This topic describes how to create a virtual private cloud (VPC) with an IPv4 CIDR block. After you create the VPC, you can associate elastic IP addresses (EIPs) with the Elastic Compute Service (ECS) instances in the VPC. This allows the ECS instances to access the Internet.

Prerequisites

Before you deploy cloud resources in a VPC, you must plan your CIDR blocks in the VPC. For more information, see Plan your network.

Step 1: Create a VPC and a vSwitch

To create a VPC and a vSwitch, perform the following operations:

  1. Log on to the VPC console.
  2. In the top navigation bar, select the region where you want to deploy the VPC.

    The VPC and the cloud resources that you want to deploy must belong to the same region. China (Qingdao) is selected in this example.

  3. On the VPCs page, click Create VPC.
  4. On the Create VPC page, set the following parameters and click OK.
    Parameter Description
    VPC
    Region The region where the VPC is to be deployed.
    Name Enter a name for the VPC.

    The name must be 2 to 128 characters in length, and can contain letters, digits, underscores (_), and hyphens (-). The name must start with a letter.

    IPv4 CIDR Block Enter an IPv4 CIDR block for the VPC.
    You can specify 192.168.0.0/16, 172.16.0.0/12, 10.0.0.0/8, or their subnets as the primary IPv4 CIDR block of the VPC. The subnet mask must be 8 to 24 bits in length. 192.168.0.0/24 is used in this example. To use a public CIDR block as the CIDR block of the VPC, submit a ticket.
    Note After you create a VPC, you cannot change its primary IPv4 CIDR block. However, you can add a secondary IPv4 CIDR block to the VPC. For more information, see Add a secondary IPv4 CIDR block.
    IPv6 CIDR Block Specify whether to assign an IPv6 CIDR block to the VPC. By default, no IPv6 CIDR block is assigned.

    If you select Assign (Default), the system automatically creates a free IPv6 gateway for this VPC, and assigns an IPv6 CIDR block with subnet mask /56, such as 2xx1:db8::/56. By default, IPv6 addresses can be used to communicate only within private networks. If you want to use an IPv6 address to access the Internet or allow IPv6 clients to access the IPv6 address over the Internet, you must purchase an Internet bandwidth plan for the IPv6 address. For more information, see Purchase a public bandwidth plan for an IPv6 address.

    Note
    • The following regions support IPv6 CIDR blocks: China (Beijing), China (Zhangjiakou), China (Hohhot), China (Hangzhou), China (Shanghai), China (Shenzhen), China (Chengdu), China (Hong Kong), Singapore (Singapore), US (Virginia), and Germany (Frankfurt).
    • After you create a VPC, you cannot change its IPv6 CIDR block.
    Description Enter a description for the VPC.

    The description must be 2 to 256 characters in length and cannot start with http:// or https://.

    Resource Group Select the resource group to which the VPC belongs.
    vSwitch
    Name Enter a name for the vSwitch.

    The name must be 2 to 128 characters in length, and can contain letters, digits, underscores (_), and hyphens (-). The name must start with a letter.

    Zone Select a zone for the vSwitch. In the same VPC, vSwitches in different zones can communicate with each other.
    Zone Resource Displays the cloud resources that can be created in the specified zone.

    The cloud resources that are available in the zone vary by time. The inventory status of the instance types on the buy page shall prevail. Only ECS, ApsaraDB RDS, and SLB instances can be queried on the buy page.

    IPv4 CIDR Block Specify an IPv4 CIDR block for the vSwitch.
    When you specify an IPv4 CIDR block for the vSwitch, take note of the following limits:
    • The CIDR block of a vSwitch must be a subset of the CIDR block of the VPC to which the vSwitch belongs.

      For example, if the CIDR block of a VPC is 192.168.0.0/16, the CIDR block of a vSwitch in the VPC must be a subset of 192.168.0.0/16. In this example, the CIDR block of the vSwitch can range from 192.168.0.0/17 to 192.168.0.0/29.

    • The first IP address and last three IP addresses of a vSwitch CIDR block are reserved.

      For example, if a vSwitch CIDR block is 192.168.1.0/24, the IP addresses 192.168.1.0, 192.168.1.253, 192.168.1.254, and 192.168.1.255 are reserved.

    • If a vSwitch is required to communicate with vSwitches in other VPCs or with data centers, make sure that the CIDR block of the vSwitch does not overlap with the destination CIDR blocks.
    Note After you create a vSwitch, you cannot modify its CIDR block.
    Available IP Addresses Displays the number of available IP addresses.
    IPv6 CIDR Block Specify an IPv6 CIDR block for the vSwitch.

    By default, the subnet mask for the IPv6 CIDR block of a vSwitch is /64. You can enter a number from 0 to 255 to define the last 8 bits of the IPv6 CIDR block.

    For example, if the IPv6 CIDR block of the VPC is 2xx8:4004:c0:b900::/56, you can specify 255 to define the last 8 bits of the IPv6 CIDR block. In this case, the IPv6 CIDR block of the vSwitch is 2xx8:4004:c0:b9ff::/64. ff is the hexadecimal value of 255.

    Description Enter a description for the vSwitch.

    The description must be 2 to 256 characters in length and cannot start with http:// or https://.

Step 2: Create an ECS instance

To create an ECS instance in the VPC, perform the following operations:

  1. Log on to the VPC console.
  2. In the left-side navigation pane, click vSwitch.
  3. In the top navigation bar, select the region where the vSwitch is deployed. China (Qingdao) is selected in this example.
  4. On the vSwitch page, find the vSwitch that you want to manage, and choose Create > ECS Instance in the Actions column.
  5. On the Custom Launch tab, set the following parameters:
    For more information about how to configure an ECS instance, see Create an instance by using the wizard.
    • Network Type: Select the VPC and the vSwitch that you created.
    • Public IP Address: Clear the check box.
    • Security Group: Use the default security group.
  6. Click Create Order and complete the payment.
  7. Log on to the ECS console. In the left-side navigation pane, click Instances. On the Instances page, view details of the ECS instance.
    View details of the ECS instance

Step 3: Create an EIP and associate the EIP with the ECS instance

An EIP is a public IP address that you can purchase and own as an independent resource. You can associate EIPs with ECS instances in a VPC to enable the ECS instances to access the Internet.

To create an EIP and associate the EIP with the ECS instance, perform the following operations:

  1. Log on to the Elastic IP Address console.
  2. On the Elastic IP Addresses page, click Create EIP.
  3. On the Elastic IP page, set the parameters, click Buy Now, and then complete the payment.
    For more information, see Apply for an EIP.
  4. On the Elastic IP Addresses page, find the EIP that you created and click Bind Resource in the Actions column.
  5. In the Bind Elastic IP Address to Resources dialog box, set the following parameters and click OK.
    • Instance Type: Select ECS Instance from the drop-down list.
    • Binding mode: Select the mode in which the EIP is associated with the ECS instance.

      Only the Normal mode is supported.

    • Select an instance to bind: Select the ECS instance in Step 2: Create an ECS instance.

Step 4: Test Internet connectivity

To test the connectivity between the ECS instance and the Internet, perform the following operations:

  1. Log on to the ECS instance with which the EIP is associated.
  2. Run the ping command to test the connectivity between the ECS instance and the Internet.
    The test result shows that the ECS instance can access the Internet. Test connectivity