All Products
Search
Document Center

Virtual Private Cloud:Work with ClassicLink

Last Updated:Sep 25, 2023

Virtual Private Cloud (VPC) provides the ClassicLink feature. This feature allows Elastic Compute Service (ECS) instances in classic networks to communicate with cloud resources deployed in VPCs.

Background information

The ClassicLink feature allows ECS instances in classic networks to communicate with cloud resources deployed in VPCs, such as ECS instances, ApsaraDB RDS instances, and Server Load Balancer (SLB) instances. ECS instances in a VPC can communicate only with ECS instances in classic networks that are connected to the VPC. ECS instances in a VPC cannot communicate with ECS instances or other resources in classic networks that are not connected to the VPC. For more information, see Overview.

Important The ClassicLink feature is supported only in regions that support classic networks. For more information about the regions that support ClassicLink, see View and increase instance quotas.

Enable ClassicLink

  1. Log on to the VPC console.
  2. In the top navigation bar, select the region where the VPC is deployed.

  3. On the VPCs page, find the VPC that you want to view and click its ID.

  4. In the upper-right corner of the VPC details page, click Enable ClassicLink.

  5. In the Enable ClassicLink message, click OK.

    After ClassicLink is enabled, the status of ClassicLink in the VPC Details section changes to Enabled.开启ClassicLink

Create a ClassicLink connection

Prerequisites

Before you can establish a ClassicLink connection, make sure that the following conditions are met:

  • You have read and understand the limits on establishing a ClassicLink connection. For more information, see Overview.

  • The ClassicLink feature is enabled for the VPC to which you want to establish a ClassicLink connection. For more information, see Enable ClassicLink.

  1. Log on to the ECS console.

  2. In the left-side navigation pane, choose Instances & Images > Instances. On the Instances page, select the region where the ECS instance resides.

  3. On the Instances page, find the ECS instance and choose More > Network and Security Group > Set classic link in the Actions column.

  4. In the Connect to VPC dialog box, select the VPC to which you want to connect, click OK, and then click Go to the instance security group list and add ClassicLink rules.

  5. On the Security Groups page, click the security group ID.

  6. In the upper-right corner of the Security Group Rules page, click Add ClassicLink Rule.

  7. In the Add ClassicLink Rule dialog box, set the following parameters and click OK.

    Parameter

    Description

    Classic Security Group

    Displays the name of the security group of the classic network.

    VPC-type Security Groups

    Select a security group of the VPC.

    Mode

    Select one of the following authorization methods:

    • Classic <=> VPC: allows the ECS instance in the classic network and cloud resources in the VPC to access each other. This method is recommended.

    • VPC => Classic: allows the cloud resources in the VPC to access the ECS instance in the classic network.

    • Classic => VPC: allows the ECS instance in the classic network to access cloud resources in the VPC.

    Protocol Type

    Select the protocol for communication.

    Port Range

    Specify the ports that are used for communication. Specify the ports in the xx/xx format. For example, to specify port 80, enter 80/80.

    Priority

    Specify a priority for the rule. A smaller value indicates a higher priority.

    Description

    Enter a description for the security group.

Cancel ClassicLink Connection

You can cancel a ClassicLink connection. After you cancel a ClassicLink connection, connections between ECS instances in classic networks and VPCs are interrupted.

  1. Log on to the ECS console.

  2. In the left-side navigation pane, choose Instances & Images > Instances.

  3. Select the region where the ECS instance is deployed.

  4. On the Instances page, find the ECS instance and choose More > Network and Security Group > Cancel VPC connection status in the Actions column.

  5. In the Disconnect from VPC message, click OK.

Disable ClassicLink

You can disable ClassicLink. After ClassicLink is disabled, ECS instances in classic networks cannot communicate with ECS instances in VPCs. Before you disable ClassicLink, make sure that you have canceled ClassicLink connections between VPCs and classic networks. For more information, see Cancel ClassicLink connections.

  1. Log on to the VPC console.
  2. In the top navigation bar, select the region where your VPC is deployed.
  3. On the VPCs page, find the VPC that and click its ID.

  4. In the upper-right corner of the VPC details page, click Disable ClassicLink.

  5. In the Disable ClassicLink dialog box, click OK.