What is the difference between a classic network and a VPC?

Alibaba Cloud provides two types of network services to customers: classic network and VPC, but what is the difference between the two? The explanation given by Ali's official website is:

I believe that many people are still in the cloud after reading this explanation, as a user, how should you judge which type of network is suitable for you?

In fact, it can be simply understood that from the perspective of public IP addresses, there is no difference between classic networks and VPCs. In terms of intranet IP addresses, the classic network is DHIP, that is, the LAN IP address is automatically assigned, while the VPC is manually assigned the LAN IP address, which is convenient for users with multiple ECSs to define the intranet IP structure. Therefore, if the user only has one server, or has multiple servers but does not need to interconnect with the intranet, then both networks can be selected.

However, in terms of security, because the classic network is an IP address automatically assigned by Alibaba Cloud, there is a certain regularity, so hackers can also use the intranet IP to carry out LAN attacks, although it is somewhat difficult under Alibaba Cloud's security system, but the facts have also proved that there is a possibility of being attacked. However, because the VPC is a custom LAN IP, it is not so easy for hackers to enter the user's intranet to attack.

Alibaba Cloud in the classic network has initialized many parameters, which is suitable for users who can quickly get started with ECS. VPC: Suitable for users who are proficient in network management, the customized and scalable type is stronger, and it is a logically isolated VPC that supports users to customize the network topology and IP address.

Classic network: The private IP address is assigned by Alibaba Cloud and cannot be changed, which can be easily used to access other instances or Alibaba Cloud products in the same region with other instances or Alibaba Cloud products, and is suitable for users who have moderate requirements for network customization and autonomous management.

VPC: A logically isolated VPC that allows you to customize the network topology and IP address, and supports connection over leased lines with strong network scalability. It is suitable for customers who have personalized customization and advanced customization needs for the network.

First, the reference is different.

1. Classical network: It is composed of several nodes and links connecting these nodes, representing many objects and their interconnection.

2. VPC: It is a private connection between two enterprises, and this connection is the physical connection between the intranets of two enterprises.

Second, the characteristics are different.

1. Classic network: With the help of text reading, viewing, video and audio, transmission, games, chats and other software tools, it will bring people an extremely rich life and beautiful enjoyment from the aspects of text, sound, and so on.

2. VPC: A dedicated line is a permanent dedicated line connection between two points. Unlike a normal dial-up connection, the leased line is always connected.

Third, the functions are different.

1. Classic network: The main function is resource sharing. Shared resources include software resources, hardware resources, and various data resources stored in public databases.

2. VPC: The biggest drawback is that the cost is too high, because the leased line is very expensive. Every pair of businesses that want a private network needs a separate private line to connect them together.

Differences between classic and VPC:

1. Cost and sharing.

VPC: ECS costs are saved5 and shared bandwidth is reduced by about 30 costs.

Classic network: ECS instance list price, public bandwidth is not shared.

2. Repent and reform safely.

VPC: A Layer 2 isolated security-enhanced network is the first VPC on the cloud recommended by Alibaba Cloud.

Classic network: It is a shared basic network with simple isolation.

3. Function. Compared with the classic network, VPCs support more functions, such as custom networks, subnet division, multi-region private network interconnection, hybrid cloud support, and shared bandwidth.

Classic network cloud products are uniformly deployed in Alibaba Cloud's public basic Gaola network, and Alibaba Cloud is responsible for network planning and management, which is more suitable for customers who have high requirements for network ease of use. A VPC is a custom isolated network that you can use to customize the network topology and IP address of the VPC.

It's still easy to build a**, basically follow the documentation tutorial, and it's best to develop the program yourself or the team, otherwise you can only use Kaishen to contain the source or spend money to buy.

VPC is Layer 2 isolation, while Classic Network is Layer 3 isolation. If you still want to get to the bottom of the problem, what is the difference between Alibaba Cloud VPC and classic network? It's a good idea for you to take a closer look, in fact, the VPC has now been abolished.

The ones that are available are all classic networks.

Cloud products of the classic network type are deployed in Alibaba Cloud's public basic network, and Alibaba Cloud is responsible for network planning and management, which is more suitable for customers who have high requirements for network ease of use. A VPC is a custom isolated network that you can use to customize the network topology and IP address of the VPC.

The differences between Alibaba Cloud classic and VPC are as follows:

1. Cost and sharing.

Private network: ECS costs are reduced by 5 and shared bandwidth is reduced by about 30 percent.

Classic network: ECS instances**, public network bandwidth is not shared2, security.

Private network: Double-layer isolation security-enhanced network is the first private cloud network launched by Ali.

Classic network: A shared base network with simple isolation.

