CloudBox extends virtual private cloud (VPC) environments to your data center to provide you with user experience consistent with that in the Alibaba Cloud public cloud. This ensures that you can process data in your data center with low latency and manage your cloud boxes in the Alibaba Cloud Management Console. This topic describes the networking of cloud boxes.
A VPC is a logically isolated private network in the cloud. You can deploy cloud boxes in the specified regions and create vSwitches to extend VPC environments from Alibaba Cloud to the cloud boxes in your data center. The following figure shows the networking between a cloud box and the Alibaba Cloud public cloud.
- A cloud box corresponds to a zone. You can create vSwitches in a cloud box to extend VPC environments to the cloud box.
- The environments of multiple VPCs can be extended to the same cloud box, which means that you can create multiple vSwitches in a cloud box.
- A cloud box provides the same network capabilities as the Alibaba Cloud public cloud, and supports features such as subnet routing, network access control lists (ACLs), and security groups.
- The internal resources of a cloud box can access each other in a subset or across subnets in the VPC environments extended to the cloud box, but not in the VPCs in the Alibaba Cloud public cloud.
- Instances created in a cloud box cannot be associated with public IP addresses in the Alibaba Cloud public cloud. The public IP addresses include the elastic IP addresses (EIPs) that are separately purchased and the public IP addresses of NAT gateways that are allocated by Elastic Compute Service (ECS) instances.
- A cloud box can be connected to the Alibaba Cloud public cloud over an Express Connect circuit or the Internet. The bandwidth of the network connection is affected by the quality of the connection channel between the two sides.
- If the cloud box is connected over an Express Connect circuit, you can use Express Connect as the connection channel. However, in this case, only dedicated Express Connect circuits are supported. For more information, see What is Express Connect?.
- If the cloud box is connected over the Internet, you can use Smart Access Gateway (SAG) as the connection channel. For more information, see What is SAG?.
Note Express Connect circuits are deployed by Alibaba Cloud and must be separately purchased. Express Connect circuits are not included in the billable items of cloud box orders. SAG hardware devices are preset in cloud boxes, and the corresponding bandwidth is included in the billable items of cloud box orders. For more information, see Network bandwidth. - A cloud box can be connected to an on-premises device over on-premises communications devices.