All Products
Search
Document Center

Elastic Compute Service:Overview

Last Updated:Sep 05, 2023

Elastic Compute Service (ECS) instances that reside in virtual private clouds (VPCs) support the IPv4 and IPv6 addressing protocols.

By default, VPCs support the IPv4 addressing protocol. When you create a VPC, you must specify an IPv4 CIDR block for the VPC. You can optionally associate multiple IPv6 CIDR blocks with your VPC. You can create multiple vSwitches in a VPC to divide the VPC into subnets. By default, subnets in the same VPC can communicate with each other. You can assign IP addresses in the vSwitches (subnets) of VPCs to ECS instances. For more information, see Overview of VPCs and vSwitches.

Private IPv4 addresses

A private IPv4 address is an IP address that is not reachable over the Internet. You can use private IPv4 addresses for communication between instances and internal resources. Private IPv4 addresses are allocated to instances by using Dynamic Host Configuration Protocol (DHCP). A private IPv4 address that is assigned to an instance must belong to the IPv4 CIDR block for the vSwitch of the VPC where the instance resides. The number of private IPv4 addresses that can be associated with each elastic network interface (ENI) on an instance varies based on the instance type. For more information, see the Private IPv4 addresses per ENI columns in Overview of instance families.

Take note of the following items:

  • When an instance is started, the instance receives a primary private IPv4 address from the CIDR block of the vSwitch to which the instance is connected. The primary private IPv4 address serves as the default egress private IP address. If you do not specify a primary private IPv4 address when you create an instance, Alibaba Cloud automatically assigns an available IPv4 address from the IPv4 CIDR block of the vSwitch to the instance. Each instance has only one primary private IPv4 address and one primary ENI that is assigned the primary private IPv4 address. After the primary private IPv4 address is assigned to the instance, the primary private IPv4 address cannot be reclaimed before the instance is released. For information about how to modify the primary private IPv4 address of an instance, see Modify a private IP address.

  • You can also specify additional private IPv4 addresses, known as secondary private IPv4 addresses, for an instance. Unlike primary private IPv4 addresses, secondary private IPv4 addresses can be unassigned from the associated instances before the instances are released and can be reassigned to new instances. When secondary private IPv4 addresses are assigned to instances, you cannot reassign the addresses. After secondary private IPv4 addresses are assigned to an instance, you must configure the secondary private IPv4 addresses. For more information, see Assign secondary private IP addresses.

  • Private IPv4 addresses are retained when the instances are stopped or started, and are reclaimed when the instances are released.

Public IPv4 addresses

A public IPv4 address is an IP address that is reachable from the Internet. You can use public IPv4 addresses for communication between your instances and the Internet. To allow an instance that is assigned a public IPv4 address to access the Internet, purchase public bandwidth for the instance. For information about how to configure public bandwidth, see Best practices for configuring public bandwidth.

Take note of the following items:

ECS instances that reside in VPCs support system-assigned public IP addresses and elastic IP addresses (EIPs).

  • When you create an instance, you can configure public bandwidth for the instance. Then, when the instance is started, Alibaba Cloud assigns a public IPv4 address in the public IPv4 address pool to the instance. By default, Alibaba Cloud does not assign a system-assigned public IP address to instances.

  • You cannot assign a system-assigned public IP address to an instance or unassign the address from the instance. When an instance is released, the system-assigned public IP address of the instance cannot be retained and is reclaimed back to the public IPv4 address pool. In some cases, after the system-assigned public IP address of the instance is reclaimed, the instance may be reassigned a new one.

  • If you want to permanently use a public IPv4 address and assign the public IPv4 address to different instances, convert the public IPv4 address into an EIP. For more information, see Convert the public IP address of an instance in a VPC to an EIP.

  • An EIP is a public IP address that you can purchase and use as an independent resource. You can apply for an EIP or convert a system-assigned public IP address into an EIP. You can associate EIPs with instances and disassociate EIPs from instances. Each instance can have multiple EIPs. For more information, see Associate an EIP with a secondary ENI. If EIPs are associated with instances, the EIPs are retained after the instances are released. For information about how to release EIPs, see Release a pay-as-you-go EIP. For information about how to use EIPs, see EIP overview.

You are charged fees based on the public IP addresses that are used by your instance.

  • When your instance uses a system-assigned public IP address to access the Internet, you are charged only for outbound public bandwidth. You are not charged for the retention of the public IP address. For more information, see Public bandwidth.

  • When your instance uses an EIP to access the Internet, you are charged for outbound public bandwidth and for the retention of the EIP. For more information, see Billing overview.

IPv6 addresses

Alibaba Cloud VPCs support IPv6 addresses. After you enable the IPv6 addressing protocol, Alibaba Cloud assigns IPv6 CIDR blocks from the IPv6 address pool to VPCs. You cannot choose the range of the CIDR blocks. If a VPC supports IPv6 addresses, vSwitches that are created in the VPC support IPv6 CIDR blocks. You can specify an IPv6 CIDR block for a vSwitch when you create the vSwitch or enable IPv6 for an existing vSwitch. For more information, see Create and manage a vSwitch. An IPv6 address that is assigned to an instance must belong to the IPv6 CIDR block for the vSwitch of the VPC where the instance resides. The number of IPv6 addresses that can be associated with each ENI on an instance varies based on the instance type. For more information, see the IPv6 addresses per ENI columns in Overview of instance families.

Take note of the following items:

IPv6 addresses are globally unique and can be configured to remain private or reachable over the Internet. If you want to allow traffic to or from IPv6 addresses over the Internet, you must enable public bandwidth for the IPv6 addresses. For more information, see Step 3: Enable IPv6 public bandwidth.

  • If your instance receives multiple IPv6 addresses when you create the instance, the IPv6 addresses are associated with the primary ENI of the instance.

  • After you create an instance, you can assign one or more IPv6 addresses to the instance.

After the instance is assigned IPv6 addresses, you must log on to the instance to configure the IPv6 addresses. For more information, see Configure an IPv6 address for a Windows instance and Configure an IPv6 address for a Linux instance. IPv6 addresses can be unassigned from the associated instances when the instances are released and can be reassigned to new instances. When IPv6 addresses are assigned to instances, you cannot reassign the addresses. IPv6 addresses are retained when the instances are stopped or started, and are reclaimed when the instances are released.

IP address management

To manage the private IP address of an instance, see the following topics:

To manage the public IPv4 address of an instance, see the following topics: