Alibaba Cloud sets quotas on the cloud resources and API operations for each Alibaba Cloud account. This topic describes the quota items and their default values of Virtual Private Cloud (VPC), as well as whether the quotas are adjustable.
Quotas are set on a per-region or per-account basis. Quotas are categorized into the following types:
General quotas: the limits on cloud resources that are available to an Alibaba Cloud account.
API rate limits: the limits on API calls that an Alibaba Cloud account can make in a specific period of time. API rate limits are also known as QPS limits.
Privileges: the permissions to use advanced features. Privileges are granted by Alibaba Cloud to an account.
You can view and manage quotas in Alibaba Cloud Quota Center or in the VPC console console. For more information about how to manage VPC quotas, see Manage VPC quotas.
General quotas
The following table describes the general quotas of VPC.
Quotas of VPCs and vSwitches
Name | Description | Default value | Adjustable |
vpc_quota_instances_num_${RegionId} Note ${RegionId} indicates that the quota limits the item only in the specified region. | Maximum number of VPCs that can be created in each region | 10 | You can request a quota increase by using one of the following methods:
|
vpc_quota_vswitches_num | Maximum number of vSwitches that can be created in each VPC | 150 | You can request a quota increase by using one of the following methods:
|
vpc_quota_secondary_cidr_num | Maximum number of secondary IPv4 CIDR blocks that can be created in each VPC | 5 | You can request a quota increase by using one of the following methods:
|
N/A | Available CIDR block for each VPC |
| No |
Maximum number of secondary IPv6 CIDR blocks that can be created in each VPC | 3 | ||
Number of customer CIDR blocks that can be created in each VPC | 3 | ||
Maximum number of private IP addresses that can be used by cloud resources in each VPC | 300,000 Note
| ||
Maximum number of tags that can be added to each VPC | 20 | ||
Maximum number of tags that can be added to each vSwitch | 20 |
Quotas of routers and route tables
Name | Description | Default value | Adjustable |
vpc_quota_route_tables_num | Maximum number of custom route tables that can be created in each VPC | 9 | You can request a quota increase by using one of the following methods:
|
vpc_quota_route_entrys_num | Maximum number of custom routes that can be created in each route table | 200 | |
vpc_quota_havip_custom_route_entry | Maximum number of custom routes that point to an HAVIP | 5 | |
N/A | Maximum number of tags that can be added to each route table | 20 | No |
Maximum number of vRouters that can be created in each VPC | 1 | ||
VPCs that do not support custom route tables | If a VPC contains an ECS instance that belongs to one of the following instance families, the VPC does not support custom route tables: ecs.c1, ecs.c2, ecs.c4, ecs.ce4, ecs.cm4, ecs.d1, ecs.e3, ecs.e4, ecs.ga1, ecs.gn4, ecs.gn5, ecs.i1, ecs.m1, ecs.m2, ecs.mn4, ecs.n1, ecs.n2, ecs.n4, ecs.s1, ecs.s2, ecs.s3, ecs.se1, ecs.sn1, ecs.sn2, ecs.t1, and ecs.xn4. For more information, see Advanced VPC features. | If your Elastic Compute Service (ECS) instance does not support advanced virtual private cloud (VPC) features, upgrade or release the ECS instance.
|
Quotas of DHCP options sets
Name | Description | Default value | Adjustable |
N/A | Maximum number of DHCP options sets that can be created with each Alibaba Cloud account | 10 | No |
Maximum number of VPCs that can be associated with each DHCP options set | 10 | ||
Maximum number of DHCP options sets that can be associated with each VPC | 1 | ||
Maximum number of domain names that can be specified in each DHCP options set | 1 | ||
Maximum number of DNS server IP addresses that can be specified in each DHCP options set | 4 | ||
VPCs that cannot be associated with DHCP options sets | If a VPC contains an ECS instance that belongs to one of the following instance families, the VPC does not support DHCP options sets: ecs.c1, ecs.c2, ecs.c4, ecs.ce4, ecs.cm4, ecs.d1, ecs.e3, ecs.e4, ecs.ga1, ecs.gn4, ecs.gn5, ecs.i1, ecs.m1, ecs.m2, ecs.mn4, ecs.n1, ecs.n2, ecs.n4, ecs.s1, ecs.s2, ecs.s3, ecs.se1, ecs.sn1, ecs.sn2, ecs.t1, and ecs.xn4. For more information, see Advanced VPC features. | If your Elastic Compute Service (ECS) instance does not support advanced virtual private cloud (VPC) features, upgrade or release the ECS instance.
