Community Blog What Is Virtuel Network

What Is Virtuel Network

Virtual Network is a computer network that contains at least part of virtual network links.

Virtuel Network Definition

Virtual Network is a computer network that contains at least part of virtual network links. Virtual Network link does not include a physical connection between two computing devices, it is implemented through network virtualization.

The two most common forms of virtual networks are protocol-based virtual networks (such as VLAN, VPN, VPLS, etc.) and virtual networks based on virtual devices (such as the network inside the hypervisor connecting virtual machines).


Virtual Network Classification

VLAN(Virtual Local Area Network)

VLAN is established on the basis of switching technology, and divides the network nodes into several "logical working groups" according to the nature of work and needs. A "logical working group" is a virtual network.

There are four implementation techniques for VLAN: use switch port (Port) numbers to define virtual networks, use MAC addresses to define virtual networks, use IP broadcast groups to define virtual networks, and use network layer addresses to define virtual networks. The division and management of "logical working groups" are realized by software.

By dividing the virtual network, the broadcast can be restricted within the range of each virtual network, thereby reducing the transmission of broadcast packets in the entire network range and improving the transmission efficiency of the network. At the same time, each virtual network cannot communicate directly, but must be forwarded through a router, which provides the possibility for advanced security control and enhances the security of the network.

VPN(Virtual Private Network)

VPN refers to the technology of establishing a private network on a shared network. It is called a virtual network mainly because the connection between any two nodes of the entire VPN network does not have the point-to-point physical link required for traditional private network construction. It is a logical network built on the network platform provided by the public network service provider ISP.

The user's data is transmitted through a logical tunnel (Tunnel) established by the ISP in the public network (Internet), that is, a point-to-point virtual private line. Through the corresponding encryption and authentication technology to ensure that the user's internal network data is safely transmitted on the public network, so as to truly realize the exclusiveness of the network data.

The Benefits of Virtual Private Network (VPN) Gateway

VPN Gateway offers the following benefits:

  • High security: You can use the IKE and IPsec protocols to encrypt data to ensure secure and reliable data transmission.
  • High availability: VPN Gateway adopts the hot-standby architecture to achieve failover of less than several seconds, session persistence, and zero service downtime.
  • Low cost: The encrypted Internet-based channel of VPN Gateway is more cost-effective than a leased line.
  • Ease of use: VPN Gateway is a ready-to-use service that requires no additional configuration.

The Scenarios of Virtual Private Network (VPN) Gateway

Virtual Private Network (VPN) Gateway is an Internet-based service that securely and reliably connects enterprise data centers, office networks, and Internet terminals to Alibaba Cloud VPCs through encrypted channels. VPN Gateways provides flexible configurations to meet the demands of different scenarios.

Connect a VPC to an on-premises data center

You can connect an on-premises data center to a VPC to build a hybrid cloud through the following two ways:
The route-based IPsec-VPN not only facilitates the configuration and maintenance of VPN policies but also provides flexible traffic routing methods.

Note: To establish a VPN connection between a VPC and an on-premises data center, the IP address ranges of the on-premises data center and the VPC cannot conflict with each other, and a static public IP address must be configured for the gateway device of the on-premises data center.

Interconnect two VPCs

You can rapidly interconnect two VPCs through IPsec-VPN.
The route-based IPsec-VPN not only facilitates the configuration and maintenance of VPN policies but also provides flexible traffic routing methods.

Not: The IP address ranges of the VPCs cannot conflict with each other.

Connect a remote client to a VPC

You can connect a client to a VPC through an SSL-VPN tunnel to meet the needs of remote working. With SSL-VPN connections, you can securely access a VPC through the Internet at any time, anywhere.

SSL-VPN connections support remote access from clients running Windows, Linux, Mac, IOS, or Android operating systems.

Note: The IP address ranges of the clients cannot conflict with the IP address range of the VSwitch in the VPC.

Hub Spoke connection

You can establish secure communications among multiple sites by using the Hub Spoke function to interconnect the sites through the VPN Gateway of the VPC. Hub Spoke can meet the needs of large enterprises to establish intranet communication between office sites.

Use IPsec-VPN and SSL-VPN together

You can use IPsec-VPN and SSL-VPN connections together to expand your network topology. Once the connections are established, the client can access the applications deployed in the connected VPC, and can also access the applications deployed in the connected office sites.

Note: All private IP address ranges to be connected cannot conflict with one another.

Related Blog

Network Functions Virtualization/Virtual Private Cloud: Way to Modernize Network

Many cloud service providers simply providing network connectivity for their enterprise customers. They also offer additional services & network functions like network address translation (NAT), firewalls, encryption, domain name service (DNS), caching and others. Traditionally, these network functions will deploy using proprietary hardware at the customer premises. This approach provides additional revenue. But deploying multiple proprietary devices is costly and makes upgrades difficult.

Service providers began exploring ways to reduce cost and accelerate deployment through Network Functions Virtualization/Virtual Private Cloud. Alibaba VPC de-couples' function like firewalls, encryption from dedicated hardware and moves the functions to virtual servers.

Instead of installing expensive proprietary hardware, service providers can purchase an inexpensive switches, storage and servers to run virtual machines that perform network functions. If a customer wants to add a new network function, the service providers can spin-up a new virtual machine to perform out function.

Virtual Private Network (VPN) Gateway: Connection Between a VPC and On-premise Data Center

Virtual Private Network (VPN) Gateway is an Internet-based service that securely and reliably connects enterprise data centers, office networks, or Internet-facing terminals to Alibaba Cloud Virtual Private Cloud (VPC) networks through encrypted connections. VPN Gateway supports both IPsec-VPN connection and SSL-VPN connection.

Related Product

VPN Gateway

VPN Gateway is used to transmit encrypted traffic between Alibaba Cloud VPCs and enterprise data centers, enterprise office networks, or Internet platforms over the Internet. You can use this service to establish reliable and secure connections for data transmission. According to China’s regulations and laws, Alibaba Cloud VPN Gateway cannot be used as an Internet access service.

Virtual Private Cloud

VPC helps you build an isolated network environment based on Alibaba Cloud including customizing the IP address range, network segment, route table, and gateway. In addition, you can connect VPC and a traditional IDC through a leased line, VPN, or GRE to provide hybrid cloud services.

1 1 1
Share on

Alibaba Clouder

2,600 posts | 751 followers

You may also like


Dikky Ryan Pratama May 6, 2023 at 12:18 pm

very easy to understand.

Alibaba Clouder

2,600 posts | 751 followers

Related Products

  • VPC

    A virtual private cloud service that provides an isolated cloud network to operate resources in a secure environment.

    Learn More
  • Alibaba Cloud PrivateZone

    Alibaba Cloud DNS PrivateZone is a Virtual Private Cloud-based (VPC) domain name system (DNS) service for Alibaba Cloud users.

    Learn More
  • Apsara Stack

    Apsara Stack is a full-stack cloud solution created by Alibaba Cloud for medium- and large-size enterprise-class customers.

    Learn More
  • Hybrid Cloud Solution

    Highly reliable and secure deployment solutions for enterprises to fully experience the unique benefits of the hybrid cloud

    Learn More