El contenido no se encuentra disponible en el idioma seleccionado. Estamos trabajando continuamente para agregar más idiomas. Gracias por su apoyo.
- What's New
- Function Overview
- Service Overview
- Getting Started
-
User Guide
- Permissions Management
- VPC and Subnet
- Route Table and Route
- Virtual IP Address
-
Elastic Network Interface and Supplementary Network Interface
-
Elastic Network Interface
- Elastic Network Interface Overview
- Creating a Network Interface
- Viewing the Basic Information About a Network Interface
- Attaching a Network Interface to a Cloud Server
- Binding an EIP to a Network Interface
- Binding a Network Interface to a Virtual IP Address
- Detaching a Network Interface from an Instance or Unbinding an EIP from a Network Interface
- Changing Security Groups That Are Associated with a Network Interface
- Deleting a Network Interface
-
Supplementary Network Interfaces
- Supplementary Network Interface Overview
- Creating a Supplementary Network Interface
- Viewing the Basic Information About a Supplementary Network Interface
- Binding or Unbinding an EIP to or from a Supplementary Network Interface
- Changing Security Groups That Are Associated with a Supplementary Network Interface
- Deleting a Supplementary Network Interface
-
Network Interface Configuration Examples
- Binding an EIP to the Extended Network Interface of an ECS to Enable Internet Access
-
Configuring Policy-based Routes for an ECS with Multiple Network Interfaces
- Overview
- Collecting ECS Network Information
- Configuring IPv4 and IPv6 Policy-based Routes for a Linux ECS with Multiple Network Interfaces (CentOS)
- Configuring IPv4 and IPv6 Policy-based Routes for a Linux ECS with Multiple Network Interfaces (Ubuntu)
- Configuring IPv4 and IPv6 Policy-based Routes for a Windows ECS with Multiple Network Interfaces
-
Elastic Network Interface
-
Access Control
- Access Control Overview
-
Security Group
- Security Group and Security Group Rule Overview
- Default Security Groups
- Security Group Examples
- Common ECS Ports
- Managing a Security Group
-
Managing Security Group Rules
- Adding a Security Group Rule
- Fast-Adding Security Group Rules
- Allowing Common Ports with a Few Clicks
- Modifying a Security Group Rule
- Replicating a Security Group Rule
- Enabling or Disabling One or More Security Group Rules
- Importing and Exporting Security Group Rules
- Deleting One or More Security Group Rules
- Querying Security Group Rule Changes
- Managing Instances Added to a Security Group
- Network ACL
- IP Address Group
-
VPC Peering Connection
- VPC Peering Connection Overview
- VPC Peering Connection Usage
- Creating a VPC Peering Connection to Connect Two VPCs in the Same Account
- Creating a VPC Peering Connection to Connect Two VPCs in Different Accounts
- Obtaining the Peer Project ID of a VPC Peering Connection
- Modifying a VPC Peering Connection
- Viewing VPC Peering Connections
- Deleting a VPC Peering Connection
- Modifying Routes Configured for a VPC Peering Connection
- Viewing Routes Configured for a VPC Peering Connection
- Deleting Routes Configured for a VPC Peering Connection
- VPC Sharing
-
Edge Gateway
- Edge Gateway Overview
- Buying an Edge Gateway
- Associating VPCs with or Disassociating VPCs from an Edge Gateway
- Managing Edge Gateways
- Managing the Tags of an Edge Gateway
- Creating an Edge Connection
- Binding or Unbinding a Global Connection Bandwidth to and from an Edge Connection
- Managing Edge Connections
- IPv4/IPv6 Dual-Stack Network
- VPC Flow Log
-
Traffic Mirroring
- Traffic Mirroring
- Mirror Filters
-
Mirror Sessions
- Creating a Mirror Session
- Enabling or Disabling a Mirror Session
- Associating Mirror Sources with a Mirror Session
- Disassociating Mirror Sources from a Mirror Session
- Changing the Mirror Filter for a Mirror Session
- Changing the Mirror Target of a Mirror Session
- Modifying the Basic Information About a Mirror Session
- Viewing the Details About a Mirror Session
- Deleting a Mirror Session
- Traffic Mirroring Example Scenarios
- Monitoring and Auditing
- Managing Quotas
- Best Practices
-
API Reference
- Before You Start
- API Overview
- Calling APIs
- APIs
-
API V3
- VPC
- Security Group
- Security Group Rule
- IP Address Group
-
Supplementary Network Interface
- Creating a Supplementary Network Interface
- Creating Supplementary Network Interfaces in Batches
- Querying Supplementary Network Interfaces
- Querying the Details of a Supplementary Network Interface
- Querying the Number of Supplementary Network Interfaces
- Updating a Supplementary Network Interface
- Deleting a Supplementary Network Interface
-
Traffic Mirror Sessions
- Querying Traffic Mirror Sessions
- Querying Details About a Traffic Mirror Session
- Creating a Traffic Mirror Session
- Updating a Traffic Mirror Session