|
Quotas of VPC sharing
Name | Description | Default value | Adjustable |
vpc_quota_sharedvpc_share_user_num_per_vpc | Maximum number of principals supported by each VPC | 50 | You can request a quota increase by using one of the following methods:
|
vpc_quota_sharedvpc_share_user_num_per_vswitch | Maximum number of principals supported by each vSwitch in a VPC | 50 | |
vpc_quota_sharedvpc_accept_shared_vswitch_num | Maximum number of vSwitches that can be shared with each principal | 30 | |
N/A | Maximum number of IP addresses that each VPC can use | Maximum number of IP addresses that the resource owner and principals can use in each VPC | No |
Types of cloud resources that can be created in a shared vSwitch |
| N/A | |
Limits on security groups in a shared VPC |
| ||
Types of vSwitches that can be shared | Non-default vSwitches |
Quotas of flow logs
Name | Description | Default value | Adjustable |
vpc_quota_flowlog_inst_nums_per_user | Maximum number of flow logs that can be created by each account | 10 | You can request a quota increase by using one of the following methods:
|
N/A | ECS instance families that do not support flow logs |
| Upgrade the ECS instances that do not support flow logs. For more information, see Upgrade the instance types of subscription instances and Change the instance type of a pay-as-you-go instance. |
Quotas of network ACLs
Name | Description | Default value | Adjustable |
vpc_quota_nacl_ingress_entry | Maximum number of rules that can be added to a network ACL | 20 | You can request a quota increase by using one of the following methods:
|
vpc_quota_nacl_egress_entry | Maximum number of rules that can be added to a network ACL | 20 | |
nacl_quota_vpc_create_count | Maximum number of network ACLs that can be created in each VPC | 20 | No |
N/A | VPCs that do not support network ACLs | If a VPC contains an ECS instance of the following instance families, the VPC does not support network ACLs: ecs.c1, ecs.c2, ecs.c4, ecs.ce4, ecs.cm4, ecs.d1, ecs.e3, ecs.e4, ecs.ga1, ecs.gn4, ecs.gn5, ecs.i1, ecs.m1, ecs.m2, ecs.mn4, ecs.n1, ecs.n2, ecs.n4, ecs.s1, ecs.s2, ecs.s3, ecs.se1, ecs.sn1, ecs.sn2, ecs.t1, and ecs.xn4. For more information, see Advanced VPC features. | If your Elastic Compute Service (ECS) instance does not support advanced virtual private cloud (VPC) features, upgrade or release the ECS instance.
Note If a VPC contains an ECS instance of the specified instance families and the network ACL feature is enabled, you must upgrade or release the ECS instance for the network ACL to work as expected. |
Quotas of HAVIPs
Name | Description | Default value | Adjustable |
N/A | Network types that support HAVIPs | VPC | No |
Number of HAVIPs that can be associated with each ECS instance | 5 | ||
Maximum number of EIPs that can be associated with each HAVIP | 1 | ||
Maximum number of ECS instances or ENIs that can be associated with each HAVIP | 10 Note
| ||
Whether HAVIPs support broadcasting or multicasting | Not supported Note HAVIPs support only unicast. If you use third-party software such as Keepalived to implement high availability, you must change the communication mode in the configuration file to unicast. | ||
Maximum number of HAVIPs that can be created with each Alibaba Cloud account | 50 | ||
Number of HAVIPs that can be created in each VPC | 50 | ||
vpc_quota_havip_custom_route_entry | Number of route entries that point to an HAVIP in each VPC | 5 | You can request a quota increase by using one of the following methods:
|
Quotas of traffic mirroring
Name | Description | Default value | Adjustable |
trafficmirror_quota_source_num_per_session | Maximum number of traffic mirror sources that can be specified in each traffic mirror session | 10 | You can request a quota increase by using one of the following methods:
|
N/A | Maximum number of traffic mirror sessions that you can create in each region with each Alibaba Cloud account | 20,000 | No |
Maximum number of traffic mirror sessions supported by each traffic mirror source | 3 | ||
