Change the network type of an RDS SQL Server instance

Edit in GitHub

Last Updated: Mar 06, 2020 Edit in GitHub

This topic describes how to change the network type of an RDS SQL Server instance.

Network types

Classic network: Instances in a classic network are not isolated. Access control is implemented for instances by using whitelists.
Virtual Private Cloud (VPC): A VPC is an isolated network environment. We recommend that you use VPC because it is more secure.
You can customize the routing table, IP address range, and gateway of the VPC. To smoothly migrate applications to the cloud, you can use a leased line or VPN to connect your own data center to a VPC on the cloud to make a virtual data center.

Note You can use the classic network or VPC and switch between the network types for free.

Precautions

After the network type of an RDS instance is switched to classic network, the endpoints remain unchanged, but the corresponding IP addresses change.
After the network type of an RDS instance is switched to classic network, ECS instances in VPCs cannot access the RDS instance by using the internal endpoint. Make sure that you change the endpoint on the application.
Switching the network type may result in a disconnection of 30 seconds. To avoid impacts that arise from this operation, we recommend that you perform the switching during off-peak hours, or configure automatic reconnection policies for your application.
Instances in the SQL Server 2012/2016 High-availability Edition or SQL Server 2017/2019 do not support the classic network. Therefore, you cannot switch these instances to the classic network.

Procedure

Log on to the ApsaraDB for RDS console.
In the upper-left corner, select the region where the target RDS instance is located.
Find the target RDS instance and click the instance ID.
In the left-side navigation pane, click Database Connection.
In the Database Connection section, click Switch to Classic Network.
In the message that appears, click OK.
After the network type is switched, only ECS instances in classic networks can access the RDS instance over the internal network. Make sure that you configure the endpoint of the RDS instance on the ECS instance in the classic network.
Configure the whitelist of the RDS instance to allow access from the ECS instance over the internal network.
The RDS instance applies the standard whitelist mode, as shown in the following figure. You must add the internal endpoint of the ECS instance in the classic network to any whitelist of the RDS instance.

Precautions

Instances in the SQL Server 2008 R2 version do not support the network type change from classic network to VPC.
Temporary instances only support the classic network type.

Procedure

Log on to the ApsaraDB for RDS console.
In the upper-left corner, select the region where the target RDS instance is located.
Find the target RDS instance and click the instance ID.
In the left-side navigation pane, click Database Connection .
Click Switch to VPC.

In the dialog box that appears, select a VPC and a VSwitch, and specify whether to retain the classic network address.

Select a VPC. We recommend that you select the VPC where your ECS instance is located. Otherwise, the ECS and RDS instances cannot connect to each other over the internal network unless Alibaba Cloud CEN tutorialsor VPN Gateway are created to connect the two VPCs.
Select a VSwitch. If there is no VSwitch in the VPC that you select, as shown in the following figure, you must create a VSwitch in the zone where the instance is located. For more information, see Manage VSwitches.

Select or clear Reserve Original Classic Endpoint as needed. The following table describes the details.


Action	Description
Clear	The classic network address is not retained. The original classic network address is changed to the VPC address. If you do not retain the classic network address, the RDS instance will be disconnected for 30 seconds, and the access from the ECS instance in the classic network to the RDS instance over the internal network is immediately disconnected when you switch the network type.
Select	The classic network address is retained, and a new VPC address is generated, as shown in the following figure. It indicates that the hybrid access mode is enabled, and the RDS instance can be accessed by ECS instances in both a classic network and a VPC. If you retain the classic network address, the RDS instance will not be disconnected when you switch the network type. The internal access from the ECS instance in the classic network to the RDS instance is only disconnected when the classic network address expires. Before the classic network address expires, make sure that the VPC address has been configured in the ECS instance in the VPC to smoothly migrate your services to the VPC. The system will send an SMS message to the phone number bound to your Alibaba Cloud account every day in the seven days before the classic network address expires. For more information, see Configure a hybrid access solution to smoothly migrate an RDS instance from the classic network to a VPC.

Add the internal IP address of the ECS instance in the VPC to the VPC whitelist of the RDS instance, so that the ECS instance can access the RDS instance over the internal network, as shown in the following figure. If there is no VPC whitelist, you must create a new whitelist.
Perform one of the following operations as needed:
- If you retain the classic network address, you must configure the VPC address of the RDS instance in the ECS instance that is in the VPC.
- If you do not retain the classic network address, the access from the ECS instance in the classic network to the RDS instance over the internal network is immediately disconnected when you switch the network type. You must configure the VPC address of the RDS instance in the ECS instance that is in the VPC.
Note If you need to use the ECS instance in the classic network to access the RDS instance in the VPC, you can use the ClassicLink function or migrate the ECS instance to the VPC.


API	Description
ModifyDBInstanceNetworkType	Used to change the network type of an RDS instance.