NFVs are VMs running software that implement network functions. Users can purchase an image and create a virtual machine with the image to implement the corresponding functions.
Function: The problem that EIP resource is insufficient due to Internet access demand of multiple Virtual Machines in the same VPC can be solved by creating NAT gateway. JD Cloud & AI support self-established NAT gateway for implementing SNAT function.
Use restrictions: Self-built NAT gateways share quota with virtual machines.
A NAT gateway is the gateway that converts the internal IP address and public IP address in a private network, and is a way for cloud resources without a public IP in the private network to access the Internet (but does not support active Internet access to the private network). Typical application scenarios for the NAT gateway of JD Cloud private network are as follows:
The virtual machine is not associated with an elastic public IP and the traffic of all accesses to Internet is forwarded through a NAT gateway. In this option, traffic from the virtual machine accessing the Internet is forwarded to the NAT gateway via internal network, and thus will not be limited by the bandwidth cap of the public network bandwidth at the time of virtual machine purchase, and the network traffic costs incurred by the NAT gateway will not take up the public network bandwidth egress of the virtual machine.
The virtual machine only associates the elastic public IP and will not use a NAT gateway. With this option, the traffic of all accesses from the virtual machine to the Internet will egress through the elastic public IP, and will be limited by the bandwidth cap of the public network bandwidth at the time of virtual machine purchase. The relevant fees for accessing the public network are determined according to the virtual machine network billing mode.
The virtual machine is associated with an elastic public IP, while the related subnet route directs to the NAT gateway through the traffic of access to the Internet. In this option, traffic from the virtual machine actively accessing the Internet is forwarded to the NAT gateway via internal network only, with return packets also returned to the virtual machine via the NAT gateway. This traffic part will not be limited by the bandwidth cap of the public network bandwidth at the time of virtual machine purchase, and the network traffic costs generated by the NAT gateway will not take up the public network bandwidth egress of the virtual machine. If traffic from the Internet actively accesses the elastic public IP of the virtual machine, the return packets of the virtual machine are uniformly returned through the elastic public IP, and the public network egress traffic generated in this way is limited by the bandwidth cap of the public network bandwidth at the time of virtual machine purchase. The relevant fees for accessing the public network are determined according to the virtual machine network billing mode.
Function: VPN gateways provides Internet-based data encryption transmission services, which enable network interconnection of different VPCs and enable the enterprise IDC and JD Cloud internal network for hybrid cloud deployment. VPN gateways can be created by image with VPN functionality.
Use restrictions: VPN gateways created by imaging share quota with the virtual machine.
JD Cloud VPN use the methods of IPSEC, IKE, pre-shared key pair to carry out encryption for the data, providing secure and reliable communication channel based on public network.
Support to set up multiple channels under VPN gateway (require different opposite terminal gateway) to provide relatively flexible networking method for addressing different business scenario requirements.
VPN provides automatic check for channel connectivity by default, which check the connectivity state of the channel and automatically reconnect the disconnected channel for ensuring its availability.
Create VPN gateways by image, which is simple and convenient to set up VPN connection without complicated configuration.
Use IPSEC protocol to enable encrypted data communication based on public network.
It is possible to actively choose the right VPN image according to actual business requirements.
Currently, the IPSEC protocol-based VPN communication service supports site-to-site mode, allowing flexible access to the enterprise IDC and JD Cloud internal network. The following are typical application scenarios:
Requirements: Deploy some resources in the enterprise IDC, and application services and other resources in the JD Cloud internal network, and then communicate data through VPN tunnels to achieve hybrid cloud deployment.
我们的产品专家为您找到最合适的产品/解决⽅案
1v1线上咨询获取售前专业咨询
专业产品顾问,随时随地沟通