- Deleting a Traffic Mirror Session
- Disassociating a Traffic Mirror Source from a Traffic Mirror Session
- Associating a Traffic Mirror Source with a Traffic Mirror Session
- Traffic Mirror Filters
- Traffic Mirror Filter Rules
- Network ACL
- Network ACL Tag Management
- Port
-
Native OpenStack Neutron APIs (V2.0)
- API Version Information
- Port
- Network
- Subnet
- Router
-
Network ACL
- Querying Network ACL Rules
- Querying a Network ACL Rule
- Creating a Network ACL Rule
- Updating a Network ACL Rule
- Deleting a Network ACL Rule
- Querying Network ACL Policies
- Querying a Network ACL Policy
- Creating a Network ACL Policy
- Updating a Network ACL Policy
- Deleting a Network ACL Policy
- Inserting a Network ACL Rule
- Removing a Network ACL Rule
- Querying Network ACL Groups
- Querying a Network ACL Group
- Creating a Network ACL Group
- Updating a Network ACL Group
- Deleting a Network ACL Group
- Security Group
- Application Examples
-
Permissions and Supported Actions
- Introduction
- VPC
- Subnet
- Port
- VPC Peering Connection
- VPC Route
- Route Table
- Quota
- Private IP Address
- Security Group
- Security Group Rule
- VPC Tag
- Subnet Tag
- VPC Flow Log
- Port (OpenStack Neutron API)
- Network (OpenStack Neutron API)
- Subnet (OpenStack Neutron API)
- Router (OpenStack Neutron API)
- Network ACL (OpenStack Neutron API)
- Security Group (OpenStack Neutron API)
- VPC (V3)
- Security Group (V3)
- Security Group Rule (V3)
- IP Address Group (V3)
- Supplementary Network Interface (V3)
- Mirror Session (V3)
- Mirror Filter (V3)
- Mirror Filter Rule (V3)
- Network ACL (V3)
- Network ACL Tag (V3)
- Port (V3)
- Precautions for API Permissions
- FAQs
- Out-of-Date APIs
- Appendix
- SDK Reference
-
FAQs
-
Billing and Payments
- Will I Be Billed for Using the VPC Service?
- Why Is My VPC Still Being Billed After It Was Deleted?
- How Do I View My VPC Bills?
- How Is an EIP Charged?
- How Do I Change My EIP Billing Mode Between Pay-per-Use and Yearly/Monthly?
- How Do I Change the Billing Option of a Pay-per-Use EIP Between By Bandwidth and By Traffic?
-
VPCs and Subnets
- What Is Virtual Private Cloud?
- Which CIDR Blocks Are Available for the VPC Service?
- How Many VPCs Can I Create?
- Can Subnets Communicate with Each Other?
- What Subnet CIDR Blocks Are Available?
- Can I Change the CIDR Block of a Subnet?
- How Many Subnets Can I Create?
- How Do I Make the Changed DHCP Lease Time of a Subnet Take Effect Immediately?
- How Can I Make a Domain Name in a Subnet Take Effect Immediately After Being Changed?
- Why Can't I Delete My VPCs and Subnets?
- Can I Change the VPC of an ECS?
- Why Is the ECS IP Address Released After the System Time Is Changed?
- How Do I Change the DNS Server Address of an ECS?
-
EIPs
- How Do I Assign or Retrieve a Specific EIP?
- What Are the Differences Between EIPs, Private IP Addresses, and Virtual IP Addresses?
- Can I Change the Dedicated Bandwidth Used by an EIP to a Shared Bandwidth?
- How Many ECSs Can I Bind an EIP To?
- How Do I Access an ECS with an EIP Bound from the Internet?
- What Is the EIP Assignment Policy?
- Can I Bind an EIP of an ECS to Another ECS?
- Can I Buy a Specific EIP?
- How Do I Query the Region of My EIPs?
- How Can I Unbind an Existing EIP from an Instance and Bind Another EIP to the Instance?
- Can I Bind an EIP to a Cloud Resource in Another Region?
- Can I Change the Region of an EIP?
- VPC Peering Connections
- Virtual IP Addresses
-
Bandwidth
- What Are Inbound Bandwidth and Outbound Bandwidth?
- What Are the Differences Between Static BGP, Dynamic BGP, and Premium BGP?
- How Do I Know If My EIP Bandwidth Has Been Exceeded?
- What Are the Differences Between Public Bandwidth and Private Bandwidth?
- What Bandwidth Types Are Available?
- What Are the Differences Between a Dedicated Bandwidth and a Shared Bandwidth? Can a Dedicated Bandwidth Be Changed to a Shared Bandwidth or the Other Way Around?
- How Many EIPs Can I Add to Each Shared Bandwidth?
- Can I Increase a Yearly/Monthly Bandwidth and Decrease It Later?
- What Is the Relationship Between Bandwidth and Upload/Download Rate?
-
Connectivity
- Does a VPN Allow Communication Between Two VPCs?
- Why Cannot I Access Public Websites Through Domain Names or Access Internal Domain Names on the Cloud When My ECS Has Multiple Network Interfaces?
- What Are the Priorities of the Custom Route and EIP If Both Are Configured for an ECS to Enable the ECS to Access the Internet?
- Why Are There Intermittent Interruptions When a Local Host Accesses a Website Built on an ECS?
- Why Do ECSs Using Private IP Addresses in the Same Subnet Only Support One-Way Communication?
- Why Does Communication Fail Between Two ECSs in the Same VPC or Packet Loss Occur When They Communicate?
- Why Can't My ECS Use Cloud-init?