Maximum number of traffic mirror destinations that can be specified by each Alibaba Cloud account | Unlimited | ||
Maximum number of traffic mirror sources that can use each traffic mirror destination |
| ||
Maximum number of rules that can be specified in each filter | 10 | ||
Maximum number of traffic mirror sessions that can be associated with each filter | 2,000 | ||
ECS instance families that do not support traffic mirroring | ecs.c1, ecs.c2, ecs.c4, ecs.ce4, ecs.cm4, ecs.d1, ecs.e3, ecs.e4, ecs.ga1, ecs.c1, ecs.gn4, ecs.gn5, ecs.i1, ecs.m1, ecs.m2, ecs.mn4, ecs.n1, ecs.n2, ecs.n4, ecs.s1, ecs.s2, ecs.s3, ecs.se1, ecs.se1ne, ecs.se1nec, ecs.sn1, ecs.sn1ne, ecs.sn1nec, ecs.sn2, ecs.sn2ne, ecs.sn2nec, ecs.t1, and ecs.xn4 | N/A |
Quotas of VPC peering connections
Name | Description | Default value | Adjustable |
vpc_quota_peer_num_per_vpc | The maximum number of VPC peering connections supported by each VPC | 10 | You can request a quota increase by using one of the following methods:
|
vpc_quota_peer_num | The maximum number of VPC peering connections supported by each Alibaba Cloud account in each region | 20 | |
vpc_quota_peer_cross_border_bandwidth | The maximum bandwidth supported by cross-border connections | 1024 Mbps | |
vpc_quota_peer_cross_region_bandwidth | The maximum bandwidth supported by inter-region connections | 1024 Mbps | |
N/A | The default maximum bandwidth for intra-region connections | -1 Mbps | No |
Quotas of IPv4 gateways
Name | Description | Default value | Adjustable |
N/A | The maximum number of IPv4 gateways that can be created in a VPC | 1 | No |
Maximum number of gateway route tables that can be associated with each IPv4 gateway | 1 |
Quotas of prefix lists
Name | Description | Default value | Adjustable |
vpc_quota_prefixlist_num | Maximum number of prefix lists that can be created by an Alibaba Cloud account | 10 | You can request a quota increase by using one of the following methods:
|
vpc_quota_prefixlist_cidr_num_per_prefixlist | Maximum number of entries supported by each prefix list | 50 | |
vpc_quota_prefixlist_accept_shared_prefixlist_num | Maximum number of prefix lists that can be shared with each principal | 10 | |
vpc_quota_prefixlist_share_user_num_per_prefixlist | Maximum number of principals with which each prefix list can be shared | 10 | |
N/A | Maximum number of times that each prefix list can be associated | Unlimited | No |
API rate limits
The following table describes the API rate limits of VPC.
Operation name | Version | Default value | Description | Adjustable |
CreateRouteEntry | 2016-04-28 | 600/60(s) | Maximum frequency that each Alibaba Cloud account can call the CreateRouteEntry operation | No |
CreateVSwitch | 2016-04-28 | 300/60(s) | Maximum frequency that each Alibaba Cloud account can call the CreateVSwitch operation | No |
CreateVpc | 2016-04-28 | 300/60(s) | Maximum frequency that each Alibaba Cloud account can call the CreateVpc operation | No |
DeleteRouteEntry | 2016-04-28 | 300/60(s) | Maximum frequency that each Alibaba Cloud account can call the DeleteRouteEntry operation | No |
DeleteVSwitch | 2016-04-28 | 300/60(s) | Maximum frequency that each Alibaba Cloud account can call the DeleteVSwitch operation | No |
DeleteVpc | 2016-04-28 | 300/60(s) | Maximum frequency that each Alibaba Cloud account can call the DeleteVpc operation | No |
DescribeIpv6Addresses | 2016-04-28 | 600/60(s) | Maximum frequency that each Alibaba Cloud account can call the DescribeIpv6Addresses operation | No |
DescribeNatGateways | 2016-04-28 | 300/60(s) | Maximum frequency that each Alibaba Cloud account can call the DescribeNatGateways operation | No |
DescribeRouteEntryList | 2016-04-28 | 300/60(s) | Maximum frequency that each Alibaba Cloud account can call the DescribeRouteEntryList operation | No |
DescribeRouteTableList | 2016-04-28 | 120/60(s) | Maximum frequency that each Alibaba Cloud account can call the DescribeRouteTableList operation | No |
DescribeVSwitchAttributes | 2016-04-28 | 300/60(s) | Maximum frequency that each Alibaba Cloud account can call the DescribeVSwitchAttributes operation | No |
