beijing1
   EIP Type	Dynamic BGP: Dynamic BGP provides automatic failover and chooses the optimal path when a network connection fails. Static BGP: Static BGP offers more routing control and protects against route flapping, but an optimal path cannot be selected in real time when a network connection fails.	Dynamic BGP
   Billed By	This parameter is available when you set Billing Mode to Pay-per-use. Bandwidth: You specify a maximum bandwidth and pay for the amount of time you use the bandwidth. This is suitable for scenarios with heavy or stable traffic. Traffic: You specify a maximum bandwidth and pay for the total traffic you use. This is suitable for scenarios where the traffic is light or sharply fluctuating. Shared Bandwidth: The bandwidth can be shared by multiple EIPs. This is suitable for scenarios with staggered traffic.	Bandwidth
   Bandwidth	Specifies the bandwidth size in Mbit/s.	5
   IPv6 EIP	If this option IPv6 is selected, you will obtain an extra IPv6 EIP. External IPv6 addresses can access cloud resources through this IPv6 EIP.	Enabled
   Bandwidth Name	Specifies the name of the bandwidth.	bandwidth-test
   Required Duration	This parameter is available if Billing Mode is set to Yearly/Monthly.	1 month
   Quantity	Specifies the number of EIPs to be assigned. You can set the number of EIPs to be assigned only when Billing Mode is set to Pay-per-use.	1
   Tag	Specifies the EIP tag that consists of a key and value pair. The tag key and value must meet the requirements listed in Table 7.	Key: Ipv4_key1 Value: 192.168.12.10
   Enterprise Project	When assigning an EIP, you can add the EIP to an enabled enterprise project. An enterprise project facilitates project-level management and grouping of cloud resources and users. The name of the default project is default. For details about creating and managing enterprise projects, see the Enterprise Management User Guide.	default

   Table 7 EIP tag requirements

   Parameter	Requirement	Example Value
   Key	Cannot be left blank. Must be unique for each EIP. Can contain a maximum of 36 characters. Can contain letters, digits, underscores (_), and hyphens (-).	Ipv4_key1
   Value	Can contain a maximum of 43 characters. Can contain letters, digits, underscores (_), periods (.), and hyphens (-).	192.168.12.10

7. Click Buy Now.

Binding the EIP

1. In the EIP list, locate the target EIP and click Bind.
   Figure 5 Bind
   
2. Select the ECS.
   Figure 6 Bind EIP
   

3. Click OK.

Verifying the Result

If the EIP was successfully bound to the ECS, you can access the ECS from the Internet. You can use SSH or RDP to connect to the ECS through the EIP, or ping the EIP of the ECS to test that the ECS can be accessed from the Internet.

Ensure that the security group of the ECS allows the ICMP traffic (ping) and the access from specific ports, such as port 22 (SSH) and port 3389 (RDP). For details, see Security Group Configuration Examples and Adding a Security Group Rule.