NFV

Products

Virtual Private Cloud

2022-02-28 10:24:11

NFV

Basic concept

NFVs are VMs running software that implement network functions. Users can purchase an image and create a virtual machine with the image to implement the corresponding functions.

NAT Gateway

Function: The problem that EIP resource is insufficient due to Internet access demand of multiple Virtual Machines in the same VPC can be solved by creating NAT gateway. JD Cloud & AI support self-established NAT gateway for implementing SNAT function.

Use restrictions: Self-built NAT gateways share quota with virtual machines.

Summary

A NAT gateway is the gateway that converts the internal IP address and public IP address in a private network, and is a way for cloud resources without a public IP in the private network to access the Internet (but does not support active Internet access to the private network). Typical application scenarios for the NAT gateway of JD Cloud private network are as follows:

  • Broadband, High Availability Public Network Access. JD Cloud NAT gateway can meet the users' requirements for public network access application scenarios with ultra-large bandwidth, large application of public network IP, and more deployed services.
  • Security Public Network Access Method. The NAT gateway of JD Cloud private network provides secure IP transformation. If a user wants to hide the public IP of hosts in a private network, so as to access the public network while avoid exposing their network deployment, the NAT gateway of JD Cloud can meet such needs.

NAT Gateway and Use of Elastic Public IP

Option 1: Use NAT gateway only

The virtual machine is not associated with an elastic public IP and the traffic of all accesses to Internet is forwarded through a NAT gateway. In this option, traffic from the virtual machine accessing the Internet is forwarded to the NAT gateway via internal network, and thus will not be limited by the bandwidth cap of the public network bandwidth at the time of virtual machine purchase, and the network traffic costs incurred by the NAT gateway will not take up the public network bandwidth egress of the virtual machine.

Option 2: Use elastic public IP only

The virtual machine only associates the elastic public IP and will not use a NAT gateway. With this option, the traffic of all accesses from the virtual machine to the Internet will egress through the elastic public IP, and will be limited by the bandwidth cap of the public network bandwidth at the time of virtual machine purchase. The relevant fees for accessing the public network are determined according to the virtual machine network billing mode.

Option 3: Use both NAT gateway and elastic public IP

The virtual machine is associated with an elastic public IP, while the related subnet route directs to the NAT gateway through the traffic of access to the Internet. In this option, traffic from the virtual machine actively accessing the Internet is forwarded to the NAT gateway via internal network only, with return packets also returned to the virtual machine via the NAT gateway. This traffic part will not be limited by the bandwidth cap of the public network bandwidth at the time of virtual machine purchase, and the network traffic costs generated by the NAT gateway will not take up the public network bandwidth egress of the virtual machine. If traffic from the Internet actively accesses the elastic public IP of the virtual machine, the return packets of the virtual machine are uniformly returned through the elastic public IP, and the public network egress traffic generated in this way is limited by the bandwidth cap of the public network bandwidth at the time of virtual machine purchase. The relevant fees for accessing the public network are determined according to the virtual machine network billing mode.

VPN Gateway

Function: VPN gateways provides Internet-based data encryption transmission services, which enable network interconnection of different VPCs and enable the enterprise IDC and JD Cloud internal network for hybrid cloud deployment. VPN gateways can be created by image with VPN functionality.

Use restrictions: VPN gateways created by imaging share quota with the virtual machine.

Features

  • Provide encryption data transmission channel

JD Cloud VPN use the methods of IPSEC, IKE, pre-shared key pair to carry out encryption for the data, providing secure and reliable communication channel based on public network.

  • With flexible networking method, support multi-channel sharing gateway

Support to set up multiple channels under VPN gateway (require different opposite terminal gateway) to provide relatively flexible networking method for addressing different business scenario requirements.

  • Channel connectivity check, automatically restore channel function

VPN provides automatic check for channel connectivity by default, which check the connectivity state of the channel and automatically reconnect the disconnected channel for ensuring its availability.

Features

  • Simple operation

Create VPN gateways by image, which is simple and convenient to set up VPN connection without complicated configuration.

  • Security and Reliability

Use IPSEC protocol to enable encrypted data communication based on public network.

  • Flexible and autonomous

It is possible to actively choose the right VPN image according to actual business requirements.

Application Scenarios

Currently, the IPSEC protocol-based VPN communication service supports site-to-site mode, allowing flexible access to the enterprise IDC and JD Cloud internal network. The following are typical application scenarios:

Requirements: Deploy some resources in the enterprise IDC, and application services and other resources in the JD Cloud internal network, and then communicate data through VPN tunnels to achieve hybrid cloud deployment.

Feedback

开始与售前顾问沟通

可直接拨打电话 400-098-8505转1

我们的产品专家为您找到最合适的产品/解决⽅案

在线咨询 5*8⼩时

1v1线上咨询获取售前专业咨询

点击咨询
企微服务助手

专业产品顾问,随时随地沟通