Advantages
Last Updated:2021-04-27
| Component | Description | Advantages |
|---|---|---|
| Virtual Private Cloud (VPC) | The users customize the network address space, and the addresses among multiple VPCs can overlap each other. | In a traditional data center, the overlapping of address space is not allowed, multiple network environments which are exactly the same cannot be created (disaster recovery network, testing environment consistent with the production environment, etc.). |
| subnet | The users can flexibly customize network IP segments. | The similar businesses are divided into the same subnet to facilitate the unified management of user servers. The inclusion of the following items to the private network is supported: sub-instance, physical machine, and other products of Baidu Cloud Compute (BCC) and Dedicated Cloud Compute (DCC). |
| Routing table | The traffic is flexibly scheduled, managed and controlled in the VPC. | The simple and easy management and scheduling of the subnet-level traffic is realized by the global route table. |
| Security group | Set the IP+port level access control for BCC in VPC. | The two-way traffic access control is set for the host in the VPC to greatly enhance the business security. |
| ACL | The subnet-level stateless firewall function is realized. | The configuration is flexible and simple, supports the policy allowance/rejection, and realizes the security access control of subnet granularity. |
| Elastic network interface card | It is a kind of elastic network interface for mounting cloud hosts, and can be freely migrate among multiple cloud hosts. | The high-availability clusters are deployed by elastic network cards to realize fast failover and refined network management. |
| Service network interface card | It can provide the convenient, secure and private channel and BOS, and other VPC external services in the VPC for connection. | It needs no elastic public network (IP) and intranet access, supports hybrid cloud scenarios and is used flexibly. |
| IPv6 Gateway | General outlet for VPC to access the public network through IPv6 | Configure the IPv6 Internet outbound and inbound bandwidth flexibly |
| NAT gateway | Multiple BCCs in the VPC share the same group of public IPs for egress access, and can provide internet services. | It supports the bandwidth as high as 5G; based on the HA mode, the automatic failover and recovery realizes high reliability. |
| VPN gateway | Builds VPN tunnel with multiple IDC environments of customers via VPN mode, realizing hybrid cloud. | Automatic fault handover and recover based on HA mode, achieving high reliability |
| Peer-to-peer connection | The intranets are connected securely among multiple VPCs. | It flexibly realizes the high-speed network connectivity of the business of multiple users in the same region/across different regions. |
| Dedicated Line Gateway | The interface for VPC connecting physical express tunnel | Supports up to 10G bandwidth and realizes stable, high-speed, safe and flexible interconnection from VPC to user IDC |
| Flow log | It is used to record the network traffic information sent and received by the instance of cloud server in VPC | Facilitate the traffic analysis, visualization, troubleshooting/positioning and network architecture optimization |