3. Function. Compared with traditional networks, VPCs support more functions, such as custom networks, subnets, multi-region VPC interconnection, hybrid cloud support, and shared bandwidth. The examples in the network are highly isolated. Compared with traditional networks, VPCs have higher security and flexibility.

Differences: 1. Cost.

VPC: ECS costs are saved5 and shared bandwidth is reduced by about 30 costs.

Classic network: ECS instance list price, public bandwidth is not shared.

2. Safety. VPC: Layer 2 isolation is more secure.

Classic network: Layer 3 isolation.

For users who started to use Alibaba Cloud earlier, Alibaba Cloud provided a network with simple operation, high ease of use, no need for network planning in advance, and all IP addresses were uniformly assigned by Alibaba Cloud, which was also the only network model of Alibaba Cloud at that time, and is now called the classic network. However, with the increasing complexity of business scenarios and the continuous use of various cloud services, some problems of the classic network have begun to be exposed, and enterprise users using the classic network need to migrate from the classic network to the VPC.

The issues with the classic network are as follows:

1.There is a problem with security maintenance in the classic network.

The classic network is a large Layer 2 design, which can be reached by Alibaba Cloud across the entire network, which has security problems in itself. To solve or even plug some security vulnerabilities preliminarily, it requires huge maintenance costs.

For example, the SLB in the classic network is reachable across the entire network, even if it is an intranet. Of course, SLB provides access control.

However, if you want to ensure that each additional machine in the business system can access the corresponding SLB normally, you must ensure that the corresponding access control policies of the corresponding listening ports of each SLB are updated in a timely manner. This requires a lot of development and maintenance work when a large number of SLBs and ECSs exist, and there are often additions and releases.

Another example is database products such as RDS and MongoDB, which have higher security requirements, and can only be accessed by IP addresses in the authorized whitelist. Again, it takes a lot of development and maintenance work.

ECS security groups and external dependency whitelists also have the same problems.

2.Some business scenarios cannot be implemented.

For example, some banking institutions and insurance companies need to open a leased line to access their services, which is not supported by Alibaba Cloud Classic. For example, in some business scenarios, we need to connect two networks with a VPN to facilitate access, which is also not supported by Alibaba Cloud Classic Network. Many of Alibaba Cloud's new features do not support classic networks, such as autoscaling, self-developed network models for Swarm container clusters, and Kubernetes container clusters.

3.The network cost of resources cannot be effectively controlled.

Since all IP addresses in the classic network are maintained by Alibaba Cloud, each ECS instance needs to configure a public IP address if it needs to access external servers. In this way, the public network traffic fee cannot be calculated in a unified manner, and bandwidth cannot be purchased and shared in a unified manner.

A virtual private cloud (VPC) is an isolated network environment built by Alibaba Cloud on the cloud, and VPCs are logically isolated from each other. VPCs can use Alibaba Cloud resources in a defined virtual network. In a private network, you can take full control of your virtual network, such as selecting your own IP address range, dividing network segments, configuring route tables and gateways, and so on, so as to achieve secure resource access and application access.

You can also connect the VPC to other networks through connection methods such as Direct Connect or VPN to form an on-demand network environment.

A cloud server is a computing service with scalable processing capacity. It's simpler to manage than a physical server. Users do not need to purchase hardware in advance to create or release any number of ECSs.

Bird Cloud focuses on providing one-stop core network cloud deployment services for individual developer users, small and medium-sized enterprises, and large enterprise users, so as to simplify cloud deployment for users and use cloud computing easily and quickly. Bird Cloud is one of the few professional cloud computing service providers in China with ISP IDC dual qualifications, and holds the system software copyright certificate, CNNIC address allocation alliance membership certificate, and has passed the ISO27001 information security management system international certification and ISO9001 quality assurance system international certification.

The traditional server is with independent CPU, memory module, hard disk, the stored data security is not high, the waste rate of hard disk is relatively high, the application has limitations, if there is a new application, then you can only buy another one, which causes a serious waste of server, for some small and medium-sized enterprises can not be underestimated.

1. From a technical point of view.

Cloud servers use cloud computing technology, which integrates various software and hardware technologies such as computing, networking, and storage. Traditional servers, which are independent, do not integrate these resources.

2. From the perspective of security.

The cloud server has natural anti-ARP attacks and MAC spoofing, snapshot backup, and data is never lost. Traditional servers don't have this feature.

3. In terms of reliability.

Cloud servers are based on server clusters, so the hardware redundancy is high and the failure rate is low. Traditional servers, on the other hand, have less hardware redundancy and a higher failure rate.

4. In terms of flexibility.

Private networks are faster.