This topic describes how to create a virtual private cloud (VPC) with an IPv4 CIDR block and associate an elastic IP address (EIP) with an Elastic Compute Service (ECS) instance in the VPC. After an EIP is associated with an ECS instance, the ECS instance can communicate with the Internet.
Step 1: Create a VPC and a vSwitch
- Log on to the VPC console.
- In the top navigation bar, select the region where you want to create the VPC.
The VPC and the cloud resources that you want to deploy must belong to the same region. China (Qingdao) is selected in this example.
- On the VPCs page, click Create VPC.
- On the Create VPC page, set the following parameters and click OK. Note In this example, IPv6 is enabled.
Parameter Description VPC Region Displays the region where you want to create the VPC. Name Enter a name for the VPC. IPv4 CIDR Block Enter a primary IPv4 CIDR block for the VPC.
Note After you create a VPC, you cannot change its primary IPv4 CIDR block. However, you can add a secondary IPv4 CIDR block to the VPC. For more information, see Add a secondary CIDR block.
- You can specify one of the following CIDR blocks or their subsets as the primary IPv4 CIDR block of the VPC: 192.168.0.0/16, 172.16.0.0/12, and 10.0.0.0/8. These CIDR blocks are standard private CIDR blocks as defined by Request for Comments (RFC) documents. The subnet mask must be 8 to 28 bits in length. For example, enter 192.168.0.0/24.
- You can also use a custom CIDR block other than 100.64.0.0/10, 184.108.40.206/4, 127.0.0.0/8, 169.254.0.0/16, and their subnets as the primary IPv4 CIDR block of the VPC.
- In scenarios where multiple VPCs are used or in hybrid cloud scenarios where data centers and VPCs are used, we recommend that you use subsets of standard RFC CIDR blocks as VPC CIDR blocks with subnet masks no more than 16 bits in length. Make sure that the CIDR blocks of the VPCs do not overlap in both scenarios. In addition, the CIDR blocks of the VPCs cannot overlap with those of the data centers in hybrid cloud scenarios.
IPv6 CIDR Block Specify whether to assign an IPv6 CIDR block to the VPC. In this example, Assign (Default) is selected.
If you set this parameter to Assign, the system automatically creates an IPv6 gateway of Free Edition for this VPC, and assigns an IPv6 CIDR block with the subnet mask /56, such as 2408:4005:3c5:6e00::/56. By default, IPv6 addresses are used only for communication within private networks. If you want to use an IPv6 address to access the Internet or provide services to IPv6 clients over the Internet, you must purchase Internet bandwidth for the IPv6 address. For more information, see Enable and manage IPv6 Internet bandwidth.Note
- The following regions support IPv6 CIDR blocks: China (Qingdao), China (Beijing), China (Zhangjiakou), China (Hohhot), China (Ulanqab), China (Hangzhou), China (Shanghai), China (Shenzhen), China (Heyuan), China (Guangzhou), China (Chengdu), China (Hong Kong), Philippines (Manila), Singapore (Singapore), US (Virginia), and Germany (Frankfurt).
- After you create a VPC, you cannot change its primary IPv6 CIDR block. However, you can add a secondary IPv6 CIDR block to the VPC. For more information, see Add a secondary CIDR block.
Description Enter a description for the VPC. Resource Group Select the resource group to which the VPC belongs. vSwitch Name
Enter a name for the vSwitch.
In the drop-down list, select a zone for the vSwitch. In the same VPC, vSwitches in different zones can communicate with each other.
The drop-down list shows whether Elastic Compute Service (ECS) instances, ApsaraDB RDS instances, internal-facing Classic Load Balancer (CLB) instances, and internal-facing Application Load Balancer (ALB) instances are supported in each zone. The supported cloud resources vary based on the zone and the time when you create cloud resources. The instances provided in this topic are for reference only. The actual instances on the buy page shall prevail.