- Why Can't My ECS Access the Internet Even After an EIP Is Bound?
- Why Is My ECS Unable to Communicate at a Layer 2 or Layer 3 Network?
- How Do I Handle a BMS Network Failure?
- Why Does My ECS Fail to Obtain an IP Address?
- How Do I Handle a VPN or Direct Connect Connection Network Failure?
- Why Can My Server Be Accessed from the Internet But Cannot Access the Internet?
- Why Can't I Access Websites Using IPv6 Addresses After IPv4/IPv6 Dual Stack Is Configured?
- Why Does My ECS Fail to Communicate with Other After It Has Firewall Installed?
- Routing
-
Security
- Does a New Security Group Rule or a Network ACL Rule Take Effect Immediately for Existing Connections?
- Why Is Outbound Access on TCP Port 25 Blocked?
- How Do I Know the Instances Associated with a Security Group?
- Why Can't I Delete a Security Group?
- Can I Change the Security Group of an ECS?
- How Do I Configure a Security Group for Multi-Channel Protocols?
- Why Are Some Ports of ECSs Inaccessible?
- Why Is Access from a Specific IP Address Still Allowed After a Network ACL Rule That Denies the Access from the IP Address Has Been Added?
- Why Are My Security Group Rules Not Working?
-
Billing and Payments
- Videos
- Glossary
-
More Documents
-
User Guide (ME-Abu Dhabi Region)
- Service Overview
- Getting Started
- VPC and Subnet
- Route Tables
-
Virtual IP Address
- Virtual IP Address Overview
- Assigning a Virtual IP Address
- Binding a Virtual IP Address to an EIP or ECS
- Binding a Virtual IP Address to an EIP
- Unbinding a Virtual IP Address from an Instance
- Unbinding a Virtual IP Address from an EIP
- Releasing a Virtual IP Address
- Disabling IP Forwarding on the Standby ECS
- Disabling Source/Destination Check for an ECS NIC
-
Elastic Network Interface and Supplementary Network Interface
-
Elastic Network Interface
- Elastic Network Interface Overview
- Creating a Network Interface
- Viewing Basic Information About a Network Interface
- Attaching a Network Interface to an Instance
- Binding a Network Interface to an EIP
- Binding a Network Interface to a Virtual IP Address
- Detaching a Network Interface from an Instance or Unbinding an EIP from a Network Interface
- Changing Security Groups That Are Associated with a Network Interface
- Deleting a Network Interface
-
Supplementary Network Interfaces
- Supplementary Network Interface Overview
- Creating a Supplementary Network Interface
- Viewing Basic Information About a Supplementary Network Interface
- Binding or Unbinding a Supplementary Network Interface to or from an EIP
- Changing Security Groups That Are Associated with a Supplementary Network Interface
- Deleting a Supplementary Network Interface
-
Elastic Network Interface
-
Access Control
- What Is Access Control?
- Security Group
- Network ACL
-
VPC Peering Connection
- VPC Peering Connection Overview
- VPC Peering Connection Usage Examples
- Creating a VPC Peering Connection with Another VPC in Your Account
- Creating a VPC Peering Connection with a VPC in Another Account
- Obtaining the Peer Project ID of a VPC Peering Connection
- Modifying a VPC Peering Connection
- Viewing VPC Peering Connections
- Deleting a VPC Peering Connection
- Modifying Routes Configured for a VPC Peering Connection
- Viewing Routes Configured for a VPC Peering Connection
- Deleting Routes Configured for a VPC Peering Connection
- VPC Flow Log
- Elastic IP
- Shared Bandwidth
- Monitoring
-
FAQ
- General Questions
- VPCs and Subnets
- EIPs
- VPC Peering Connections
- Bandwidth
-
Connectivity
- Does a VPN Allow Communication Between Two VPCs?
- Why Are Internet or Internal Domain Names in the Cloud Inaccessible Through Domain Names When My ECS Has Multiple NICs?
- What Are the Priorities of the Custom Route and EIP If Both Are Configured for an ECS to Enable the ECS to Access the Internet?
- Why Can't My ECS Access the Internet Even After an EIP Is Bound?
-
Routing
- Can a Route Table Span Multiple VPCs?
- How Many Routes Can a Route Table Contain?
- Are There Any Restrictions on Using a Route Table?
- Do the Same Routing Priorities Apply to Direct Connect Connections and Custom Routes in the Same VPC?
- Are There Different Routing Priorities of the VPN and Custom Routes in the Same VPC?
