Before you use a virtual private cloud (VPC), note the following limits.
Limits on VPCs and VSwitches
| Item | Default limit | Quota increase |
|---|---|---|
| Number of VPCs that can be created in each region | 10 |
Go to the Quota Management page and request a quota increase. For more information, see Quota management. |
| Number of VSwitches that can be created in each VPC | 24 | |
| Available CIDR blocks for each VPC | 192.168.0.0/16, 172.16.0.0/12, 10.0.0.0/8, and their subnets | To use a public CIDR block as the VPC CIDR block,submit a ticket. |
| Number of secondary IPv4 CIDR blocks that can be created in each VPC | 1 | N/A |
| Number of user CIDR blocks that can be created in each VPC | 3 | |
| Number of private IP addresses that can be used by cloud resources in each VPC | 60,000
Note
|
|
| Number of tags that can be attached to each VPC | 20 | |
| Number of tags that can be attached to each VSwitch | 20 |
Limits on VRouters and route tables
| Item | Default limit | Quota increase |
|---|---|---|
| Number of VRouters that can be created in each VPC | 1 | N/A |
| Number of custom route tables that can be created in each VPC | 9
Note Custom route tables are supported in all regions except China (Beijing), China (Shenzhen),
and China (Hangzhou).
|
Go to the Quota Management page and request a quota increase. For more information, see Quota management. |
| Number of custom route entries that can be created in each route table | 48 | |
| VPCs that do not support custom route tables | VPCs that contain ECS instances of the following instance families:
ecs.c1, ecs.c2, ecs.c4, ecs.ce4, ecs.cm4, ecs.d1, ecs.e3, ecs.e4, ecs.ga1, ecs.gn4, ecs.gn5, ecs.i1, ecs.m1, ecs.m2, ecs.mn4, ecs.n1, ecs.n2, ecs.n4, ecs.s1, ecs.s2, ecs.s3, ecs.se1, ecs.sn1, ecs.sn2, ecs.t1, and ecs.xn4. For more information, see Overview of VPC advanced features. |
N/A |
| Number of tags that can be attached to each route table | 20 |
Limits on shared VPC
| Item | Default limit | Quota increase |
|---|---|---|
| Number of participants supported by each VPC | 20 | N/A |
| Number of participants supported by each VSwitch in a VPC | 20 | |
| Number of VSwitches that can be shared with each participant | 10 | |
| Number of IP addresses that each VPC can use | Shared by the resource owner and participants | |
| Types of VSwitches that can be shared | Non-default VSwitches | |
| Regions that support shared VPCs |
|
|
| Cloud resources that can be created in a shared VSwitch |
|
|
| Limits on security groups in a shared VPC |
|
Limits on flow logs
| Item | Default limit | Quota increase |
|---|---|---|
| Number of flow logs that can be created in each region | 10 | N/A |
| VPCs that do not support flow logs | VPCs that contain instances of the following instance families:
ecs.c1, ecs.c2, ecs.c4, ecs.ce4, ecs.cm4, ecs.d1, ecs.e3, ecs.e4, ecs.ga1, ecs.gn4, ecs.gn5, ecs.i1, ecs.m1, ecs.m2, ecs.mn4, ecs.n1, ecs.n2, ecs.n4, ecs.s1, ecs.s2, ecs.s3, ecs.se1, ecs.sn1, ecs.sn2, ecs.t1, and ecs.xn4. |
Upgrade or release an Elastic Compute Service (ECS) instance that does not support
advanced network features.
Note If the VPC to which a VSwitch or ENI belongs contains one of the specified instance
families and the flow logs feature is enabled, you must upgrade or release the instance
for flow logs to work as expected. For more information, see Overview of VPC advanced features.
|
| VSwitches that do not support flow logs | VPCs to which VSwitches belong contain instances of the following instance families:
ecs.c1, ecs.c2, ecs.c4, ecs.ce4, ecs.cm4, ecs.d1, ecs.e3, ecs.e4, ecs.ga1, ecs.gn4, ecs.gn5, ecs.i1, ecs.m1, ecs.m2, ecs.mn4, ecs.n1, ecs.n2, ecs.n4, ecs.s1, ecs.s2, ecs.s3, ecs.se1, ecs.sn1, ecs.sn2, ecs.t1, and ecs.xn4. |
|
| ENIs that do not support flow logs | VPCs to which ENIs belong contain instances of the following instance families:
ecs.c1, ecs.c2, ecs.c4, ecs.ce4, ecs.cm4, ecs.d1, ecs.e3, ecs.e4, ecs.ga1, ecs.gn4, ecs.gn5, ecs.i1, ecs.m1, ecs.m2, ecs.mn4, ecs.n1, ecs.n2, ecs.n4, ecs.s1, ecs.s2, ecs.s3, ecs.se1, ecs.sn1, ecs.sn2, ecs.t1, and ecs.xn4. |
Limits on network access control lists (ACLs)
| Item | Default limit | Quota increase |
|---|---|---|
| Number of network ACLs that can be created in each VPC | 200 | N/A |
| Number of network ACLs that can be associated with each VSwitch | 1 | |
| Number of rules that can be added to a network ACL |
|
Go to the Quota Management page and request a quota increase. For more information, see Quota management. |
| VPCs that do not support network ACLs | VPCs that contain instances of the following instance families:
ecs.c1, ecs.c2, ecs.c4, ecs.ce4, ecs.cm4, ecs.d1, ecs.e3, ecs.e4, ecs.ga1, ecs.gn4, ecs.gn5, ecs.i1, ecs.m1, ecs.m2, ecs.mn4, ecs.n1, ecs.n2, ecs.n4, ecs.s1, ecs.s2, ecs.s3, ecs.se1, ecs.sn1, ecs.sn2, ecs.t1, and ecs.xn4. For more information, see Overview of VPC advanced features. |
Upgrade or release an Elastic Compute Service (ECS) instance that does not support
advanced network features.
Note If the VPC contains one of the specified ECS instance families and the network ACL
feature is enabled, you must upgrade or release the ECS instance for the network ACL
to work as expected.
|
Limits on high-availability virtual IP addresses (HAVIPs)
| Item | Default limit | Quota increase |
|---|---|---|
| Network types that support HAVIPs | VPCs | N/A |
| Number of HAVIPs that can be created under each account | 5 | |
| Number of HAVIPs that can be created in each VPC | 5 | |
| Number of HAVIPs that can be associated with each ECS instance | 5 | |
| Number of ECS instances that can be associated with each HAVIP | 2 | |
| Number of route entries destined for an HAVIP in each VPC | 5 | |
| Whether HAVIPs support broadcast or multicast communication | N/A
Note HAVIPs support only unicast. To implement high availability through third-party software
such keepalived, you must modify the configuration file to change the communication
method to unicast.
|