Skip to main content

Network

Introduce the network used by private cloud virtual machines and physical machines.

Basic Concepts

There are three basic network concepts, in logical order from bottom to top: VPC, Layer 2 network, and IP subnet.

VPC

VPC (Virtual Private Cloud) refers to a virtual network isolation area within the cloud platform, where network traffic is isolated between VPCs. VPC can be divided into Classic Network and Virtual Network.

Classic Network

The Classic Network, also known as a flat network or Underlay, refers to a physical network defined by network configurations within physical switches, routers, and other physical devices. Virtual machines that use the Classic Network rely on physical network equipment to achieve network communication between nodes. Communication between virtual machines under the same IP subnet depends on layer 2 switching, while communication between virtual machines under different IP subnets depends on layer 3 switching. In the Classic Network, layer 2 or 3 network exchanges between virtual machines on different host machines or any virtual machine rely on physical network equipment.

For the purpose of standardization, the Classic Network is defined as a special default VPC (Default VPC), which already exists and represents a network isolation area corresponding to the physical network.

Virtual Network

The Virtual Network, also known as an Overlay Network, is a virtual network composed of virtual network elements built on top of a physical network through tunneling technology. Communication between virtual machines within the Virtual Network is achieved using software-simulated virtual layer 2 switches and virtual routers (layer 3). Multiple Virtual Networks can be created, and network traffic is isolated between them.

The Virtual Network is encapsulated based on the open-source ovn.

Layer 2 Network (Wire)

In the Classic Network, a layer 2 network corresponds to a broadcast domain. Virtual machines within the same layer 2 network can communicate directly on a point-to-point basis, without relying on layer 3 network devices (but relying on layer 2 network devices, which may be a virtual OVS bridge or a physical switch). In terms of physical concepts, a layer 2 network typically corresponds to a network area under a layer 3 switch or router. Multiple layer 2 networks can exist in the Classic Network.

In the Virtual Network, since any device can communicate directly with any other device (through tunnels), the entire VPC can be understood as a layer 2 network. For modeling purposes, the concept of a wire is still retained in the Virtual Network, but it can be regarded as being equivalent to the VPC. A layer 2 network is automatically created within a VPC.

IP Subnet (Network)

An IP subnet corresponds to a subnet, which is a continuous range of IP addresses with the same subnet mask. An IP subnet belongs to a layer 2 network. The IP subnet carries network configuration information such as IP address range, subnet mask, gateway, VLAN ID, DNS, etc. If a virtual machine is connected to an IP subnet, the virtual network card of the virtual machine must use an IP address allocated from the IP address range of the subnet. The configuration of the virtual network card is determined by the properties of the IP subnet.

In the Classic Network, each IP subnet can have its own VLAN ID. Virtual machines connected to the IP subnet must also use the corresponding VLAN ID.

Network Topology Constraints

In the Classic Network, because communication between virtual machines depends on physical devices, which IP subnets a virtual machine on a specific host machine can access is subject to the physical network constraints that the host machine is connected to. In other words, a virtual machine on a host machine can only access IP subnets within the layer 2 network the host machine is connected to.

There are no network topology constraints in the Virtual Network, which means that any virtual machine on any host machine can access any VPC network.