- Security
- Change History
-
API Reference
- Before You Start
- API Overview
- Calling APIs
- Getting Started
- VPC APIs (V1/V2)
-
VPC APIs (V3)
- VPC
- Security Group
- Security Group Rule
- IP Address Group
-
Supplementary Network Interface
- Creating a Supplementary Network Interface
- Creating Supplementary Network Interfaces in Batches
- Querying Supplementary Network Interfaces
- Querying the Details of a Supplementary Network Interface
- Querying the Number of Supplementary Network Interfaces
- Updating a Supplementary Network Interface
- Deleting a Supplementary Network Interface
- Network ACL
- Network ACL Tag Management
-
Native OpenStack Neutron APIs (V2.0)
- API Version Information
- Port
- Network
- Subnet
- Router
-
Network ACL
- Querying Network ACL Rules
- Querying a Network ACL Rule
- Creating a Network ACL Rule
- Updating a Network ACL Rule
- Deleting a Network ACL Rule
- Querying Network ACL Policies
- Querying a Network ACL Policy
- Creating a Network ACL Policy
- Updating a Network ACL Policy
- Deleting a Network ACL Policy
- Inserting a Network ACL Rule
- Removing a Network ACL Rule
- Querying Network ACL Groups
- Querying a Network ACL Group
- Creating a Network ACL Group
- Updating a Network ACL Group
- Deleting a Network ACL Group
- Security Group
-
Permissions and Supported Actions
- Introduction
- VPC
- Subnet
- Port
- VPC Peering Connection
- VPC Route
- Route Table
- Quota
- Private IP Address
- Security Group
- Security Group Rule
- VPC Tag
- Subnet Tag
- Port (OpenStack Neutron API)
- Network (OpenStack Neutron API)
- Subnet (OpenStack Neutron API)
- Router (OpenStack Neutron API)
- Network ACL (OpenStack Neutron API)
- Security Group (OpenStack Neutron API)
- VPC (V3)
- Security Group (V3)
- Security Group Rule (V3)
- IP Address Group (V3)
- Supplementary Network Interface (V3)
- Network ACL (V3)
- Network ACL Tag (V3)
- Precautions for API Permissions
- Out-of-Date APIs
- Appendix
- Change History
-
User Guide (Paris Regions)
- Service Overview
- Getting Started
- VPC and Subnet
-
Access Control
- Differences Between Security Groups and Network ACLs
- Security Group
- Network ACL
- Elastic IP
- Shared Bandwidth
- Route Tables
-
VPC Peering Connection
- VPC Peering Connection Overview
- VPC Peering Connection Usage Examples
- Creating a VPC Peering Connection with Another VPC in Your Account
- Creating a VPC Peering Connection with a VPC in Another Account
- Obtaining the Peer Project ID of a VPC Peering Connection
- Modifying a VPC Peering Connection
- Viewing VPC Peering Connections
- Deleting a VPC Peering Connection
- Modifying Routes Configured for a VPC Peering Connection
- Viewing Routes Configured for a VPC Peering Connection
- Deleting Routes Configured for a VPC Peering Connection
- VPC Flow Log
-
Virtual IP Address
- Virtual IP Address Overview
- Assigning a Virtual IP Address
- Binding a Virtual IP Address to an EIP or ECS
- Binding a Virtual IP Address to an EIP
- Unbinding a Virtual IP Address from an Instance
- Unbinding a Virtual IP Address from an EIP
- Releasing a Virtual IP Address
- Disabling IP Forwarding on the Standby ECS
- Disabling Source/Destination Check for an ECS NIC
- Interconnecting with CTS
- Monitoring
-
FAQ
- General Questions
- Billing and Payments
- VPCs and Subnets
-
EIPs
- What Are the Differences Between EIP, Private IP Address, and Virtual IP Address?
- How Do I Access the Internet Using an EIP Bound to an Extension NIC?
- What Are the Differences Between the Primary and Extension NICs of ECSs?
- Can an EIP That Uses Dedicated Bandwidth Be Changed to Use Shared Bandwidth?
- Can I Bind an EIP to Multiple ECSs?
- How Do I Access an ECS with an EIP Bound from the Internet?
- Can I Bind an EIP of an ECS to Another ECS?
- How Do I Unbind an EIP from an Instance and Bind a New EIP to the Instance?
- Can I Bind an EIP to a Cloud Resource in Another Region?
- Can I Change the Region of My EIP?
- VPC Peering Connections
- Virtual IP Addresses
-
Bandwidth
- What Are Inbound Bandwidth and Outbound Bandwidth?
- How Do I Know If My EIP Bandwidth Limit Has Been Exceeded?
- What Are the Differences Between Public Bandwidth and Private Bandwidth?
- What Is the Bandwidth Size Range?
- What Bandwidth Types Are Available?
- What Are the Differences Between a Dedicated Bandwidth and a Shared Bandwidth?
- Is There a Limit to the Number of EIPs That Can Be Added to Each Shared Bandwidth?
- What Is the Relationship Between Bandwidth and Upload/Download Rate?
-
Connectivity
- Does a VPN Allow Communication Between Two VPCs?
- Why Are Internet or Internal Domain Names in the Cloud Inaccessible Through Domain Names When My ECS Has Multiple NICs?
- What Are the Priorities of the Custom Route and EIP If Both Are Configured for an ECS to Enable the ECS to Access the Internet?
- Why Are There Intermittent Interruptions When a Local Host Accesses a Website Built on an ECS?
- Why Do ECSs Using Private IP Addresses in the Same Subnet Only Support One-Way Communication?
- Why Does Communication Fail Between Two ECSs in the Same VPC or Packet Loss Occur When They Communicate?
- Why Can't My ECS Use Cloud-init?
- Why Can't My ECS Access the Internet Even After an EIP Is Bound?
- Why Does My ECS Fail to Obtain an IP Address?
- How Do I Handle a VPN or Direct Connect Connection Network Failure?
- Why Can My Server Be Accessed from the Internet But Cannot Access the Internet?
