A Virtual Private Cloud (VPC) is an isolated network on Alibaba Cloud where you control CIDR blocks, subnets, routing, and access policies.
Components
A VPC consists of a private CIDR block, a vRouter, and one or more vSwitches.
Private CIDR block
When you create a VPC, assign a private CIDR block from the standard ranges below or define a custom range. See Plan networks.
|
CIDR block |
Available private IP addresses (system-reserved excluded) |
|
192.168.0.0/16 |
65,532 |
|
172.16.0.0/12 |
1,048,572 |
|
10.0.0.0/8 |
16,777,212 |
|
Custom CIDR block |
Any range except 100.64.0.0/10, 224.0.0.0/4, 127.0.0.0/8, 169.254.0.0/16, and their subsets |
vRouter
A vRouter connects all vSwitches in a VPC and serves as the gateway to external networks. Alibaba Cloud automatically creates a vRouter with at least one route table when you create a VPC. See VPC route tables.
vSwitch
A vSwitch divides a VPC into subnets. All cloud resources in a VPC, such as ECS instances, must reside in a vSwitch. vSwitches in the same VPC can communicate with each other.
To improve availability, deploy applications across vSwitches in different zones. See VPCs and vSwitches.
Connectivity
Resources in a VPC can connect to the following networks:
-
The Internet -- Enable public access to and from cloud resources.
-
Other VPCs -- Communicate between workloads in separate VPCs.
-
On-premises data centers -- Connect local infrastructure to Alibaba Cloud for hybrid deployments.
Create a VPC and vSwitch
Create a VPC and at least one vSwitch before deploying cloud resources. See Plan networks.