DescribeVSwitches | 2016-04-28 | 360/60(s) | Maximum frequency that each Alibaba Cloud account can call the DescribeVSwitches operation | No |
DescribeVpcAttribute | 2016-04-28 | 300/60(s) | Maximum frequency that each Alibaba Cloud account can call the DescribeVpcAttribute operation | No |
DescribeVpcs | 2016-04-28 | 360/60(s) | Maximum frequency that each Alibaba Cloud account can call the DescribeVpcs operation | No |
ListTagResources | 2016-04-28 | 300/60(s) | Maximum frequency that each Alibaba Cloud account can call the ListTagResources operation | No |
ModifyRouteEntry | 2016-04-28 | 300/60(s) | Maximum frequency that each Alibaba Cloud account can call the ModifyRouteEntry operation | No |
ModifyVSwitchAttribute | 2016-04-28 | 300/60(s) | Maximum frequency that each Alibaba Cloud account can call the ModifyVSwitchAttribute operation | No |
ModifyVpcAttribute | 2016-04-28 | 300/60(s) | Maximum frequency that each Alibaba Cloud account can call the ModifyVpcAttribute operation | No |
TagResources | 2016-04-28 | 300/60(s) | Maximum frequency that each Alibaba Cloud account can call the TagResources operation | No |
UnTagResources | 2016-04-28 | 300/60(s) | Maximum frequency that each Alibaba Cloud account can call the UnTagResources operation | No |
AllocateIpv6InternetBandwidth | 2016-04-28 | 300/60(s) | Maximum frequency that each Alibaba Cloud account can call the AllocateIpv6 InternetBandwidth operation | No |
AllocateVpcIpv6Cidr | 2016-04-28 | 300/60(s) | Maximum frequency that each Alibaba Cloud account can call the AllocateVpcIpv6Cidr operation | No |
CreateIpv6EgressOnlyRule | 2016-04-28 | 300/60(s) | Maximum frequency that each Alibaba Cloud account can call the CreateIpv6EgressOnlyRule operation | No |
CreateIpv6Gateway | 2016-04-28 | 300/60(s) | Maximum frequency that each Alibaba Cloud account can call the CreateIpv6Gateway operation | No |
DeleteIpv6EgressOnlyRule | 2016-04-28 | 300/60(s) | Maximum frequency that each Alibaba Cloud account can call the DeleteIpv6EgressOnlyRule operation | No |
DeleteIpv6Gateway | 2016-04-28 | 300/60(s) | Maximum frequency that each Alibaba Cloud account can call the DeleteIpv6Gateway operation | No |
DeleteIpv6InternetBandwidth | 2016-04-28 | 300/60(s) | Maximum frequency that each Alibaba Cloud account can call the DeleteIpv6 InternetBandwidth operation | No |
DescribeIpv6EgressOnlyRules | 2016-04-28 | 300/60(s) | Maximum frequency that each Alibaba Cloud account can call the DescribeIpv6 EgressOnlyRules operation | No |
DescribeIpv6GatewayAttribute | 2016-04-28 | 300/60(s) | Maximum frequency that each Alibaba Cloud account can call the DescribeIpv6 GatewayAttribute operation | No |
DescribeIpv6Gateways | 2016-04-28 | 300/60(s) | Maximum frequency that each Alibaba Cloud account can call the DescribeIpv6Gateways operation | No |
DescribeRegions | 2016-04-28 | 600/60(s) | Maximum frequency that each Alibaba Cloud account can call the DescribeRegions operation | No |
ModifyIpv6AddressAttribute | 2016-04-28 | 300/60(s) | Maximum frequency that each Alibaba Cloud account can call the ModifyIpv6 AddressAttribute operation | No |
ModifyIpv6GatewayAttribute | 2016-04-28 | 300/60(s) | Maximum frequency that each Alibaba Cloud account can call the ModifyIpv6 GatewayAttribute operation | No |
ModifyIpv6GatewaySpec | 2016-04-28 | 300/60(s) | Maximum frequency that each Alibaba Cloud account can call the ModifyIpv6GatewaySpec operation | No |
ModifyIpv6InternetBandwidth | 2016-04-28 | 300/60(s) | Maximum frequency that each Alibaba Cloud account can call the ModifyIpv6 InternetBandwidth operation | No |
Privileges
When the default value of a privilege is 0, the corresponding advanced feature is unavailable. You must obtain the privilege from Alibaba Cloud before you can use the feature. The following table describes the privileges of VPC.
Name | Description | Adjustable |
havip privilege whitelist | Allows customers who participate in invitational preview to use the HAVIP feature. | You can request a quota increase by using one of the following methods:
|