- Why Can't I Access Websites Using IPv6 Addresses After IPv4/IPv6 Dual Stack Is Configured?
- Why Does My ECS Fail to Communicate with Other After It Has Firewall Installed?
-
Routing
- How Do I Configure Policy-Based Routes for an ECS with Multiple NICs?
- Can a Route Table Span Multiple VPCs?
- How Many Routes Can a Route Table Contain?
- Are There Any Restrictions on Using a Route Table?
- Do the Same Routing Priorities Apply to Direct Connect Connections and Custom Routes in the Same VPC?
- Are There Different Routing Priorities of the VPN and Custom Routes in the Same VPC?
-
Security
- Are the Security Group Rules Considered the Same If All Parameters Except Their Description Are the Same?
- How Do I Know the Instances Associated with a Security Group?
- Why Can't I Delete a Security Group?
- Can I Change the Security Group of an ECS?
- How Do I Configure a Security Group for Multi-Channel Protocols?
- Does a Modified Security Group Rule or a Network ACL Rule Take Effect Immediately for Existing Connections?
- Which Security Group Rule Has a High Priority When Multiple Security Group Rules Conflict?
- Why Is Access from a Specific IP Address Still Allowed After a Network ACL Rule That Denies the Access from the IP Address Has Been Added?
- Why Do My Security Group Rules Not Take Effect?
- Change History
-
API Reference (Paris Regions)
- Before You Start
- API Overview
- Calling APIs
- Getting Started
-
APIs
- Virtual Private Cloud
- Subnet
- EIP
- Bandwidth
- Bandwidth (V2.0)
- Quota
- Private IP Address
- Security Group
- VPC Peering Connection
- VPC Route
- Route Table
- VPC Tag Management
- Subnet Tag Management
- EIP Tag Management
- VPC Flow Log
-
Virtual IP Address
- Virtual IP Address Overview
- Binding an ECS to a Virtual IP Address
- Accessing a Virtual IP Address Using an EIP
- Using a VPN to Access the Virtual IP Address
- Using a Direct Connect Connection to Access the Virtual IP Address
- Using a VPC Peering Connection to Access the Virtual IP Address
- Disabling Source and Destination Check (HA Load Balancing Cluster Scenario)
- API V3
-
Native OpenStack Neutron APIs (V2.0)
- API Version Information
- Port
- Network
- Subnet
- Router
- Floating IP Address
-
Network ACL
- Querying Network ACL Rules
- Querying a Network ACL Rule
- Creating a Network ACL Rule
- Updating a Network ACL Rule
- Deleting a Network ACL Rule
- Querying Network ACL Policies
- Querying a Network ACL Policy
- Creating a Network ACL Policy
- Updating a Network ACL Policy
- Deleting a Network ACL Policy
- Inserting a Network ACL Rule
- Removing a Network ACL Rule
- Querying Network ACL Groups
- Querying a Network ACL Group
- Creating a Network ACL Group
- Updating a Network ACL Group
- Deleting a Network ACL Group
- Security Group
- Application Examples
-
Permissions Policies and Supported Actions
- VPC
- Subnet
- EIP
- Bandwidth
- Bandwidth (V2.0)
- EIP V3
- VPC Peering Connection
- VPC Route
- Route Table
- Quota
- Private IP Address
- Security Group
- VPC Flow Log
- Port (OpenStack Neutron API)
- Network (OpenStack Neutron API)
- Subnet (OpenStack Neutron API)
- Router (OpenStack Neutron API)
- Floating IP Address (OpenStack Neutron API)
- Network ACL (OpenStack Neutron API)
- Security Group (OpenStack Neutron API)
- Precautions for API Permissions
- Appendix
- Change History
-
User Guide (Kuala Lumpur Region)
- Service Overview
- Getting Started
- VPC and Subnet
- Route Tables
- Virtual IP Address
-
Access Control
- What Is Access Control?
- Security Group
- Network ACL
-
VPC Peering Connection
- VPC Peering Connection Overview
- VPC Peering Connection Usage Examples
- Creating a VPC Peering Connection with Another VPC in Your Account
- Creating a VPC Peering Connection with a VPC in Another Account
- Obtaining the Peer Project ID of a VPC Peering Connection
- Modifying a VPC Peering Connection
- Viewing VPC Peering Connections
- Deleting a VPC Peering Connection
- Modifying Routes Configured for a VPC Peering Connection
- Viewing Routes Configured for a VPC Peering Connection
- Deleting Routes Configured for a VPC Peering Connection
- VPC Flow Log
- Elastic IP
- Shared Bandwidth
- Interconnecting with CTS
- Monitoring
-
FAQ
- General Questions
- VPCs and Subnets
- EIPs
- VPC Peering Connections
- Bandwidth
- Connectivity
-
Routing
- Can a Route Table Span Multiple VPCs?
- How Many Routes Can a Route Table Contain?
- Are There Any Restrictions on Using a Route Table?
- Do the Same Routing Priorities Apply to Direct Connect Connections and Custom Routes in the Same VPC?
- Are There Different Routing Priorities of the VPN and Custom Routes in the Same VPC?