IPv4 CIDR BlockEnter an IPv4 CIDR block for the vSwitch. When you specify a CIDR block for the vSwitch, take note of the following limits:
Note After you create a vSwitch, you cannot change its CIDR block.
- The CIDR block of a vSwitch must be a proper subset of the CIDR block of the VPC to
which the vSwitch belongs.
For example, if the CIDR block of a VPC is 192.168.0.0/16, the CIDR block of a vSwitch in the VPC can range from 192.168.0.0/17 to 192.168.0.0/29.
- The first IP address and last three IP addresses of a vSwitch CIDR block are reserved.
For example, if a vSwitch CIDR block is 192.168.1.0/24, the IP addresses 192.168.1.0, 192.168.1.253, 192.168.1.254, and 192.168.1.255 are reserved.
- If a vSwitch is required to communicate with vSwitches in other VPCs or with data centers, make sure that the CIDR block of the vSwitch does not overlap with the destination CIDR blocks.
IPv6 CIDR BlockSpecify whether to enable IPv6 for the vSwitch. If you enable IPv6, you must specify an IPv6 CIDR block for the vSwitch.Note
- If your VPC is assigned an IPv6 CIDR block, you must configure the IPv6 CIDR block of the vSwitch.
- If your VPC is not assigned an IPv6 CIDR block, you do not need to configure the IPv6 CIDR block of the vSwitch.
In this example, Enable is selected.
By default, the subnet mask of the IPv6 CIDR block of a vSwitch is /64. You can enter a decimal number from 0 to 255 to define the last 8 bits of the IPv6 CIDR block.
For example, if the IPv6 CIDR block of the VPC is 2408:4005:3c5:6e00::/56, you can enter 255 (ff in hexadecimal format) for the IPv6 CIDR block of the vSwitch. In this case, the IPv6 CIDR block of the vSwitch is 2408:4005:3c5:6eff::/64.
- Optional:To create more vSwitches, click Add below the vSwitch section and repeat the preceding step to set the parameters. You can create at most 10 vSwitches in each VPC.
- Click OK.
Step 2: Create an ECS instance
Create an ECS instance in the VPC.
- Log on to the VPC console.
- In the left-side navigation pane, click vSwitch.
- In the top navigation bar, select the region where the vSwitch is deployed. In this example, China (Qingdao) is selected.
- On the vSwitch page, find the vSwitch that you want to manage, and choose in the Actions column.
- On the Custom Launch tab, set the following parameters: For more information about how to configure an ECS instance, see Create an instance by using the wizard.
- Network Type: Select the VPC and the vSwitch that you created.
- Public IP Address: Clear the check box.
- Security Group: Use the default security group.
- Click Create Order and complete the payment.
- Log on to the ECS console. In the left-side navigation pane, click Instances. On the Instances page, view the details of the ECS instance.
Step 3: Create an EIP and associate the EIP with the ECS instance
An EIP is a public IP address that you can purchase and use as an independent resource. You can associate an EIP with an ECS instance in a VPC to enable the ECS instance to communicate with the Internet.
- Log on to the Elastic IP Address console .
- In the top navigation bar, select the region where you want to create the EIP. In this example, China (Qingdao) is selected.
- On the Elastic IP Addresses page, click Create EIP.
- On the Elastic IP page, configure and buy the EIP. For more information, see Apply for an EIP.
- On the Elastic IP Addresses page, find the EIP that you created and click Bind Resource in the Actions column.
- In the Associate EIP with Resource dialog box, set the following parameters and click OK.
Parameter Description Instance Type Select ECS Instance. Resource Group Select the resource group to which the ECS instance belongs. Mode Select the mode in which the EIP is associated with the ECS instance.
You can select only NAT Mode.
Select an instance to associate. Select the ECS instance that is created in Step 2: Create an ECS instance.
Step 4: Test Internet connectivity
- Log on to the ECS instance with which the EIP is associated. For more information, see Connection methods.
- Run the
pingcommand to test the connectivity between the ECS instance and the Internet.The test result shows that the ECS instance can communicate with the Internet.