This topic describes how to create a virtual private cloud (VPC) with an IPv4 CIDR block. After you create the VPC, you can associate elastic IP addresses (EIPs) with the Elastic Compute Service (ECS) instances in the VPC. This allows the ECS instances to access the Internet.

Prerequisites

Before you can deploy cloud resources in a VPC, you must plan your CIDR blocks in the VPC. For more information, see Plan and design a VPC.

Step 1: Create a VPC and a vSwitch

To create a VPC and a vSwitch, perform the following operations:

  1. Log on to the VPC console.
  2. In the top navigation bar, select the region where you want to deploy the VPC.

    The VPC and the cloud resources that you want to deploy must belong to the same region. China (Qingdao) is selected in this example.

  3. On the VPCs page, click Create VPC.
  4. On the Create VPC page, set the following parameters and click OK.
    Parameter Description
    VPC
    Region Displays the region where you want to deploy the VPC.
    Name Enter a name for the VPC that you want to create.

    The name must be 2 to 128 characters in length, and can contain digits, underscores (_), and hyphens (-). It must start with a letter.

    IPv4 CIDR Block Enter an IPv4 CIDR block for the VPC.
    We recommend that you enter 192.168.0.0/16, 172.16.0.0/12, 10.0.0.0/8, or a subset of these CIDR blocks as the primary IPv4 CIDR block of the VPC. The subnet mask must be 8 to 24 bits in length. 192.168.0.0/24 is used in this example. To use a public CIDR block as the primary CIDR block of the VPC,submit a ticket.
    Note After you create a VPC, you cannot change its primary IPv4 CIDR block. However, you can add a secondary IPv4 CIDR block to the VPC. For more information, see Add a secondary IPv4 CIDR block.
    IPv6 CIDR Block Specify whether to assign an IPv6 CIDR block to the VPC. By default, no IPv6 CIDR block is allocated.

    If you set this parameter to Assign, the system automatically creates a free IPv6 gateway for this VPC, and assigns an IPv6 CIDR block with the subnet mask /56, such as 2xx1:db8::/56. By default, IPv6 addresses can be used to communicate within only private networks. If you want to allow an instance assigned with an IPv6 address to access the Internet or be accessed by IPv6 clients over the Internet, you must purchase an Internet bandwidth plan for the IPv6 address. For more information, see Enable Internet connectivity for an IPv6 address.

    Note
    • The following regions support IPv6 CIDR blocks: China (Hangzhou), China (Shanghai), China (Shenzhen), China (Beijing), China (Zhangjiakou), China (Hohhot), China (Chengdu), China (Hong Kong), and Singapore (Singapore)..
    • After you create a VPC, you cannot change its IPv6 CIDR block.
    Description Enter a description for the VPC.

    The description must be 2 to 256 characters in length and cannot start with http:// or https://.

    Resource Group Select the resource set to which the VPC belongs.
    vSwitch
    Name Enter a name for the vSwitch.

    The name must be 2 to 128 characters in length, and can contain digits, underscores (_), and hyphens (-). It must start with a letter.

    Zone Select a zone for the vSwitch. In the same VPC, vSwitches in different zones can communicate with each other.
    Zone Resource Displays the cloud resources that can be created in the specified zone.

    The supported cloud resources vary based on the zone and the time when you create cloud resources. The instances provided in this topic are for reference only. The actual instances on the buy page shall prevail. Only ECS, ApsaraDB RDS, and SLB instances can be queried on the buy page.

    IPv4 CIDR Block Specify an IPv4 CIDR block for the vSwitch.
    When you specify an IPv4 CIDR block for the vSwitch, take note of the following limits:
    • The CIDR block of a vSwitch must be a subset of the CIDR block of the VPC to which the vSwitch belongs.

      For example, if the CIDR block of a VPC is 192.168.0.0/16, the CIDR block of a vSwitch in the VPC must be a subset of 192.168.0.0/16. In this example, the CIDR block of the vSwitch can range from 192.168.0.0/17 to 192.168.0.0/29.

    • The first IP address and last three IP addresses of a vSwitch CIDR block are reserved.

      For example, if a vSwitch CIDR block is 192.168.1.0/24, the IP addresses 192.168.1.0, 192.168.1.253, 192.168.1.254, and 192.168.1.255 are reserved.

    • If the vSwitch is required to communicate with vSwitches in other VPCs or with data centers, make sure that the CIDR block of the vSwitch does not overlap with the destination CIDR blocks.
    Note After you create a vSwitch, you cannot modify its CIDR block.
    Number of Available Private IPs Displays the number of available IP addresses.
    IPv6 CIDR Block Specify an IPv6 CIDR block for the vSwitch.

    By default, the subnet mask for the IPv6 CIDR block of a vSwitch is /64. You can enter a number from 0 to 255 to define the last 8 bits of the IPv6 CIDR block.

    For example, if the IPv6 CIDR block of the VPC is 2xx8:4004:c0:b900::/56, you can specify 255 to define the last 8 bits of the IPv6 CIDR block. In this case, the IPv6 CIDR block of the vSwitch is 2xx8:4004:c0:b9ff::/64. ff is the hexadecimal value of 255.

    Description Enter a description for the vSwitch.

    The description must be 2 to 256 characters in length and cannot start with http:// or https://.

Step 2: Create an ECS instance

To create an ECS instance in the VPC, perform the following operations:

  1. Log on to the VPC console.
  2. In the left-side navigation pane, click VSwitches.
  3. In the top navigation bar, select the region where the vSwitch is deployed. China (Qingdao) is selected in this example.
  4. On the VSwitches page, find the vSwitch that you want to manage, and choose Create > ECS Instance in the Actions column.
  5. On the Custom Launch tab, set the following parameters:
    For more information about how to configure an ECS instance, see Create an instance by using the wizard.
    • Network Type: Select the VPC and the vSwitch that you created.
    • Public IP Address: Clear the check box.
    • Security Group: Use the default security group.
  6. Click Create Order and complete the payment.
  7. Log on to the ECS console. In the left-side navigation pane, click Instances. On the Instances page, view details of the ECS instance.
    View details of the ECS instance

Step 3: Create an EIP and associate the EIP with the ECS instance

An EIP is a public IP address that you can purchase and own as an independent resource. You can associate EIPs with ECS instances in a VPC to enable the ECS instances to access the Internet.

To create an EIP and associate the EIP with the ECS instance, perform the following operations:

  1. Log on to the VPC console.
  2. In the left-side navigation pane, choose Elastic IP Addresses > Elastic IP Addresses.
  3. On the Elastic IP Addresses page, click Create EIP.
  4. On the Elastic IP page, set the parameters of the EIP, click Buy Now, and then complete the payment.
    For more information, see Apply for new EIPs.
  5. On the Elastic IP Addresses page, find the EIP that you created and click Bind Resource in the Actions column.
  6. In the Bind Elastic IP Address to Resources dialog box, set the following parameters and click OK.
    • Instance Type: Select ECS Instance from the drop-down list.
    • Binding mode: Select a mode in which the EIP is associated with the ECS instance.

      Only the NAT mode is supported.

    • Select an instance to bind: Select the ECS instance in Step 2: Create an ECS instance.

Step 4: Test Internet connectivity

To test Internet connectivity of the ECS instance, perform the following operations:

  1. Log on to the ECS instance with which the EIP is associated.
  2. Run the ping command to test the connectivity between the ECS instance and the Internet.
    The test result shows that the ECS instance can access the Internet. Test connectivity