- Security
- Change History
-
API Reference (Kuala Lumpur Region)
- Before You Start
- API Overview
- Calling APIs
- Getting Started
- APIs
-
Native OpenStack Neutron APIs (V2.0)
- API Version Information
- Port
- Network
- Subnet
- Router
-
Network ACL
- Querying Network ACL Rules
- Querying a Network ACL Rule
- Creating a Network ACL Rule
- Updating a Network ACL Rule
- Deleting a Network ACL Rule
- Querying Network ACL Policies
- Querying a Network ACL Policy
- Creating a Network ACL Policy
- Updating a Network ACL Policy
- Deleting a Network ACL Policy
- Inserting a Network ACL Rule
- Removing a Network ACL Rule
- Querying Network ACL Groups
- Querying a Network ACL Group
- Creating a Network ACL Group
- Updating a Network ACL Group
- Deleting a Network ACL Group
- Security Group
-
Permissions Policies and Supported Actions
- VPC
- Subnet
- Port
- VPC Peering Connection
- Quota
- Private IP Address
- Security Group
- Security Group Rule
- VPC Tags
- Subnet Tags
- Port (OpenStack Neutron API)
- Network (OpenStack Neutron API)
- Subnet (OpenStack Neutron API)
- Router (OpenStack Neutron API)
- Network ACL (OpenStack Neutron API)
- Security Group (OpenStack Neutron API)
- Precautions for API Permissions
- Out-of-Date APIs
- Appendix
- Change History
-
User Guide (Ankara Region)
- Service Overview
- Getting Started
- VPC and Subnet
- Route Tables
-
Virtual IP Address
- Virtual IP Address Overview
- Assigning a Virtual IP Address
- Binding a Virtual IP Address to an EIP or ECS
- Binding a Virtual IP Address to an EIP
- Unbinding a Virtual IP Address from an Instance
- Unbinding a Virtual IP Address from an EIP
- Releasing a Virtual IP Address
- Disabling IP Forwarding on the Standby ECS
- Disabling Source/Destination Check for an ECS NIC
-
Elastic Network Interface and Supplementary Network Interface
-
Elastic Network Interface
- Elastic Network Interface Overview
- Creating a Network Interface
- Viewing Basic Information About a Network Interface
- Attaching a Network Interface to an Instance
- Binding a Network Interface to an EIP
- Binding a Network Interface to a Virtual IP Address
- Detaching a Network Interface from an Instance or Unbinding an EIP from a Network Interface
- Changing Security Groups That Are Associated with a Network Interface
- Deleting a Network Interface
-
Supplementary Network Interfaces
- Supplementary Network Interface Overview
- Creating a Supplementary Network Interface
- Viewing Basic Information About a Supplementary Network Interface
- Binding or Unbinding a Supplementary Network Interface to or from an EIP
- Changing Security Groups That Are Associated with a Supplementary Network Interface
- Deleting a Supplementary Network Interface
-
Elastic Network Interface
-
Access Control
- What Is Access Control?
- Security Group
- Network ACL
-
VPC Peering Connection
- VPC Peering Connection Overview
- VPC Peering Connection Usage Examples
- Creating a VPC Peering Connection with Another VPC in Your Account
- Creating a VPC Peering Connection with a VPC in Another Account
- Obtaining the Peer Project ID of a VPC Peering Connection
- Modifying a VPC Peering Connection
- Viewing VPC Peering Connections
- Deleting a VPC Peering Connection
- Modifying Routes Configured for a VPC Peering Connection
- Viewing Routes Configured for a VPC Peering Connection
- Deleting Routes Configured for a VPC Peering Connection
- VPC Flow Log
- Elastic IP
- Shared Bandwidth
- Monitoring
- Permissions Management
-
FAQ
- General Questions
- VPCs and Subnets
- EIPs
- VPC Peering Connections
- Bandwidth
- Connectivity
- Routing
-
Security
- Does a Modified Security Group Rule or a Network ACL Rule Take Effect Immediately for Existing Connections?
- Why Can't I Delete a Security Group?
- Can I Change the Security Group of an ECS?
- How Do I Configure a Security Group for Multi-Channel Protocols?
- Which Security Group Rule Has a High Priority When Multiple Security Group Rules Conflict?
- Change History
-
API Reference (Ankara Region)
- Before You Start
- API Overview
- Calling APIs
- Getting Started
- APIs
- API V3
-
Native OpenStack Neutron APIs (V2.0)
- API Version Information
- Port
- Network
- Subnet
- Router
- Floating IP Address
-
Network ACL
- Querying Network ACL Rules
- Querying a Network ACL Rule
- Creating a Network ACL Rule
- Updating a Rule
- Deleting a Network ACL Rule
- Querying Network ACL Policies
- Querying a Network ACL Policy
- Creating a Network ACL Policy
- Updating a Network ACL Policy
- Deleting a Network ACL Policy
- Inserting a Network ACL Rule
- Removing a Network ACL Rule
- Querying Network ACL Groups
- Querying a Network ACL Group
- Creating a Network ACL Group
- Updating a Network ACL Group
- Deleting a Network ACL Group
- Security Group
-
Permissions Policies and Supported Actions
- Introduction
- VPC
- Subnet
- EIP
- Bandwidth
- Bandwidth (V2.0)
- EIP V3
- Port
- VPC Peering Connection
- VPC Route
- Route Table
- Quota
- Private IP Address
- Security Group
- Security Group Rule
- Port (OpenStack Neutron API)
- Network (OpenStack Neutron API)
- Subnet (OpenStack Neutron API)
- Router (OpenStack Neutron API)
- Floating IP Address (OpenStack Neutron API)
- Network ACL (OpenStack Neutron API)
- Security Group (OpenStack Neutron API)
- Precautions for API Permissions
- Appendix
- Change History
-
User Guide (ME-Abu Dhabi Region)
- General Reference
Copied.
