This topic describes the four methods that you can use to connect a VPC to the Internet.
A VPC is a private network in Alibaba Cloud. By default, the cloud resources in a VPC cannot access the Internet or be accessed by the Internet. However, you can connect a VPC to the Internet by using an ECS public IP address, an Elastic IP (EIP), a NAT Gateway, or the Server Load Balancer (SLB) service.
VPCs provide Internet Shared Bandwidth and Data Transfer Plan to help you save the Internet cost. For more information, see How to save the Internet cost.
ECS public IP address
When you create a VPC ECS instance, you can assign the instance a public IPv4 address that supports access to the Internet or from the Internet.
An ECS IP address cannot be dynamically disassociated from the corresponding VPC ECS instance, but can be converted to an EIP. For more information, see Convert an ECS public IP address to an EIP.
An EIP is a type of NAT IP address that is located on the Internet gateway of Alibaba Cloud and is mapped to the associated cloud resource through NAT. After a cloud resource is associated with an EIP, the cloud resource can communicate with the Internet through the EIP.
You can associate an EIP with a VPC ECS instance, Elastic Network Interface (ENI), VPC SLB instance, or NAT Gateway. For more information, see EIP User Guide.
- Individual purchase
You can purchase an EIP as an individual resource instead of purchasing it together with other computing or storage resources.
- Flexible association
You can associate an EIP with the target resource or disassociate and release the EIP whenever necessary.
- Changeable network capability
You can change the bandwidth of an EIP as needed. Bandwidth changes take effect immediately.
A NAT Gateway is an enterprise-class VPC Internet gateway that provides NAT proxy services (SNAT and DNAT), forwarding capacity of up to 10 Gbps, and cross-zone disaster recovery.
By using a NAT Gateway, multiple ECS instances in a VPC can access the Internet through a public IP address. For more information, see NAT Gateway User Guide.
- Flexible and easy-to-use
NAT Gateways provide SNAT and DNAT functions. You can directly configure SNAT and DNAT rules without the need to set up a NAT Gateway.
- High availability
NAT Gateways are virtual network hardware that is based on the distributed gateway of Alibaba Cloud and is virtualized by the SDN technology. With a forwarding capacity of up to 10 Gbps, NAT Gateways support large-scale Internet applications.
- Pay-AS-You-Go billing
You can change the specification and the number of NAT Gateways and EIPs at any time to meet your service changes.
SLB is a traffic distribution service that distributes traffic to multiple ECS instances to expand service capabilities and improve availability of applications.
- High availability of the SLB system
Deployed in clusters, SLB can synchronize sessions to protect ECS instances against single points of failure (SPOFs). This improves redundancy and guarantees service stability.
- High availability of a single SLB instance
SLB has deployed multiple zones in most regions to guarantee disaster recovery across data centers in the same region. When the primary zone is faulty or unavailable, SLB can switch to the secondary zone in about 30 seconds and restore services. After the primary zone is restored, SLB automatically switches back to the primary zone to provide services.
- High availability of multiple SLB instances
You can deploy SLB instances and backend ECS instances in multiple zones of a region or in multiple regions and schedule access requests by using Alibaba Cloud DNS.
- High availability of backend ECS instances
SLB determines the service availability of backend ECS instances through health checks. Health checks improve the availability of frontend services and reduce the impact on service availability when backend servers are faulty.