This blog will help you understand what is a VPC and how it works in Alibaba Cloud. Additionally, I have created a step by step guide on how to deploy it using the Alibaba Cloud console.
Objectives
- What is a Virtual Private Cloud (VPC) and how it works
- Plan and design a VPC Network
- Deploy a VPC network
- Know different options of connection VPC to the internet
What is Virtual Private Cloud (VPC)?
Virtual Private (VPC) is a logically isolated network environment. Where you have full control of the following:
- IP address ranges
- Subnets
- Routing tables
- Network Gateways and Connections
Virtual Private Cloud (VPC) creates a Layer 2 isolated network environment at regional level for cloud customers to build private computing in a public cloud environment.
How does VPC work?
VPC user Virtual Extensible LAN (VXLAN) a tunneling protocol that encapsulates Layer 2 Ethernet frames in Layer 3 UDP packets, aka MAC-in UDP.
VXLAN enables cloud customers to create Virtualized Layer 2 subnets, or segments, that span physical Layer 3 networks.
Plan and design VPC-IP address range
Select Classless inter-domain Routing (CIDR) IP address range suitable for your VPC Network, from the Private Network as defined by RFC1918.
Some examples:
- 10.0.0.0/8 – 24 bits
- 172.16.0.0/12 – 20 bits
- 192.168.0.0/16 -16 bits
Plan and design VPC – VRouter
VRouter is like a hub in a VPC that connects all subnet in the VPC and also serves as a gateway device that connects the VPC with other Networks.
Plan and design VPC – VSwitches
- VSwitches are like a layer 2 switch from a subnet in the VPC.
- The first and last three IP addresses of a VSwitch are reserved by the system.
- Each VPC can have a maximum of 24 VSwitches
- VSwitches cannot be distributed across different zones
Creating a VPC and VSwitches
Now, we will walk through the steps used to create a simple VPC using the previous example.
Log on to the Alibaba Cloud console and do the following steps:
- Select Singapore from the region menu
2. Click create VPC, Configure the VPC Name, and Select the CIDR Block
3. Scroll down, Configure the VSwitches Name, Zone, Destination CIDR Block, and the CIDR mask
4. Click add ( or Create VSswitch from Vswitch console), to configure 2nd Vswitch Name, Zone, Destination CIDR Block, and he CIDR mask
5. Click Ok and ensure the status is success
6. Click Complete and the newly created VPC instance will be listed
VPC connections
Alibaba Cloud provides many solutions to connect a VPC to the internet, other VCPs or local data centers.
When the cloud products in a VPC needs to communicate with the internet, you can use Network address translation (NAT) Gateway, Elastic IP (EIP) and Server Load Balancer (SLB) to establish an internet connection.
When the cloud products in a VPC needs to establish a connection with other VPCs or local Inter Data Center (IDC), you can use Virtual Private Network ( VPN) Gateway, Express Connect and Cloud Enterprise Network ( CEN) to build a Hybrid Cloud environment.
Wrapping Up
In summary, now you are able to:
- Know what a Virtual Private Cloud is and how it works
- Plan and Design a VPC Network
- Deploy a VPC network
- Know different options of connection VPC to the internet