Setting Up an IPv4 Network in a VPC
This topic describes how to create a VPC and an ECS to set up an IPv4 private network on the cloud and bind an EIP to the ECS to allow the ECS to access the Internet.
- To allow users to remotely log in to ECS-A01 from the local PC (IP address: 10.1.0.7) and perform operations on this ECS, you need to configure the following inbound rules:
- Rule A01: allows the local PC to ping ECS-A01 in VPC-A over all ICMP ports to test network connectivity.
- Rules A02: allow the local PC to remotely log in to ECS-A01 over TCP port 22 if the ECS runs Linux.
- Rules A03: allow the local PC to remotely log in to ECS-A01 over TCP port 3389 if the ECS runs Windows.
- Rule A04: allows ECSs in Sg-A to communicate with each other.
- To allow ECS-A01 to access the Internet, you need to EIP EIP-A to it and add outbound rule A05.
Precautions
The network planning in this topic is only for your reference. Once a VPC and subnet are created, the CIDR blocks cannot be changed. Before creating VPCs, determine how many VPCs, the number of subnets, and what CIDR blocks or connectivity options you will need.
For details, see VPC and Subnet Planning Suggestions.
Procedure
Procedure |
What to Do |
---|---|
Before using cloud services, sign up for a HUAWEI ID, enable Huawei Cloud services, complete real-name authentication, and top up your account. |
|
Create a VPC, specify an IPv4 CIDR block (for example, 192.168.0.0/16), and create a subnet with the CIDR block of 192.168.0.0/24 in the VPC. |
|
Buy an ECS in the subnet you have created and configure security group rules for the ECS. |
|
Buy an EIP and bind it to the ECS so that the ECS can access the Internet. |
|
To test ECS connectivity, you can:
|
Preparations
Before creating resources such as VPCs and ECSs, you need to sign up for a HUAWEI ID, enable Huawei Cloud services, complete real-name authentication, and top up your account. Ensure that your account has sufficient balance.
- You have created a HUAWEI ID, enabled Huawei Cloud services, and completed real-name authentication.
- You need to ensure that your account has sufficient balance. If it does not, top up your account.
Step 1: Create a VPC and Subnet
- Go to the Create VPC page.
- On the Create VPC page, set parameters as needed.
In this example, you need to create a VPC and a subnet.
Figure 2 Creating a VPCFigure 3 Setting a subnetTable 1 VPC parameters Parameter
Example Value
Description
Region
CN-Hong Kong
The region where the VPC is created. Select the region nearest to you to ensure the lowest possible latency. The VPC, ECS, and EIP used in this example must be in the same region.
The region cannot be changed after the VPC is created.
Name
VPC-A
The VPC name. Set it to VPC-A.
The name can be modified after VPC-A is created.
IPv4 CIDR Block
192.168.0.0/16
The IPv4 CIDR block of VPC-A. You are advised to select from the following CIDR blocks:- 10.0.0.0/8-24: The IP address ranges from 10.0.0.0 to 10.255.255.255, and the netmask ranges from 8 to 24.
- 172.16.0.0/12-24: The IP address ranges from 172.16.0.0 to 172.31.255.255, and the netmask ranges from 12 to 24.
- 192.168.0.0/16-24: The IP address ranges from 192.168.0.0 to 192.168.255.255, and the netmask ranges from 16 to 24.
The IPv4 CIDR block cannot be changed after VPC-A is created.
Enterprise Project
default
The enterprise project by which VPCs are centrally managed. Select an existing enterprise project for VPC-A.
The enterprise project cannot be changed after VPC-A is created.
Advanced Settings (Optional) > Tag
Not required
The tag that is used to classify and identify resources. Add tags to VPC-A as required.
After VPC-A is created, you can edit tags added to VPC-A.
Advanced Settings (Optional) > Description
Not required
Supplementary information about VPC-A. Enter a description as required.
The description can be modified after VPC-A is created.
Table 2 Subnet parameters Parameter
Example Value
Description
AZ
AZ4
A geographic location with independent power supply and network facilities in a region. Each region contains multiple AZs. AZs are physically isolated but connected through an internal network. Subnets of a VPC can be located in different AZs without affecting communications. You can select any AZ in a region.
If Edge is displayed, select an edge AZ based on your service requirements. If Edge is not displayed, you do not need to set the subnet AZ, which does not affect your service running.
An ECS and its VPC can be in different AZs. For example, you can select AZ1 for the ECS and AZ3 for its VPC subnet.
The AZ cannot be changed after Subnet-A01 is created.
You can select an AZ for a subnet only in certain regions. See the available regions on the management console.
Subnet Name
Subnet-A01
The subnet name. Set it to Subnet-A01.
The name can be modified after Subnet-A01 is created.
