A virtual private cloud (VPC) is a virtual network dedicated to your Alibaba Cloud account. You have full control over your VPC. For example, you can specify the CIDR block and configure route tables and gateways for your VPC. You can also deploy Alibaba Cloud resources, such as Elastic Compute Service (ECS) instances, ApsaraDB RDS instances, and Server Load Balancer (SLB) instances in your VPC.

You can connect your VPC to on-premises networks over Express Connect circuits to create a custom network environment. This lets you easily migrate your applications to the cloud and extend the capabilities of your on-premises environment.

What is a VPC?

Components

Each VPC consists of one vRouter, at least one private CIDR block, and at least one vSwitch.

VPC components

  • Private CIDR blocks

    When you create a VPC and a vSwitch, you must specify the private IP address range for the VPC in CIDR notation.

    You can use one of the standard private CIDR blocks listed in the following table as the private CIDR block of a VPC, or use a custom CIDR block. For more information about CIDR blocks, see Plan networks.

    CIDR blockDescription
    192.168.0.0/16Number of available private IP addresses (excluding IP addresses reserved by the system): 65,532
    172.16.0.0/12Number of available private IP addresses (excluding IP addresses reserved by the system): 1,048,572
    10.0.0.0/8Number of available private IP addresses (excluding IP addresses reserved by the system): 16,777,212
    Custom CIDR blockYou can also use a custom CIDR block other than 100.64.0.0/10, 224.0.0.0/4, 127.0.0.0/8, 169.254.0.0/16, or their subnets.

  • vRouters

    A vRouter is the hub of a VPC. As a core component, it connects the vSwitches in a VPC and serves as a gateway between a VPC and other networks. After a VPC is created, a vRouter is automatically created for the VPC. A vRouter can be associated with only one route table.

    For more information about route tables, see Route table overview.

  • vSwitches

    A vSwitch is a basic network component that connects different cloud resources in a VPC. After you create a VPC, you can create vSwitches to create one or more subnets for the VPC. vSwitches in the same VPC can communicate with each other. You can deploy your applications in vSwitches that belong to different zones to improve service availability.

    For more information about vSwitches, see Create and manage a vSwitch.

Access and manage a VPC

After creating an Alibaba Cloud account, you can access and manage your VPC in the following ways:
  • VPC console: the web-based user interface provided by Alibaba Cloud. You can log on to the VPC console to create, use, or delete VPCs. For more information, see Create and manage a VPC.
  • Alibaba Cloud SDKs: SDKs for Java, Go, PHP, Python, and other programming languages.
  • OpenAPI Explorer: allows you to retrieve and call API operations and dynamically generate SDK sample code.
  • Terraform: helps you implement version control for cloud and on-premises resources. You can use Terraform configuration files to orchestrate resources on Alibaba Cloud and other cloud service platforms that support Terraform.