IPv4 CIDR Block
192.168.0.0/24
The IPv4 CIDR block of Subnet-A01, which is a unique CIDR block with a range of IP addresses in VPC-A.
The CIDR block cannot be changed after Subnet-A01 is created.
IPv6 CIDR Block (Optional)
Disabled
Whether to assign IPv6 addresses.
You can enable or disable this option after Subnet-A01 is created.
Associated Route Table
Default
The default route table that Subnet-A01 is associated with. Each VPC comes with a default route table. Subnets in the VPC are then automatically associated with the default route table.
The default route table has a preset system route that allows subnets in a VPC to communicate with each other.
After Subnet-A01 is created, you can create a custom route table and associate Subnet-A01 with it.
Advanced Settings (Optional) > Gateway
192.168.0.1
The gateway address of Subnet-A01. You are advised to retain the default address.
The gateway address cannot be changed after Subnet-A01 is created.
Advanced Settings (Optional)- DNS Server Address
- Domain Name
- NTP Server Address
- IPv4 DHCP Lease Time
Not required
The parameters are configured for the ECS-A01 in VPC-A. In this example, retain the default values or leave them blank.
You can change the values after Subnet-A01 is created.
Advanced Settings (Optional) > Tag
Not required
The tag that is used to classify and identify resources. Add tags to Subnet-A01 as required.
After Subnet-A01 is created, you can edit the tags added to Subnet-A01.
Advanced Settings (Optional) > Description
Not required
Supplementary information about Subnet-A01. Enter a description as required.
The description can be modified after Subnet-A01 is created.
- Click Create Now.
You will be redirected to the VPC list, where you can find VPC-A you have created.
Step 2: Buy an ECS
- Go to the Buy ECS page.
- On the Buy ECS page, set parameters as required.
In this example, set the ECS name to ECS-A01 and configure other parameters as follows:
- Network: Select VPC-A and Subnet-A01 you have created.
Figure 4 Network settings
- Security Group: Create security group Sg-A and add inbound and outbound rules to it. Each security group comes with system rules. You need to check and modify the rules as required to ensure that all rules in Table 3 are added.
Figure 5 Inbound rules of Sg-AFigure 6 The outbound rule of Sg-A
Table 3 Sg-A rules Direction
Action
Type
Protocol & Port
Source/Destination
Description
Inbound
Allow
IPv4
TCP: 22
Source: 10.1.0.7/32
Allows the local PC (10.1.0.7/32) to remotely log in to Linux ECS-A01 over SSH port 22.
Inbound
Allow
IPv4
TCP: 3389
Source: 10.1.0.7/32
Allows the local PC (10.1.0.7/32) to remotely log in to Windows ECS-A01 over RDP port 3389.
Inbound
Allow
IPv4
ICMP: All
Source: 0.0.0.0/0
Allows ping traffic to ECS-A01 in VPC-A over all ICMP ports to test network connectivity.
Inbound
Allow
IPv4
All
Source: current security group (Sg-A)
Allows the ECSs in Sg-A to communicate with each other.
Outbound
Allow
IPv4
All
Destination: 0.0.0.0/0
Allows ECS-A01 in Sg-A to access the Internet.
- EIP: Select Not required.
Figure 7 Selecting Not required
Configure other ECS parameters s as required. For details, see Purchasing a Custom ECS.
- Network: Select VPC-A and Subnet-A01 you have created.
- Click Create.
Return to the ECS list to view ECS-A01 you have bought.
Step 3: Buy an EIP and Bind It to ECS-A01
- Go to the Buy EIP page.
- On the Buy EIP page, set the EIP name to EIP-A.
You can configure other EIP parameters as required. For details, see Buying an EIP.
- Click Next.
Return to the EIP list to view EIP-A you have assigned.
- In the EIP list, locate EIP-A and click Bind in the Operation column.
The Bind EIP dialog box is displayed.
- In the displayed dialog box, select ECS-A01 and click OK.
Return to the EIP list. You can see that ECS-A01 is displayed in the Associated Instance column in the EIP list.
Step 4: Test Network Connectivity
- Use the local PC to remotely log in to ECS-A01.
Multiple methods are available for logging in to an ECS. For details, see Logging In to an ECS.
- Run the following command to test the network connectivity between ECS-A01 and Internet:
ping IPv4 EIP or Domain name
Example command:
ping support.huaweicloud.com
If information similar to the following is displayed, ECS-A01 can communicate with the Internet.[root@ecs-a01 ~]# ping support.huaweicloud.com PING hcdnw.cbg-notzj.c.cdnhwc2.com (203.193.226.103) 56(84) bytes of data. 64 bytes from 203.193.226.103 (203.193.226.103): icmp_seq=1 ttl=51 time=2.17 ms 64 bytes from 203.193.226.103 (203.193.226.103): icmp_seq=2 ttl=51 time=2.13 ms 64 bytes from 203.193.226.103 (203.193.226.103): icmp_seq=3 ttl=51 time=2.10 ms 64 bytes from 203.193.226.103 (203.193.226.103): icmp_seq=4 ttl=51 time=2.09 ms ... --- hcdnw.cbg-notzj.c.cdnhwc2.com ping statistics --- 4 packets transmitted, 4 received, 0% packet loss, time 3004ms rtt min/avg/max/mdev = 2.092/2.119/2.165/0.063 ms
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot