From 19f0993a3718921f742cd7ac6bc264e1d477fdca Mon Sep 17 00:00:00 2001 From: "Qin Ying, Fan" Date: Wed, 20 Dec 2023 11:27:38 +0000 Subject: [PATCH] VPC UMN 20231207 version Reviewed-by: Sarda, Priya Co-authored-by: Qin Ying, Fan Co-committed-by: Qin Ying, Fan --- docs/vpc/umn/ALL_META.TXT.json | 347 ++++++----- docs/vpc/umn/CLASS.TXT.json | 584 +++++++++--------- docs/vpc/umn/FlowLog_0002.html | 4 +- docs/vpc/umn/FlowLog_0003.html | 2 +- docs/vpc/umn/FlowLog_0004.html | 94 +-- docs/vpc/umn/FlowLog_0006.html | 4 +- docs/vpc/umn/SecurityGroup_0003.html | 2 +- docs/vpc/umn/SecurityGroup_0004.html | 4 +- docs/vpc/umn/SecurityGroup_0005.html | 90 +++ docs/vpc/umn/acl_0001.html | 2 +- docs/vpc/umn/en-us_image_0000001646961692.png | Bin 0 -> 128 bytes docs/vpc/umn/en-us_image_0000001796404809.png | Bin 0 -> 23749 bytes docs/vpc/umn/en-us_image_0129473334.png | Bin 10485 -> 0 bytes docs/vpc/umn/en-us_topic_0013748715.html | 31 +- docs/vpc/umn/en-us_topic_0013748726.html | 15 +- docs/vpc/umn/en-us_topic_0013748738.html | 6 +- docs/vpc/umn/en-us_topic_0013935842.html | 26 +- docs/vpc/umn/en-us_topic_0017816228.html | 26 +- docs/vpc/umn/en-us_topic_0030969460.html | 2 + docs/vpc/umn/en-us_topic_0030969470.html | 74 ++- docs/vpc/umn/en-us_topic_0038263963.html | 6 +- docs/vpc/umn/en-us_topic_0046655036.html | 2 +- docs/vpc/umn/en-us_topic_0046655037.html | 8 +- docs/vpc/umn/en-us_topic_0046655038.html | 11 +- docs/vpc/umn/en-us_topic_0051746700.html | 8 +- docs/vpc/umn/en-us_topic_0051746702.html | 6 +- docs/vpc/umn/en-us_topic_0067802474.html | 103 ++- docs/vpc/umn/en-us_topic_0068145818.html | 2 +- docs/vpc/umn/en-us_topic_0073379079.html | 8 +- docs/vpc/umn/permission_0004.html | 2 +- docs/vpc/umn/vpc010005.html | 2 +- docs/vpc/umn/vpc010006.html | 2 +- docs/vpc/umn/vpc010007.html | 2 +- docs/vpc/umn/vpc010013.html | 2 +- docs/vpc/umn/vpc_0002.html | 83 +++ docs/vpc/umn/vpc_Concepts_0005.html | 2 +- docs/vpc/umn/vpc_Concepts_0011.html | 2 +- docs/vpc/umn/vpc_SecurityGroup_0001.html | 2 + docs/vpc/umn/vpc_SecurityGroup_0007.html | 12 +- docs/vpc/umn/vpc_SecurityGroup_0009.html | 4 +- docs/vpc/umn/vpc_acl_0000.html | 2 +- docs/vpc/umn/vpc_acl_0003.html | 6 +- docs/vpc/umn/vpc_acl_0005.html | 6 +- docs/vpc/umn/vpc_faq_0059.html | 2 +- docs/vpc/umn/vpc_faq_0075.html | 7 + docs/vpc/umn/vpc_faq_0103.html | 36 +- docs/vpc/umn/vpc_peering_0004.html | 2 +- docs/vpc/umn/vpc_peering_0006.html | 6 +- docs/vpc/umn/vpc_peering_0007.html | 2 +- docs/vpc/umn/vpc_qs_0005.html | 26 +- docs/vpc/umn/vpc_qs_0006.html | 15 +- docs/vpc/umn/vpc_qs_0007.html | 31 +- docs/vpc/umn/vpc_qs_0008.html | 74 ++- docs/vpc/umn/vpc_qs_0009.html | 26 +- docs/vpc/umn/vpc_qs_0010.html | 15 +- docs/vpc/umn/vpc_qs_0011.html | 6 +- docs/vpc/umn/vpc_qs_0012.html | 31 +- docs/vpc/umn/vpc_qs_0013.html | 74 ++- docs/vpc/umn/vpc_route01_0001.html | 6 +- docs/vpc/umn/vpc_route01_0010.html | 2 +- docs/vpc/umn/vpc_route_0004.html | 2 +- docs/vpc/umn/vpc_vip_0002.html | 3 +- docs/vpc/umn/vpc_vpc_0004.html | 2 +- docs/vpc/umn/vpc_vpc_0005.html | 13 +- docs/vpc/umn/vpc_vpc_0010.html | 2 +- docs/vpc/umn/vpc_vpc_0011.html | 2 +- docs/vpc/umn/vpc_vpc_0012.html | 2 +- 67 files changed, 1202 insertions(+), 781 deletions(-) create mode 100644 docs/vpc/umn/SecurityGroup_0005.html create mode 100644 docs/vpc/umn/en-us_image_0000001646961692.png create mode 100644 docs/vpc/umn/en-us_image_0000001796404809.png delete mode 100644 docs/vpc/umn/en-us_image_0129473334.png create mode 100644 docs/vpc/umn/vpc_0002.html diff --git a/docs/vpc/umn/ALL_META.TXT.json b/docs/vpc/umn/ALL_META.TXT.json index 5e70677e6..d1b978a4b 100644 --- a/docs/vpc/umn/ALL_META.TXT.json +++ b/docs/vpc/umn/ALL_META.TXT.json @@ -1,4 +1,7 @@ [ + { + "dockw":"User Guide" + }, { "uri":"vpc_pro_0000.html", "node_id":"vpc_pro_0000.xml", @@ -256,7 +259,7 @@ "node_id":"vpc_concepts_0011.xml", "product_code":"vpc", "code":"15", - "des":"A VPC peering connection is a networking connection between two VPCs and enables them to communicate using private IP addresses. The VPCs to be peered can be in the same ", + "des":"A VPC peering connection is a networking connection that connects two VPCs for them to communicate using private IP addresses. The VPCs to be peered can be in the same ac", "doc_type":"usermanual", "kw":"VPC Peering Connection,Basic Concepts,User Guide", "search_title":"", @@ -934,11 +937,30 @@ "title":"Deleting a Subnet", "githuburl":"" }, + { + "uri":"vpc_0002.html", + "node_id":"vpc_0002.xml", + "product_code":"vpc", + "code":"52", + "des":"IPv4 and IPv6 dual-stack allows your resources, such as ECSs, to use both IPv4 and IPv6 addresses for private and public network communications. For example, if ECSs use ", + "doc_type":"usermanual", + "kw":"IPv4 and IPv6 Dual-Stack Network,VPC and Subnet,User Guide", + "search_title":"", + "metedata":[ + { + "opensource":"true", + "documenttype":"usermanual", + "prodname":"vpc" + } + ], + "title":"IPv4 and IPv6 Dual-Stack Network", + "githuburl":"" + }, { "uri":"vpc_SecurityGroup_0000.html", "node_id":"vpc_securitygroup_0000.xml", "product_code":"vpc", - "code":"52", + "code":"53", "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "doc_type":"usermanual", "kw":"Access Control", @@ -957,7 +979,7 @@ "uri":"en-us_topic_0052003963.html", "node_id":"en-us_topic_0052003963.xml", "product_code":"vpc", - "code":"53", + "code":"54", "des":"You can configure security groups and firewalls to increase the security of ECSs in your VPC.Security groups operate at the ECS level.Firewalls protect associated subnets", "doc_type":"usermanual", "kw":"Differences Between Security Groups and Firewalls,Access Control,User Guide", @@ -976,7 +998,7 @@ "uri":"vpc_SecurityGroup_0001.html", "node_id":"vpc_securitygroup_0001.xml", "product_code":"vpc", - "code":"54", + "code":"55", "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "doc_type":"usermanual", "kw":"Security Group", @@ -995,7 +1017,7 @@ "uri":"en-us_topic_0073379079.html", "node_id":"en-us_topic_0073379079.xml", "product_code":"vpc", - "code":"55", + "code":"56", "des":"A security group is a collection of access control rules for cloud resources, such as cloud servers, containers, and databases, that have the same security protection req", "doc_type":"usermanual", "kw":"Security Groups and Security Group Rules,Security Group,User Guide", @@ -1014,8 +1036,8 @@ "uri":"SecurityGroup_0003.html", "node_id":"securitygroup_0003.xml", "product_code":"vpc", - "code":"56", - "des":"If you have not created any security group, the system automatically creates a default security group for you and associates it with the instance (such as an ECS) when yo", + "code":"57", + "des":"If you have not created any security groups yet, the system automatically creates a default security group for you and associates it with the instance (such as an ECS) wh", "doc_type":"usermanual", "kw":"Default Security Group and Its Rules,Security Group,User Guide", "search_title":"", @@ -1033,7 +1055,7 @@ "uri":"en-us_topic_0081124350.html", "node_id":"en-us_topic_0081124350.xml", "product_code":"vpc", - "code":"57", + "code":"58", "des":"Here are some common security group configuration examples for different scenarios, including remote login to ECSs, website access, and internal communication between ins", "doc_type":"usermanual", "kw":"Security Group Configuration Examples,Security Group,User Guide", @@ -1052,7 +1074,7 @@ "uri":"en-us_topic_0013748715.html", "node_id":"en-us_topic_0013748715.xml", "product_code":"vpc", - "code":"58", + "code":"59", "des":"A security group is a collection of access control rules to control the traffic that is allowed to reach and leave the cloud resources that it is associated with. The clo", "doc_type":"usermanual", "kw":"Creating a Security Group,Security Group,User Guide", @@ -1071,7 +1093,7 @@ "uri":"vpc_SecurityGroup_0009.html", "node_id":"vpc_securitygroup_0009.xml", "product_code":"vpc", - "code":"59", + "code":"60", "des":"You can clone a security group from one region to another to quickly apply the security group rules to ECSs in another region.You can clone a security group in the follow", "doc_type":"usermanual", "kw":"Cloning a Security Group,Security Group,User Guide", @@ -1090,7 +1112,7 @@ "uri":"vpc_SecurityGroup_0010.html", "node_id":"vpc_securitygroup_0010.xml", "product_code":"vpc", - "code":"60", + "code":"61", "des":"After a security group is created, you can change its name and description.Log in to the management console.Click in the upper left corner and select the desired region ", "doc_type":"usermanual", "kw":"Modifying a Security Group,Security Group,User Guide", @@ -1109,7 +1131,7 @@ "uri":"vpc_SecurityGroup_0008.html", "node_id":"vpc_securitygroup_0008.xml", "product_code":"vpc", - "code":"61", + "code":"62", "des":"If your security group is no longer required, you can delete it.The default security group is named default and cannot be deleted.If you want to delete a security group t", "doc_type":"usermanual", "kw":"Deleting a Security Group,Security Group,User Guide", @@ -1128,7 +1150,7 @@ "uri":"en-us_topic_0030969470.html", "node_id":"en-us_topic_0030969470.xml", "product_code":"vpc", - "code":"62", + "code":"63", "des":"A security group is a collection of access control rules to control the traffic that is allowed to reach and leave the cloud resources that it is associated with. The clo", "doc_type":"usermanual", "kw":"Adding a Security Group Rule,Security Group,User Guide", @@ -1147,7 +1169,7 @@ "uri":"SecurityGroup_0004.html", "node_id":"securitygroup_0004.xml", "product_code":"vpc", - "code":"63", + "code":"64", "des":"The fast-adding rule function of security groups allows you to quickly add rules with common ports and protocols for remote login, ping tests, common web services, and da", "doc_type":"usermanual", "kw":"Fast-Adding Security Group Rules,Security Group,User Guide", @@ -1162,11 +1184,30 @@ "title":"Fast-Adding Security Group Rules", "githuburl":"" }, + { + "uri":"SecurityGroup_0005.html", + "node_id":"securitygroup_0005.xml", + "product_code":"vpc", + "code":"65", + "des":"You can configure a security group to allow common ports with a few clicks. This function is suitable for the following scenarios:Remotely log in to ECSs.Use the ping com", + "doc_type":"usermanual", + "kw":"Allowing Common Ports with A Few Clicks,Security Group,User Guide", + "search_title":"", + "metedata":[ + { + "opensource":"false", + "documenttype":"usermanual", + "prodname":"vpc" + } + ], + "title":"Allowing Common Ports with A Few Clicks", + "githuburl":"" + }, { "uri":"vpc_SecurityGroup_0005.html", "node_id":"vpc_securitygroup_0005.xml", "product_code":"vpc", - "code":"64", + "code":"66", "des":"You can modify the port, protocol, and IP address of your security group rules as required to ensure the security of your instances.Log in to the management console.Click", "doc_type":"usermanual", "kw":"Modifying a Security Group Rule,Security Group,User Guide", @@ -1185,7 +1226,7 @@ "uri":"vpc_SecurityGroup_0004.html", "node_id":"vpc_securitygroup_0004.xml", "product_code":"vpc", - "code":"65", + "code":"67", "des":"You can replicate an existing security group rule and modify it to quickly generate a new rule.Log in to the management console.Click in the upper left corner and select", "doc_type":"usermanual", "kw":"Replicating a Security Group Rule,Security Group,User Guide", @@ -1204,7 +1245,7 @@ "uri":"vpc_SecurityGroup_0007.html", "node_id":"vpc_securitygroup_0007.xml", "product_code":"vpc", - "code":"66", + "code":"68", "des":"You can configure security group rules in an Excel file and import the rules to the security group. You can also export security group rules to an Excel file. You are adv", "doc_type":"usermanual", "kw":"Importing and Exporting Security Group Rules,Security Group,User Guide", @@ -1223,7 +1264,7 @@ "uri":"vpc_SecurityGroup_0006.html", "node_id":"vpc_securitygroup_0006.xml", "product_code":"vpc", - "code":"67", + "code":"69", "des":"If your security group rule is no longer required, you can delete it.Security group rules use whitelists. Deleting a security group rule may result in ECS access failures", "doc_type":"usermanual", "kw":"Deleting a Security Group Rule,Security Group,User Guide", @@ -1242,7 +1283,7 @@ "uri":"SecurityGroup_0017.html", "node_id":"securitygroup_0017.xml", "product_code":"vpc", - "code":"68", + "code":"70", "des":"When you create an instance, the system automatically adds the instance to a security group for protection.If one security group cannot meet your requirements, you can ad", "doc_type":"usermanual", "kw":"Adding an Instance to or Removing an Instance from a Security Group,Security Group,User Guide", @@ -1261,7 +1302,7 @@ "uri":"vpc_SecurityGroup_0011.html", "node_id":"vpc_securitygroup_0011.xml", "product_code":"vpc", - "code":"69", + "code":"71", "des":"View inbound and outbound rules of a security group used by an ECS.Log in to the management console.Click in the upper left corner and select the desired region and proj", "doc_type":"usermanual", "kw":"Viewing the Security Group of an ECS,Security Group,User Guide", @@ -1280,7 +1321,7 @@ "uri":"SecurityGroup_0006.html", "node_id":"securitygroup_0006.xml", "product_code":"vpc", - "code":"70", + "code":"72", "des":"Change the security group associated with an ECS NIC.Log in to the management console.Click in the upper left corner and select your region and project.Under Computing, ", "doc_type":"usermanual", "kw":"Changing the Security Group of an ECS,Security Group,User Guide", @@ -1299,7 +1340,7 @@ "uri":"vpc_acl_0000.html", "node_id":"vpc_acl_0000.xml", "product_code":"vpc", - "code":"71", + "code":"73", "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "doc_type":"usermanual", "kw":"Firewall", @@ -1318,7 +1359,7 @@ "uri":"acl_0001.html", "node_id":"acl_0001.xml", "product_code":"vpc", - "code":"72", + "code":"74", "des":"A firewall is an optional layer of security for your subnets. After you associate one or more subnets with a firewall, you can control traffic in and out of the subnets.F", "doc_type":"usermanual", "kw":"Firewall Overview,Firewall,User Guide", @@ -1337,7 +1378,7 @@ "uri":"acl_0002.html", "node_id":"acl_0002.xml", "product_code":"vpc", - "code":"73", + "code":"75", "des":"This section provides examples for configuring firewalls.Denying Access from a Specific PortAllowing Access from Specific Ports and ProtocolsYou might want to block TCP p", "doc_type":"usermanual", "kw":"Firewall Configuration Examples,Firewall,User Guide", @@ -1356,7 +1397,7 @@ "uri":"en-us_topic_0051746698.html", "node_id":"en-us_topic_0051746698.xml", "product_code":"vpc", - "code":"74", + "code":"76", "des":"You can create a custom firewall. By default, a newly created firewall is disabled and has no inbound or outbound rules, or any subnets associated.By default, you can cre", "doc_type":"usermanual", "kw":"Creating a Firewall,Firewall,User Guide", @@ -1375,7 +1416,7 @@ "uri":"en-us_topic_0051746702.html", "node_id":"en-us_topic_0051746702.xml", "product_code":"vpc", - "code":"75", + "code":"77", "des":"Add an inbound or outbound rule based on your network security requirements.A firewall can contain no more than 20 rules in one direction, or performance will deteriorate", "doc_type":"usermanual", "kw":"Adding a Firewall Rule,Firewall,User Guide", @@ -1394,8 +1435,8 @@ "uri":"en-us_topic_0051746700.html", "node_id":"en-us_topic_0051746700.xml", "product_code":"vpc", - "code":"76", - "des":"You can associate a firewall with a subnet to protect resources in the subnet. After a firewall is associated with a subnet, the firewall denies all traffic to and from t", + "code":"78", + "des":"You can associate a firewall with a subnet to protect resources in the subnet.You can associate a firewall with multiple subnets. However, a subnet can only be associated", "doc_type":"usermanual", "kw":"Associating Subnets with a Firewall,Firewall,User Guide", "search_title":"", @@ -1413,10 +1454,10 @@ "uri":"vpc_acl_0003.html", "node_id":"vpc_acl_0003.xml", "product_code":"vpc", - "code":"77", - "des":"Disassociate a subnet from a firewall when necessary.Log in to the management console.Click in the upper left corner and select the desired region and project.Click in ", + "code":"79", + "des":"You can disassociate a subnet from its firewall based on your network requirements.Log in to the management console.Click in the upper left corner and select the desired", "doc_type":"usermanual", - "kw":"Disassociating a Subnet from a Firewall,Firewall,User Guide", + "kw":"Disassociating Subnets from a Firewall,Firewall,User Guide", "search_title":"", "metedata":[ { @@ -1425,14 +1466,14 @@ "prodname":"vpc" } ], - "title":"Disassociating a Subnet from a Firewall", + "title":"Disassociating Subnets from a Firewall", "githuburl":"" }, { "uri":"vpc_acl_0004.html", "node_id":"vpc_acl_0004.xml", "product_code":"vpc", - "code":"78", + "code":"80", "des":"If you need a rule to take effect before or after a specific rule, you can insert that rule before or after the specific rule.If multiple firewall rules conflict, only th", "doc_type":"usermanual", "kw":"Changing the Sequence of a Firewall Rule,Firewall,User Guide", @@ -1451,7 +1492,7 @@ "uri":"vpc_acl_0005.html", "node_id":"vpc_acl_0005.xml", "product_code":"vpc", - "code":"79", + "code":"81", "des":"Modify an inbound or outbound firewall rule based on your network security requirements.Log in to the management console.Click in the upper left corner and select the de", "doc_type":"usermanual", "kw":"Modifying a Firewall Rule,Firewall,User Guide", @@ -1470,7 +1511,7 @@ "uri":"vpc_acl_0006.html", "node_id":"vpc_acl_0006.xml", "product_code":"vpc", - "code":"80", + "code":"82", "des":"Enable or disable an inbound or outbound rule based on your network security requirements.Log in to the management console.Click in the upper left corner and select the ", "doc_type":"usermanual", "kw":"Enabling or Disabling a Firewall Rule,Firewall,User Guide", @@ -1489,7 +1530,7 @@ "uri":"vpc_acl_0007.html", "node_id":"vpc_acl_0007.xml", "product_code":"vpc", - "code":"81", + "code":"83", "des":"Delete an inbound or outbound rule based on your network security requirements.Log in to the management console.Click in the upper left corner and select the desired reg", "doc_type":"usermanual", "kw":"Deleting a Firewall Rule,Firewall,User Guide", @@ -1508,7 +1549,7 @@ "uri":"vpc_acl_0009.html", "node_id":"vpc_acl_0009.xml", "product_code":"vpc", - "code":"82", + "code":"84", "des":"View details about a firewall.Log in to the management console.Click in the upper left corner and select the desired region and project.Click in the upper left corner a", "doc_type":"usermanual", "kw":"Viewing a Firewall,Firewall,User Guide", @@ -1527,7 +1568,7 @@ "uri":"vpc_acl_0010.html", "node_id":"vpc_acl_0010.xml", "product_code":"vpc", - "code":"83", + "code":"85", "des":"Modify the name and description of a firewall.Log in to the management console.Click in the upper left corner and select the desired region and project.Click in the upp", "doc_type":"usermanual", "kw":"Modifying a Firewall,Firewall,User Guide", @@ -1546,7 +1587,7 @@ "uri":"vpc_acl_0011.html", "node_id":"vpc_acl_0011.xml", "product_code":"vpc", - "code":"84", + "code":"86", "des":"After a firewall is created, you may need to enable it based on network security requirements. You can also disable an enabled firewall if needed. Before enabling a firew", "doc_type":"usermanual", "kw":"Enabling or Disabling a Firewall,Firewall,User Guide", @@ -1565,7 +1606,7 @@ "uri":"vpc_acl_0012.html", "node_id":"vpc_acl_0012.xml", "product_code":"vpc", - "code":"85", + "code":"87", "des":"Delete a firewall when it is no longer required.Log in to the management console.Click in the upper left corner and select the desired region and project.Click in the u", "doc_type":"usermanual", "kw":"Deleting a Firewall,Firewall,User Guide", @@ -1584,7 +1625,7 @@ "uri":"vpc_eip_0000.html", "node_id":"vpc_eip_0000.xml", "product_code":"vpc", - "code":"86", + "code":"88", "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "doc_type":"usermanual", "kw":"Elastic IP", @@ -1603,7 +1644,7 @@ "uri":"en-us_topic_0013748738.html", "node_id":"en-us_topic_0013748738.xml", "product_code":"vpc", - "code":"87", + "code":"89", "des":"You can assign an EIP and bind it to an ECS so that the ECS can access the Internet.Note the following when you use EIPs of the Dedicated Load Balancer (5_gray) type:In e", "doc_type":"usermanual", "kw":"Assigning an EIP and Binding It to an ECS,Elastic IP,User Guide", @@ -1622,7 +1663,7 @@ "uri":"vpc_eip_0001.html", "node_id":"vpc_eip_0001.xml", "product_code":"vpc", - "code":"88", + "code":"90", "des":"If you no longer need an EIP, unbind it from the ECS and release the EIP to avoid wasting network resources.In eu-de, EIPs of the Dedicated Load Balancer (5_gray) type ca", "doc_type":"usermanual", "kw":"Unbinding an EIP from an ECS and Releasing the EIP,Elastic IP,User Guide", @@ -1641,7 +1682,7 @@ "uri":"en-us_topic_0013748743.html", "node_id":"en-us_topic_0013748743.xml", "product_code":"vpc", - "code":"89", + "code":"91", "des":"Modify the EIP bandwidth name or size.This section describes how to modify the dedicated bandwidth or shared bandwidth of an EIP. For details about how to modify a shared", "doc_type":"usermanual", "kw":"Modifying an EIP Bandwidth,Elastic IP,User Guide", @@ -1660,7 +1701,7 @@ "uri":"eip_0003.html", "node_id":"eip_0003.xml", "product_code":"vpc", - "code":"90", + "code":"92", "des":"The information of all EIPs under your account can be exported in an Excel file to a local directory. The file records the ID, status, type, bandwidth name, and bandwidth", "doc_type":"usermanual", "kw":"Exporting EIP Information,Elastic IP,User Guide", @@ -1679,7 +1720,7 @@ "uri":"en-us_topic_0068145818.html", "node_id":"en-us_topic_0068145818.xml", "product_code":"vpc", - "code":"91", + "code":"93", "des":"Tags can be added to EIPs to facilitate EIP identification and administration. You can add a tag to an EIP when assigning the EIP. Alternatively, you can add a tag to an ", "doc_type":"usermanual", "kw":"Managing EIP Tags,Elastic IP,User Guide", @@ -1698,7 +1739,7 @@ "uri":"vpc010003.html", "node_id":"vpc010003.xml", "product_code":"vpc", - "code":"92", + "code":"94", "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "doc_type":"usermanual", "kw":"Shared Bandwidth", @@ -1717,7 +1758,7 @@ "uri":"vpc010004.html", "node_id":"vpc010004.xml", "product_code":"vpc", - "code":"93", + "code":"95", "des":"A shared bandwidth can be shared by multiple EIPs and controls the data transfer rate on these EIPs in a centralized manner. All ECSs, BMSs, and load balancers that have ", "doc_type":"usermanual", "kw":"Shared Bandwidth Overview,Shared Bandwidth,User Guide", @@ -1736,7 +1777,7 @@ "uri":"vpc010005.html", "node_id":"vpc010005.xml", "product_code":"vpc", - "code":"94", + "code":"96", "des":"Assign a shared bandwidth for use with EIPs.Log in to the management console.Click in the upper left corner and select the desired region and project.Click in the upper", "doc_type":"usermanual", "kw":"Assigning a Shared Bandwidth,Shared Bandwidth,User Guide", @@ -1755,7 +1796,7 @@ "uri":"vpc010006.html", "node_id":"vpc010006.xml", "product_code":"vpc", - "code":"95", + "code":"97", "des":"Add EIPs to a shared bandwidth and the EIPs can then share that bandwidth. You can add multiple EIPs to a shared bandwidth at the same time.The type of EIPs must be the s", "doc_type":"usermanual", "kw":"Adding EIPs to a Shared Bandwidth,Shared Bandwidth,User Guide", @@ -1774,7 +1815,7 @@ "uri":"vpc010007.html", "node_id":"vpc010007.xml", "product_code":"vpc", - "code":"96", + "code":"98", "des":"Remove EIPs that are no longer required from a shared bandwidth if needed.Log in to the management console.Click in the upper left corner and select the desired region a", "doc_type":"usermanual", "kw":"Removing EIPs from a Shared Bandwidth,Shared Bandwidth,User Guide", @@ -1793,7 +1834,7 @@ "uri":"vpc010008.html", "node_id":"vpc010008.xml", "product_code":"vpc", - "code":"97", + "code":"99", "des":"You can modify the name and size of a shared bandwidth as required.Log in to the management console.Click in the upper left corner and select the desired region and proj", "doc_type":"usermanual", "kw":"Modifying a Shared Bandwidth,Shared Bandwidth,User Guide", @@ -1812,7 +1853,7 @@ "uri":"vpc010009.html", "node_id":"vpc010009.xml", "product_code":"vpc", - "code":"98", + "code":"100", "des":"Delete a shared bandwidth when it is no longer required.Before deleting a shared bandwidth, remove all the EIPs associated with it. For details, see Removing EIPs from a ", "doc_type":"usermanual", "kw":"Deleting a Shared Bandwidth,Shared Bandwidth,User Guide", @@ -1831,7 +1872,7 @@ "uri":"vpc_route01_0000.html", "node_id":"vpc_route01_0000.xml", "product_code":"vpc", - "code":"99", + "code":"101", "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "doc_type":"usermanual", "kw":"Route Tables", @@ -1850,7 +1891,7 @@ "uri":"vpc_route01_0001.html", "node_id":"vpc_route01_0001.xml", "product_code":"vpc", - "code":"100", + "code":"102", "des":"A route table contains a set of routes that are used to determine where network traffic from your subnets in a VPC is directed. Each subnet must be associated with a rout", "doc_type":"usermanual", "kw":"Route Tables and Routes,Route Tables,User Guide", @@ -1869,7 +1910,7 @@ "uri":"vpc_route01_0005.html", "node_id":"vpc_route01_0005.xml", "product_code":"vpc", - "code":"101", + "code":"103", "des":"A VPC automatically comes with a default route table. If your default route table cannot meet your service requirements, you can create a custom route table.By default, e", "doc_type":"usermanual", "kw":"Creating a Custom Route Table,Route Tables,User Guide", @@ -1888,7 +1929,7 @@ "uri":"vpc_route01_0007.html", "node_id":"vpc_route01_0007.xml", "product_code":"vpc", - "code":"102", + "code":"104", "des":"After a subnet is created, the system associates the subnet with the default route table of its VPC. If you want to use specific routes for a subnet, you can associate th", "doc_type":"usermanual", "kw":"Associating a Route Table with a Subnet,Route Tables,User Guide", @@ -1907,7 +1948,7 @@ "uri":"vpc_route01_0008.html", "node_id":"vpc_route01_0008.xml", "product_code":"vpc", - "code":"103", + "code":"105", "des":"You can change the route table for a subnet. If the route table for a subnet is changed, routes in the new route table will apply to all cloud resources in the subnet.Log", "doc_type":"usermanual", "kw":"Changing the Route Table Associated with a Subnet,Route Tables,User Guide", @@ -1926,7 +1967,7 @@ "uri":"vpc_route01_0015.html", "node_id":"vpc_route01_0015.xml", "product_code":"vpc", - "code":"104", + "code":"106", "des":"This section describes how to view the route table associated with a subnet.Log in to the management console.Click in the upper left corner and select the desired region", "doc_type":"usermanual", "kw":"Viewing the Route Table Associated with a Subnet,Route Tables,User Guide", @@ -1945,7 +1986,7 @@ "uri":"vpc_route01_0009.html", "node_id":"vpc_route01_0009.xml", "product_code":"vpc", - "code":"105", + "code":"107", "des":"This section describes how to view detailed information about a route table, including:Basic information, such as name, type (default or custom), and ID of the route tabl", "doc_type":"usermanual", "kw":"Viewing Route Table Information,Route Tables,User Guide", @@ -1964,7 +2005,7 @@ "uri":"vpc_route01_0014.html", "node_id":"vpc_route01_0014.xml", "product_code":"vpc", - "code":"106", + "code":"108", "des":"Information about all route tables under your account can be exported as an Excel file to a local directory. This file records the name, ID, VPC, type, and number of asso", "doc_type":"usermanual", "kw":"Exporting Route Table Information,Route Tables,User Guide", @@ -1983,7 +2024,7 @@ "uri":"vpc_route01_0010.html", "node_id":"vpc_route01_0010.xml", "product_code":"vpc", - "code":"107", + "code":"109", "des":"This section describes how to delete a custom route table.The default route table cannot be deleted.A custom route table with a subnet associated cannot be deleted direct", "doc_type":"usermanual", "kw":"Deleting a Route Table,Route Tables,User Guide", @@ -2002,7 +2043,7 @@ "uri":"vpc_route01_0006.html", "node_id":"vpc_route01_0006.xml", "product_code":"vpc", - "code":"108", + "code":"110", "des":"Each route table contains a default system route, which indicates that ECSs in a VPC can communicate with each other. You can also add custom routes as required to forwar", "doc_type":"usermanual", "kw":"Adding a Custom Route,Route Tables,User Guide", @@ -2021,7 +2062,7 @@ "uri":"vpc_route01_0011.html", "node_id":"vpc_route01_0011.xml", "product_code":"vpc", - "code":"109", + "code":"111", "des":"This section describes how to modify a custom route in a route table.System routes cannot be modified.When you create a VPC endpoint, VPN or Direct Connect connection, th", "doc_type":"usermanual", "kw":"Modifying a Route,Route Tables,User Guide", @@ -2040,7 +2081,7 @@ "uri":"vpc_route01_0013.html", "node_id":"vpc_route01_0013.xml", "product_code":"vpc", - "code":"110", + "code":"112", "des":"This section describes how to replicate routes among all route tables of a VPC. VPC route tables include the default and custom route tables.Table 1 shows whether routes ", "doc_type":"usermanual", "kw":"Replicating a Route,Route Tables,User Guide", @@ -2059,7 +2100,7 @@ "uri":"vpc_route01_0012.html", "node_id":"vpc_route01_0012.xml", "product_code":"vpc", - "code":"111", + "code":"113", "des":"This section describes how to delete a custom route from a route table.System routes cannot be deleted.The routes automatically delivered by VPN or Direct Connect to the ", "doc_type":"usermanual", "kw":"Deleting a Route,Route Tables,User Guide", @@ -2078,7 +2119,7 @@ "uri":"vpc_route_0004.html", "node_id":"vpc_route_0004.xml", "product_code":"vpc", - "code":"112", + "code":"114", "des":"Together with VPC route tables, you can configure SNAT on an ECS to enable other ECSs that have no EIPs bound in the same VPC to access the Internet through this ECS.The ", "doc_type":"usermanual", "kw":"Configuring an SNAT Server,Route Tables,User Guide", @@ -2097,7 +2138,7 @@ "uri":"vpc_peering_0000.html", "node_id":"vpc_peering_0000.xml", "product_code":"vpc", - "code":"113", + "code":"115", "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "doc_type":"usermanual", "kw":"VPC Peering Connection", @@ -2116,8 +2157,8 @@ "uri":"en-us_topic_0046655036.html", "node_id":"en-us_topic_0046655036.xml", "product_code":"vpc", - "code":"114", - "des":"A VPC peering connection is a networking connection between two VPCs and enables them to communicate using private IP addresses. The VPCs to be peered can be in the same ", + "code":"116", + "des":"A VPC peering connection is a networking connection that connects two VPCs for them to communicate using private IP addresses. The VPCs to be peered can be in the same ac", "doc_type":"usermanual", "kw":"VPC Peering Connection Overview,VPC Peering Connection,User Guide", "search_title":"", @@ -2135,7 +2176,7 @@ "uri":"en-us_topic_0046809840.html", "node_id":"en-us_topic_0046809840.xml", "product_code":"vpc", - "code":"115", + "code":"117", "des":"A VPC peering connection is a networking connection between two VPCs in the same region and enables them to communicate. Table 1 lists different scenarios of using VPC pe", "doc_type":"usermanual", "kw":"VPC Peering Connection Usage Examples,VPC Peering Connection,User Guide", @@ -2154,7 +2195,7 @@ "uri":"en-us_topic_0046655037.html", "node_id":"en-us_topic_0046655037.xml", "product_code":"vpc", - "code":"116", + "code":"118", "des":"If two VPCs from the same region cannot communicate with each other, you can use a VPC peering connection. This section describes how to create a VPC peering connection b", "doc_type":"usermanual", "kw":"Creating a VPC Peering Connection with Another VPC in Your Account,VPC Peering Connection,User Guide", @@ -2173,7 +2214,7 @@ "uri":"en-us_topic_0046655038.html", "node_id":"en-us_topic_0046655038.xml", "product_code":"vpc", - "code":"117", + "code":"119", "des":"If two VPCs from the same region cannot communicate with each other, you can use a VPC peering connection. This section describes how to create a VPC peering connection b", "doc_type":"usermanual", "kw":"Creating a VPC Peering Connection with a VPC in Another Account,VPC Peering Connection,User Guide", @@ -2192,7 +2233,7 @@ "uri":"vpc_peering_0005.html", "node_id":"vpc_peering_0005.xml", "product_code":"vpc", - "code":"118", + "code":"120", "des":"If you create a VPC peering connection between two VPCs in different accounts, you can refer to this section to obtain the project ID of the region that the peer VPC resi", "doc_type":"usermanual", "kw":"Obtaining the Peer Project ID of a VPC Peering Connection,VPC Peering Connection,User Guide", @@ -2211,7 +2252,7 @@ "uri":"vpc_peering_0002.html", "node_id":"vpc_peering_0002.xml", "product_code":"vpc", - "code":"119", + "code":"121", "des":"This section describes how to modify the name of a VPC peering connection.Either owner of a VPC in a peering connection can modify the VPC peering connection in any state", "doc_type":"usermanual", "kw":"Modifying a VPC Peering Connection,VPC Peering Connection,User Guide", @@ -2230,7 +2271,7 @@ "uri":"vpc_peering_0001.html", "node_id":"vpc_peering_0001.xml", "product_code":"vpc", - "code":"120", + "code":"122", "des":"This section describes how to view basic information about a VPC peering connection, including the connection name, status, and information about the local and peer VPCs.", "doc_type":"usermanual", "kw":"Viewing VPC Peering Connections,VPC Peering Connection,User Guide", @@ -2249,7 +2290,7 @@ "uri":"vpc_peering_0003.html", "node_id":"vpc_peering_0003.xml", "product_code":"vpc", - "code":"121", + "code":"123", "des":"This section describes how to delete a VPC peering connection.Either owner of a VPC in a peering connection can delete the VPC peering connection in any state.The owner o", "doc_type":"usermanual", "kw":"Deleting a VPC Peering Connection,VPC Peering Connection,User Guide", @@ -2268,7 +2309,7 @@ "uri":"vpc_peering_0007.html", "node_id":"vpc_peering_0007.xml", "product_code":"vpc", - "code":"122", + "code":"124", "des":"This section describes how to modify the routes added for a VPC peering connection in the route tables of the local and peer VPCs.Modifying Routes of a VPC Peering Connec", "doc_type":"usermanual", "kw":"Modifying Routes Configured for a VPC Peering Connection,VPC Peering Connection,User Guide", @@ -2287,7 +2328,7 @@ "uri":"vpc_peering_0004.html", "node_id":"vpc_peering_0004.xml", "product_code":"vpc", - "code":"123", + "code":"125", "des":"This section describes how to view the routes added to the route tables of local and peer VPCs of a VPC peering connection.Viewing Routes of a VPC Peering Connection Betw", "doc_type":"usermanual", "kw":"Viewing Routes Configured for a VPC Peering Connection,VPC Peering Connection,User Guide", @@ -2306,7 +2347,7 @@ "uri":"vpc_peering_0006.html", "node_id":"vpc_peering_0006.xml", "product_code":"vpc", - "code":"124", + "code":"126", "des":"This section describes how to delete routes from the route tables of the local and peer VPCs connected by a VPC peering connection.Deleting Routes of a VPC Peering Connec", "doc_type":"usermanual", "kw":"Deleting Routes Configured for a VPC Peering Connection,VPC Peering Connection,User Guide", @@ -2325,7 +2366,7 @@ "uri":"FlowLog_0001.html", "node_id":"flowlog_0001.xml", "product_code":"vpc", - "code":"125", + "code":"127", "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "doc_type":"usermanual", "kw":"VPC Flow Log", @@ -2344,7 +2385,7 @@ "uri":"FlowLog_0002.html", "node_id":"flowlog_0002.xml", "product_code":"vpc", - "code":"126", + "code":"128", "des":"A VPC flow log records information about the traffic going to and from a VPC. VPC flow logs help you monitor network traffic, analyze network attacks, and determine wheth", "doc_type":"usermanual", "kw":"VPC Flow Log Overview,VPC Flow Log,User Guide", @@ -2363,7 +2404,7 @@ "uri":"FlowLog_0003.html", "node_id":"flowlog_0003.xml", "product_code":"vpc", - "code":"127", + "code":"129", "des":"A VPC flow log records information about the traffic going to and from a VPC.Ensure that the following operations have been performed on the LTS console:Create a log grou", "doc_type":"usermanual", "kw":"Creating a VPC Flow Log,VPC Flow Log,User Guide", @@ -2382,7 +2423,7 @@ "uri":"FlowLog_0004.html", "node_id":"flowlog_0004.xml", "product_code":"vpc", - "code":"128", + "code":"130", "des":"View information about your flow log record.The capture window is approximately 10 minutes, which indicates that a flow log record will be generated every 10 minutes. Aft", "doc_type":"usermanual", "kw":"Viewing a VPC Flow Log,VPC Flow Log,User Guide", @@ -2401,8 +2442,8 @@ "uri":"FlowLog_0006.html", "node_id":"flowlog_0006.xml", "product_code":"vpc", - "code":"129", - "des":"After a VPC flow log is created, the VPC flow log is automatically enabled. If you do not need to record traffic data, you can disable the corresponding VPC flow log. The", + "code":"131", + "des":"After a VPC flow log is created, the VPC flow log is automatically enabled. If you do not need to record flow log data, you can disable the corresponding VPC flow log. A ", "doc_type":"usermanual", "kw":"Enabling or Disabling VPC Flow Log,VPC Flow Log,User Guide", "search_title":"", @@ -2420,7 +2461,7 @@ "uri":"FlowLog_0005.html", "node_id":"flowlog_0005.xml", "product_code":"vpc", - "code":"130", + "code":"132", "des":"Delete a VPC flow log that is not required. Deleting a VPC flow log will not delete the existing flow log records in LTS.If a NIC that uses a VPC flow log is deleted, the", "doc_type":"usermanual", "kw":"Deleting a VPC Flow Log,VPC Flow Log,User Guide", @@ -2439,7 +2480,7 @@ "uri":"vpc_dc_0000.html", "node_id":"vpc_dc_0000.xml", "product_code":"vpc", - "code":"131", + "code":"133", "des":"Direct Connect allows you to establish a dedicated network connection between your data center and the cloud platform. With Direct Connect, you can establish a private co", "doc_type":"usermanual", "kw":"Direct Connect,User Guide", @@ -2458,7 +2499,7 @@ "uri":"vpc_vip_0000.html", "node_id":"vpc_vip_0000.xml", "product_code":"vpc", - "code":"132", + "code":"134", "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "doc_type":"usermanual", "kw":"Virtual IP Address", @@ -2477,7 +2518,7 @@ "uri":"vpc_vip_0001.html", "node_id":"vpc_vip_0001.xml", "product_code":"vpc", - "code":"133", + "code":"135", "des":"A virtual IP address can be shared among multiple ECSs. An ECS can have both private and virtual IP addresses, and you can access the ECS through either IP address. A vir", "doc_type":"usermanual", "kw":"Virtual IP Address Overview,Virtual IP Address,User Guide", @@ -2496,7 +2537,7 @@ "uri":"vpc_vip_0002.html", "node_id":"vpc_vip_0002.xml", "product_code":"vpc", - "code":"134", + "code":"136", "des":"If an ECS requires a virtual IP address or if a virtual IP address needs to be reserved, you can assign a virtual IP address from the subnet.Log in to the management cons", "doc_type":"usermanual", "kw":"Assigning a Virtual IP Address,Virtual IP Address,User Guide", @@ -2515,8 +2556,8 @@ "uri":"en-us_topic_0067802474.html", "node_id":"en-us_topic_0067802474.xml", "product_code":"vpc", - "code":"135", - "des":"You can bind a virtual IP address to an EIP so that you can access the ECSs bound with the same virtual IP address from the Internet. These ECSs can work in the active/st", + "code":"137", + "des":"You can use a virtual IP address and an EIP together.If you bind a virtual IP address to ECSs that work in active/standby pairs and bind an EIP to the virtual IP address,", "doc_type":"usermanual", "kw":"Binding a Virtual IP Address to an EIP or ECS,Virtual IP Address,User Guide", "search_title":"", @@ -2534,7 +2575,7 @@ "uri":"vpc_vip_0003.html", "node_id":"vpc_vip_0003.xml", "product_code":"vpc", - "code":"136", + "code":"138", "des":"This section describes how to bind a virtual IP address to an EIP.You have assigned an EIP.Log in to the management console.Click in the upper left corner and select the", "doc_type":"usermanual", "kw":"Binding a Virtual IP Address to an EIP,Virtual IP Address,User Guide", @@ -2553,7 +2594,7 @@ "uri":"vpc_vip_0004.html", "node_id":"vpc_vip_0004.xml", "product_code":"vpc", - "code":"137", + "code":"139", "des":"Configure the ECS networking based on Networking.Create a VPN.The VPN can be used to access the virtual IP address of the ECS.", "doc_type":"usermanual", "kw":"Using a VPN to Access a Virtual IP Address,Virtual IP Address,User Guide", @@ -2572,7 +2613,7 @@ "uri":"vpc_vip_0005.html", "node_id":"vpc_vip_0005.xml", "product_code":"vpc", - "code":"138", + "code":"140", "des":"Configure the ECS networking based on Networking.Create a Direct Connect connection.The created Direct Connect connection can be used to access the virtual IP address of ", "doc_type":"usermanual", "kw":"Using a Direct Connect Connection to Access the Virtual IP Address,Virtual IP Address,User Guide", @@ -2591,7 +2632,7 @@ "uri":"vpc_vip_0006.html", "node_id":"vpc_vip_0006.xml", "product_code":"vpc", - "code":"139", + "code":"141", "des":"Configure the ECS networking based on Networking.Create a VPC peering connection.You can access the virtual IP address of the ECS through the VPC peering connection.", "doc_type":"usermanual", "kw":"Using a VPC Peering Connection to Access the Virtual IP Address,Virtual IP Address,User Guide", @@ -2610,7 +2651,7 @@ "uri":"vpc_vip_0007.html", "node_id":"vpc_vip_0007.xml", "product_code":"vpc", - "code":"140", + "code":"142", "des":"If a virtual IP address is used in an active/standby scenario, disable IP forwarding on the standby ECS.Log in to the ECS.Run the following command to switch to user root", "doc_type":"usermanual", "kw":"Disabling IP Forwarding on the Standby ECS,Virtual IP Address,User Guide", @@ -2629,7 +2670,7 @@ "uri":"vpc_vip_0008.html", "node_id":"vpc_vip_0008.xml", "product_code":"vpc", - "code":"141", + "code":"143", "des":"If a virtual IP address is used in an HA load balancing cluster, you need to disable source/destination check for ECS NICs.Log in to the management console.Click in the ", "doc_type":"usermanual", "kw":"Disabling Source and Destination Check (HA Load Balancing Cluster Scenario),Virtual IP Address,User ", @@ -2648,7 +2689,7 @@ "uri":"vpc_vip_0010.html", "node_id":"vpc_vip_0010.xml", "product_code":"vpc", - "code":"142", + "code":"144", "des":"This section describes how to unbind a virtual IP address from an ECS.Log in to the management console.Click in the upper left corner and select the desired region and p", "doc_type":"usermanual", "kw":"Unbinding a Virtual IP Address from an Instance,Virtual IP Address,User Guide", @@ -2667,7 +2708,7 @@ "uri":"vpc_vip_0011.html", "node_id":"vpc_vip_0011.xml", "product_code":"vpc", - "code":"143", + "code":"145", "des":"This section describes how to unbind a virtual IP address from an EIP.Log in to the management console.Click in the upper left corner and select the desired region and p", "doc_type":"usermanual", "kw":"Unbinding a Virtual IP Address from an EIP,Virtual IP Address,User Guide", @@ -2686,7 +2727,7 @@ "uri":"vpc_vip_0009.html", "node_id":"vpc_vip_0009.xml", "product_code":"vpc", - "code":"144", + "code":"146", "des":"If you no longer need a virtual IP address or a reserved virtual IP address, you can release it to avoid wasting resources.If you want to release a virtual IP address tha", "doc_type":"usermanual", "kw":"Releasing a Virtual IP Address,Virtual IP Address,User Guide", @@ -2705,7 +2746,7 @@ "uri":"vpc010011.html", "node_id":"vpc010011.xml", "product_code":"vpc", - "code":"145", + "code":"147", "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "doc_type":"usermanual", "kw":"Monitoring", @@ -2724,7 +2765,7 @@ "uri":"vpc010012.html", "node_id":"vpc010012.xml", "product_code":"vpc", - "code":"146", + "code":"148", "des":"This section describes the namespace, list, and measurement dimensions of EIP and bandwidth metrics that you can check on Cloud Eye. You can use APIs or the Cloud Eye con", "doc_type":"usermanual", "kw":"Supported Metrics,Monitoring,User Guide", @@ -2743,7 +2784,7 @@ "uri":"vpc010013.html", "node_id":"vpc010013.xml", "product_code":"vpc", - "code":"147", + "code":"149", "des":"You can view the bandwidth and EIP usage on the Elastic IP and Bandwidth or Cloud Eye console.You can view the inbound bandwidth, outbound bandwidth, inbound bandwidth us", "doc_type":"usermanual", "kw":"Viewing Metrics,Monitoring,User Guide", @@ -2762,7 +2803,7 @@ "uri":"vpc010014.html", "node_id":"vpc010014.xml", "product_code":"vpc", - "code":"148", + "code":"150", "des":"You can configure alarm rules to customize the monitored objects and notification policies. You can learn your resource statuses at any time.Log in to the management cons", "doc_type":"usermanual", "kw":"Creating an Alarm Rule,Monitoring,User Guide", @@ -2781,7 +2822,7 @@ "uri":"permission_0001.html", "node_id":"permission_0001.xml", "product_code":"vpc", - "code":"149", + "code":"151", "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "doc_type":"usermanual", "kw":"Permissions Management", @@ -2800,7 +2841,7 @@ "uri":"permission_0003.html", "node_id":"permission_0003.xml", "product_code":"vpc", - "code":"150", + "code":"152", "des":"This section describes how to use IAM to implement fine-grained permissions control for your VPC resources. With IAM, you can:Create IAM users for employees based on your", "doc_type":"usermanual", "kw":"Creating a User and Granting VPC Permissions,Permissions Management,User Guide", @@ -2819,7 +2860,7 @@ "uri":"permission_0004.html", "node_id":"permission_0004.xml", "product_code":"vpc", - "code":"151", + "code":"153", "des":"Custom policies can be created to supplement the system-defined policies of VPC. For the actions supported for custom policies, see Permissions Policies and Supported Act", "doc_type":"usermanual", "kw":"VPC Custom Policies,Permissions Management,User Guide", @@ -2838,7 +2879,7 @@ "uri":"vpc_faq_0000.html", "node_id":"vpc_faq_0000.xml", "product_code":"vpc", - "code":"152", + "code":"154", "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "doc_type":"usermanual", "kw":"FAQ", @@ -2856,7 +2897,7 @@ "uri":"faq_common.html", "node_id":"faq_common.xml", "product_code":"vpc", - "code":"153", + "code":"155", "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "doc_type":"usermanual", "kw":"General Questions", @@ -2874,7 +2915,7 @@ "uri":"vpc_faq_0051.html", "node_id":"vpc_faq_0051.xml", "product_code":"vpc", - "code":"154", + "code":"156", "des":"A quota limits the quantity of a resource available to users, thereby preventing spikes in the usage of the resource. For example, a VPC quota limits the number of VPCs t", "doc_type":"usermanual", "kw":"What Is a Quota?,General Questions,User Guide", @@ -2892,7 +2933,7 @@ "uri":"faq_vpc.html", "node_id":"faq_vpc.xml", "product_code":"vpc", - "code":"155", + "code":"157", "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "doc_type":"usermanual", "kw":"VPCs and Subnets", @@ -2910,7 +2951,7 @@ "uri":"vpc_faq_0001.html", "node_id":"vpc_faq_0001.xml", "product_code":"vpc", - "code":"156", + "code":"158", "des":"The Virtual Private Cloud (VPC) service enables you to provision logically isolated virtual networks for Elastic Cloud Servers (ECSs), improving cloud resource security a", "doc_type":"usermanual", "kw":"What Is Virtual Private Cloud?,VPCs and Subnets,User Guide", @@ -2928,7 +2969,7 @@ "uri":"vpc_faq_0004.html", "node_id":"vpc_faq_0004.xml", "product_code":"vpc", - "code":"157", + "code":"159", "des":"The following table lists the private CIDR blocks that you can specify when creating a VPC. Consider the following when selecting a VPC CIDR block:Number of IP addresses:", "doc_type":"usermanual", "kw":"Which CIDR Blocks Are Available for the VPC Service?,VPCs and Subnets,User Guide", @@ -2946,7 +2987,7 @@ "uri":"vpc_faq_0005.html", "node_id":"vpc_faq_0005.xml", "product_code":"vpc", - "code":"158", + "code":"160", "des":"Subnets in the same VPC can communicate with each other by default.VPCs are isolated from each other. Subnets from different VPCs cannot communicate with each other. You ", "doc_type":"usermanual", "kw":"Can Subnets Communicate with Each Other?,VPCs and Subnets,User Guide", @@ -2964,7 +3005,7 @@ "uri":"vpc_faq_0006.html", "node_id":"vpc_faq_0006.xml", "product_code":"vpc", - "code":"159", + "code":"161", "des":"A subnet is an IP address range from a VPC. The VPC service supports CIDR blocks 10.0.0.0/8-24, 172.16.0.0/12-24, and 192.168.0.0/16-24.Subnets must reside within your VP", "doc_type":"usermanual", "kw":"What Subnet CIDR Blocks Are Available?,VPCs and Subnets,User Guide", @@ -2982,7 +3023,7 @@ "uri":"vpc_faq_0009.html", "node_id":"vpc_faq_0009.xml", "product_code":"vpc", - "code":"160", + "code":"162", "des":"Each account can have a maximum of 100 subnets. If the number of subnets cannot meet your service requirements, request a quota increase. For details, see What Is a Quota", "doc_type":"usermanual", "kw":"How Many Subnets Can I Create?,VPCs and Subnets,User Guide", @@ -3000,7 +3041,7 @@ "uri":"vpc_faq_0094.html", "node_id":"vpc_faq_0094.xml", "product_code":"vpc", - "code":"161", + "code":"163", "des":"The network ID of the subnet is the neutron_network_id in the subnet fields in Subnet > Creating a Subnet in the Virtual Private Cloud API Reference.Parameter neutron_net", "doc_type":"usermanual", "kw":"What Are the Differences Between the Network ID and Subnet ID of a Subnet?,VPCs and Subnets,User Gui", @@ -3018,7 +3059,7 @@ "uri":"vpc_faq_0075.html", "node_id":"vpc_faq_0075.xml", "product_code":"vpc", - "code":"162", + "code":"164", "des":"If VPCs and subnets are being used by other resources, you need to delete these resources first based on the prompts on the console before deleting the VPCs and subnets. ", "doc_type":"usermanual", "kw":"Why Can't I Delete My VPCs and Subnets?,VPCs and Subnets,User Guide", @@ -3036,7 +3077,7 @@ "uri":"faq_eip.html", "node_id":"faq_eip.xml", "product_code":"vpc", - "code":"163", + "code":"165", "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "doc_type":"usermanual", "kw":"EIPs", @@ -3054,7 +3095,7 @@ "uri":"vpc_faq_0013.html", "node_id":"vpc_faq_0013.xml", "product_code":"vpc", - "code":"164", + "code":"166", "des":"The Elastic IP (EIP) service enables your cloud resources to communicate with the Internet using static public IP addresses and scalable bandwidths. EIPs can be bound to ", "doc_type":"usermanual", "kw":"What Is an EIP?,EIPs,User Guide", @@ -3072,7 +3113,7 @@ "uri":"vpc_faq_0019.html", "node_id":"vpc_faq_0019.xml", "product_code":"vpc", - "code":"165", + "code":"167", "des":"Each EIP can be bound to only one ECS at a time.Multiple ECSs cannot share the same EIP. An ECS and its bound EIP must be in the same region. If you want multiple ECSs in", "doc_type":"usermanual", "kw":"Can I Bind an EIP to Multiple ECSs?,EIPs,User Guide", @@ -3090,7 +3131,7 @@ "uri":"vpc_faq_0020.html", "node_id":"vpc_faq_0020.xml", "product_code":"vpc", - "code":"166", + "code":"168", "des":"Each ECS is automatically added to a security group after being created to ensure its security. The security group denies access traffic from the Internet by default. To ", "doc_type":"usermanual", "kw":"How Do I Access an ECS with an EIP Bound from the Internet?,EIPs,User Guide", @@ -3108,7 +3149,7 @@ "uri":"faq_eip_0012.html", "node_id":"faq_eip_0012.xml", "product_code":"vpc", - "code":"167", + "code":"169", "des":"No. EIPs and their associated cloud resources must be in the same region.", "doc_type":"usermanual", "kw":"Can I Bind an EIP to a Cloud Resource in Another Region?,EIPs,User Guide", @@ -3126,7 +3167,7 @@ "uri":"faq_eip_0014.html", "node_id":"faq_eip_0014.xml", "product_code":"vpc", - "code":"168", + "code":"170", "des":"The region of an EIP cannot be changed.If you assigned an EIP in region A but need an EIP in region B, you cannot directly change the region of the assigned EIP from A to", "doc_type":"usermanual", "kw":"Can I Change the Region of My EIP?,EIPs,User Guide", @@ -3144,7 +3185,7 @@ "uri":"faq_peer_0000.html", "node_id":"faq_peer_0000.xml", "product_code":"vpc", - "code":"169", + "code":"171", "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "doc_type":"usermanual", "kw":"VPC Peering Connections", @@ -3162,7 +3203,7 @@ "uri":"vpc_faq_0070.html", "node_id":"vpc_faq_0070.xml", "product_code":"vpc", - "code":"170", + "code":"172", "des":"Each account can have a maximum of 50 VPC peering connections in each region by default.Number of VPC peering connections that you can create in each region between VPCs ", "doc_type":"usermanual", "kw":"How Many VPC Peering Connections Can I Create in an Account?,VPC Peering Connections,User Guide", @@ -3180,7 +3221,7 @@ "uri":"faq_connection_0001.html", "node_id":"faq_connection_0001.xml", "product_code":"vpc", - "code":"171", + "code":"173", "des":"A VPC peering connection only can connect VPCs in the same region.Figure 1 shows an application scenario of VPC peering connections.There are two VPCs (VPC-A and VPC-B) i", "doc_type":"usermanual", "kw":"Can a VPC Peering Connection Connect VPCs in Different Regions?,VPC Peering Connections,User Guide", @@ -3198,7 +3239,7 @@ "uri":"vpc_faq_0069.html", "node_id":"vpc_faq_0069.xml", "product_code":"vpc", - "code":"172", + "code":"174", "des":"After a VPC peering connection is created, the local and peer VPCs cannot communicate with each other.The issues here are described in order of how likely they are to occ", "doc_type":"usermanual", "kw":"Why Did Communication Fail Between VPCs That Were Connected by a VPC Peering Connection?,VPC Peering", @@ -3216,7 +3257,7 @@ "uri":"faq_bandwidth.html", "node_id":"faq_bandwidth.xml", "product_code":"vpc", - "code":"173", + "code":"175", "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "doc_type":"usermanual", "kw":"Bandwidth", @@ -3234,7 +3275,7 @@ "uri":"vpc_faq_0011.html", "node_id":"vpc_faq_0011.xml", "product_code":"vpc", - "code":"174", + "code":"176", "des":"The bandwidth range is from 5 Mbit/s to 1000 Mbit/s.", "doc_type":"usermanual", "kw":"What Is the Bandwidth Size Range?,Bandwidth,User Guide", @@ -3252,7 +3293,7 @@ "uri":"vpc_faq_0012.html", "node_id":"vpc_faq_0012.xml", "product_code":"vpc", - "code":"175", + "code":"177", "des":"There are dedicated bandwidths and shared bandwidths. A dedicated bandwidth can only be used by one EIP, but a shared bandwidth can be used by multiple EIPs.", "doc_type":"usermanual", "kw":"What Bandwidth Types Are Available?,Bandwidth,User Guide", @@ -3270,7 +3311,7 @@ "uri":"faq_bandwidth_0003.html", "node_id":"faq_bandwidth_0003.xml", "product_code":"vpc", - "code":"176", + "code":"178", "des":"A dedicated bandwidth can only be used by one EIP. An EIP can only be used by one cloud resource, such as an ECS, a NAT gateway, or a load balancer.A shared bandwidth can", "doc_type":"usermanual", "kw":"What Are the Differences Between a Dedicated Bandwidth and a Shared Bandwidth? Can a Dedicated Bandw", @@ -3288,7 +3329,7 @@ "uri":"faq_connection.html", "node_id":"faq_connection.xml", "product_code":"vpc", - "code":"177", + "code":"179", "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "doc_type":"usermanual", "kw":"Connectivity", @@ -3306,7 +3347,7 @@ "uri":"vpc_faq_0058.html", "node_id":"vpc_faq_0058.xml", "product_code":"vpc", - "code":"178", + "code":"180", "des":"If the two VPCs are in the same region, you can use a VPC peering connection to enable communication between them.If the two VPCs are in different regions, you can use a ", "doc_type":"usermanual", "kw":"Does a VPN Allow Communication Between Two VPCs?,Connectivity,User Guide", @@ -3324,7 +3365,7 @@ "uri":"vpc_faq_0060.html", "node_id":"vpc_faq_0060.xml", "product_code":"vpc", - "code":"179", + "code":"181", "des":"When an ECS has more than one NIC, if different DNS server addresses are configured for the subnets used by the NICs, the ECS cannot access the Internet or domain names i", "doc_type":"usermanual", "kw":"Why Are Internet or Internal Domain Names in the Cloud Inaccessible Through Domain Names When My ECS", @@ -3342,7 +3383,7 @@ "uri":"vpc_faq_0073.html", "node_id":"vpc_faq_0073.xml", "product_code":"vpc", - "code":"180", + "code":"182", "des":"The priority of an EIP is higher than that of a custom route in a VPC route table. For example:The VPC route table of an ECS has a custom route with 0.0.0.0/0 as the dest", "doc_type":"usermanual", "kw":"What Are the Priorities of the Custom Route and EIP If Both Are Configured for an ECS to Enable the ", @@ -3360,7 +3401,7 @@ "uri":"vpc_faq_00002.html", "node_id":"vpc_faq_00002.xml", "product_code":"vpc", - "code":"181", + "code":"183", "des":"The priority of a custom route is higher than that of shared SNAT.", "doc_type":"usermanual", "kw":"What Are the Priorities of the Shared SNAT and Custom Route If Both Are Configured for an ECS to Ena", @@ -3378,7 +3419,7 @@ "uri":"vpc_faq_0076.html", "node_id":"vpc_faq_0076.xml", "product_code":"vpc", - "code":"182", + "code":"184", "des":"Users with IPv6 clients can call APIs to assign IPv6 EIPs and bind the EIPs to ECSs. Then, the users can use the EIP to access the ECSs in the VPC over the Internet.For d", "doc_type":"usermanual", "kw":"How Does an IPv6 Client on the Internet Access the ECS That Has an EIP Bound in a VPC?,Connectivity,", @@ -3396,7 +3437,7 @@ "uri":"faq_route.html", "node_id":"faq_route.xml", "product_code":"vpc", - "code":"183", + "code":"185", "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "doc_type":"usermanual", "kw":"Routing", @@ -3414,7 +3455,7 @@ "uri":"vpc_faq_0063.html", "node_id":"vpc_faq_0063.xml", "product_code":"vpc", - "code":"184", + "code":"186", "des":"Currently, a route table can contain 100 routes.", "doc_type":"usermanual", "kw":"How Many Routes Can a Route Table Contain?,Routing,User Guide", @@ -3432,7 +3473,7 @@ "uri":"vpc_faq_0064.html", "node_id":"vpc_faq_0064.xml", "product_code":"vpc", - "code":"185", + "code":"187", "des":"An ECS providing SNAT must have Unbind IP from MAC enabled.The destination of each route in a route table must be unique. The next hop must be a private IP address or a v", "doc_type":"usermanual", "kw":"Are There Any Restrictions on Using a Route Table?,Routing,User Guide", @@ -3450,7 +3491,7 @@ "uri":"vpc_faq_0066.html", "node_id":"vpc_faq_0066.xml", "product_code":"vpc", - "code":"186", + "code":"188", "des":"No. Direct Connect connections and custom routes are used in different scenarios, so the routing priorities are different.", "doc_type":"usermanual", "kw":"Do the Same Routing Priorities Apply to Direct Connect Connections and Custom Routes in the Same VPC", @@ -3468,7 +3509,7 @@ "uri":"vpc_faq_00001.html", "node_id":"vpc_faq_00001.xml", "product_code":"vpc", - "code":"187", + "code":"189", "des":"No. The routing priority of custom routes and that of VPNs are the same.", "doc_type":"usermanual", "kw":"Are There Different Routing Priorities of the VPN and Custom Routes in the Same VPC?,Routing,User Gu", @@ -3486,7 +3527,7 @@ "uri":"faq_security.html", "node_id":"faq_security.xml", "product_code":"vpc", - "code":"188", + "code":"190", "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "doc_type":"usermanual", "kw":"Security", @@ -3504,7 +3545,7 @@ "uri":"faq_security_0003.html", "node_id":"faq_security_0003.xml", "product_code":"vpc", - "code":"189", + "code":"191", "des":"The default security group is named default and cannot be deleted.If you want to delete a security group that is associated with instances, such as cloud servers, contain", "doc_type":"usermanual", "kw":"Why Can't I Delete a Security Group?,Security,User Guide", @@ -3522,7 +3563,7 @@ "uri":"vpc_faq_0039.html", "node_id":"vpc_faq_0039.xml", "product_code":"vpc", - "code":"190", + "code":"192", "des":"Yes. Log in to the ECS console, switch to the page showing ECS details, and change the security group of the ECS.", "doc_type":"usermanual", "kw":"Can I Change the Security Group of an ECS?,Security,User Guide", @@ -3540,7 +3581,7 @@ "uri":"vpc_faq_0059.html", "node_id":"vpc_faq_0059.xml", "product_code":"vpc", - "code":"191", + "code":"193", "des":"The TFTP daemon determines whether a configuration file specifies the port range. If you use a TFTP configuration file that allows the data channel ports to be configurab", "doc_type":"usermanual", "kw":"How Do I Configure a Security Group for Multi-Channel Protocols?,Security,User Guide", @@ -3558,7 +3599,7 @@ "uri":"vpc_faq_0074.html", "node_id":"vpc_faq_0074.xml", "product_code":"vpc", - "code":"192", + "code":"194", "des":"Security groups are stateful. Responses to outbound traffic are allowed to go in to the instance regardless of inbound security group rules, and vice versa. Security grou", "doc_type":"usermanual", "kw":"Does a Security Group Rule or a Firewall Rule Immediately Take Effect for Existing Connections After", @@ -3576,7 +3617,7 @@ "uri":"vpc_faq_0077.html", "node_id":"vpc_faq_0077.xml", "product_code":"vpc", - "code":"193", + "code":"195", "des":"Security group rules use the whitelist mechanism. If multiple security group rules conflict, the rules are aggregated to take effect.", "doc_type":"usermanual", "kw":"Which Security Group Rule Has Priority When Multiple Security Group Rules Conflict?,Security,User Gu", @@ -3594,7 +3635,7 @@ "uri":"vpc_faq_0103.html", "node_id":"vpc_faq_0103.xml", "product_code":"vpc", - "code":"194", + "code":"196", "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "doc_type":"usermanual", "kw":"Change History,User Guide", @@ -3613,7 +3654,7 @@ "uri":"vpc_faq_0106.html", "node_id":"vpc_faq_0106.xml", "product_code":"vpc", - "code":"195", + "code":"197", "des":"For details about the terms involved in this document, see Glossary.", "doc_type":"usermanual", "kw":"Glossary,User Guide", diff --git a/docs/vpc/umn/CLASS.TXT.json b/docs/vpc/umn/CLASS.TXT.json index c36ce65d1..f4fcd523a 100644 --- a/docs/vpc/umn/CLASS.TXT.json +++ b/docs/vpc/umn/CLASS.TXT.json @@ -126,7 +126,7 @@ "code":"14" }, { - "desc":"A VPC peering connection is a networking connection between two VPCs and enables them to communicate using private IP addresses. The VPCs to be peered can be in the same ", + "desc":"A VPC peering connection is a networking connection that connects two VPCs for them to communicate using private IP addresses. The VPCs to be peered can be in the same ac", "product_code":"vpc", "title":"VPC Peering Connection", "uri":"vpc_Concepts_0011.html", @@ -458,6 +458,15 @@ "p_code":"44", "code":"51" }, + { + "desc":"IPv4 and IPv6 dual-stack allows your resources, such as ECSs, to use both IPv4 and IPv6 addresses for private and public network communications. For example, if ECSs use ", + "product_code":"vpc", + "title":"IPv4 and IPv6 Dual-Stack Network", + "uri":"vpc_0002.html", + "doc_type":"usermanual", + "p_code":"35", + "code":"52" + }, { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "product_code":"vpc", @@ -465,7 +474,7 @@ "uri":"vpc_SecurityGroup_0000.html", "doc_type":"usermanual", "p_code":"", - "code":"52" + "code":"53" }, { "desc":"You can configure security groups and firewalls to increase the security of ECSs in your VPC.Security groups operate at the ECS level.Firewalls protect associated subnets", @@ -473,8 +482,8 @@ "title":"Differences Between Security Groups and Firewalls", "uri":"en-us_topic_0052003963.html", "doc_type":"usermanual", - "p_code":"52", - "code":"53" + "p_code":"53", + "code":"54" }, { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", @@ -482,8 +491,8 @@ "title":"Security Group", "uri":"vpc_SecurityGroup_0001.html", "doc_type":"usermanual", - "p_code":"52", - "code":"54" + "p_code":"53", + "code":"55" }, { "desc":"A security group is a collection of access control rules for cloud resources, such as cloud servers, containers, and databases, that have the same security protection req", @@ -491,17 +500,17 @@ "title":"Security Groups and Security Group Rules", "uri":"en-us_topic_0073379079.html", "doc_type":"usermanual", - "p_code":"54", - "code":"55" + "p_code":"55", + "code":"56" }, { - "desc":"If you have not created any security group, the system automatically creates a default security group for you and associates it with the instance (such as an ECS) when yo", + "desc":"If you have not created any security groups yet, the system automatically creates a default security group for you and associates it with the instance (such as an ECS) wh", "product_code":"vpc", "title":"Default Security Group and Its Rules", "uri":"SecurityGroup_0003.html", "doc_type":"usermanual", - "p_code":"54", - "code":"56" + "p_code":"55", + "code":"57" }, { "desc":"Here are some common security group configuration examples for different scenarios, including remote login to ECSs, website access, and internal communication between ins", @@ -509,8 +518,8 @@ "title":"Security Group Configuration Examples", "uri":"en-us_topic_0081124350.html", "doc_type":"usermanual", - "p_code":"54", - "code":"57" + "p_code":"55", + "code":"58" }, { "desc":"A security group is a collection of access control rules to control the traffic that is allowed to reach and leave the cloud resources that it is associated with. The clo", @@ -518,8 +527,8 @@ "title":"Creating a Security Group", "uri":"en-us_topic_0013748715.html", "doc_type":"usermanual", - "p_code":"54", - "code":"58" + "p_code":"55", + "code":"59" }, { "desc":"You can clone a security group from one region to another to quickly apply the security group rules to ECSs in another region.You can clone a security group in the follow", @@ -527,8 +536,8 @@ "title":"Cloning a Security Group", "uri":"vpc_SecurityGroup_0009.html", "doc_type":"usermanual", - "p_code":"54", - "code":"59" + "p_code":"55", + "code":"60" }, { "desc":"After a security group is created, you can change its name and description.Log in to the management console.Click in the upper left corner and select the desired region ", @@ -536,8 +545,8 @@ "title":"Modifying a Security Group", "uri":"vpc_SecurityGroup_0010.html", "doc_type":"usermanual", - "p_code":"54", - "code":"60" + "p_code":"55", + "code":"61" }, { "desc":"If your security group is no longer required, you can delete it.The default security group is named default and cannot be deleted.If you want to delete a security group t", @@ -545,8 +554,8 @@ "title":"Deleting a Security Group", "uri":"vpc_SecurityGroup_0008.html", "doc_type":"usermanual", - "p_code":"54", - "code":"61" + "p_code":"55", + "code":"62" }, { "desc":"A security group is a collection of access control rules to control the traffic that is allowed to reach and leave the cloud resources that it is associated with. The clo", @@ -554,8 +563,8 @@ "title":"Adding a Security Group Rule", "uri":"en-us_topic_0030969470.html", "doc_type":"usermanual", - "p_code":"54", - "code":"62" + "p_code":"55", + "code":"63" }, { "desc":"The fast-adding rule function of security groups allows you to quickly add rules with common ports and protocols for remote login, ping tests, common web services, and da", @@ -563,8 +572,17 @@ "title":"Fast-Adding Security Group Rules", "uri":"SecurityGroup_0004.html", "doc_type":"usermanual", - "p_code":"54", - "code":"63" + "p_code":"55", + "code":"64" + }, + { + "desc":"You can configure a security group to allow common ports with a few clicks. This function is suitable for the following scenarios:Remotely log in to ECSs.Use the ping com", + "product_code":"vpc", + "title":"Allowing Common Ports with A Few Clicks", + "uri":"SecurityGroup_0005.html", + "doc_type":"usermanual", + "p_code":"55", + "code":"65" }, { "desc":"You can modify the port, protocol, and IP address of your security group rules as required to ensure the security of your instances.Log in to the management console.Click", @@ -572,8 +590,8 @@ "title":"Modifying a Security Group Rule", "uri":"vpc_SecurityGroup_0005.html", "doc_type":"usermanual", - "p_code":"54", - "code":"64" + "p_code":"55", + "code":"66" }, { "desc":"You can replicate an existing security group rule and modify it to quickly generate a new rule.Log in to the management console.Click in the upper left corner and select", @@ -581,8 +599,8 @@ "title":"Replicating a Security Group Rule", "uri":"vpc_SecurityGroup_0004.html", "doc_type":"usermanual", - "p_code":"54", - "code":"65" + "p_code":"55", + "code":"67" }, { "desc":"You can configure security group rules in an Excel file and import the rules to the security group. You can also export security group rules to an Excel file. You are adv", @@ -590,8 +608,8 @@ "title":"Importing and Exporting Security Group Rules", "uri":"vpc_SecurityGroup_0007.html", "doc_type":"usermanual", - "p_code":"54", - "code":"66" + "p_code":"55", + "code":"68" }, { "desc":"If your security group rule is no longer required, you can delete it.Security group rules use whitelists. Deleting a security group rule may result in ECS access failures", @@ -599,8 +617,8 @@ "title":"Deleting a Security Group Rule", "uri":"vpc_SecurityGroup_0006.html", "doc_type":"usermanual", - "p_code":"54", - "code":"67" + "p_code":"55", + "code":"69" }, { "desc":"When you create an instance, the system automatically adds the instance to a security group for protection.If one security group cannot meet your requirements, you can ad", @@ -608,8 +626,8 @@ "title":"Adding an Instance to or Removing an Instance from a Security Group", "uri":"SecurityGroup_0017.html", "doc_type":"usermanual", - "p_code":"54", - "code":"68" + "p_code":"55", + "code":"70" }, { "desc":"View inbound and outbound rules of a security group used by an ECS.Log in to the management console.Click in the upper left corner and select the desired region and proj", @@ -617,8 +635,8 @@ "title":"Viewing the Security Group of an ECS", "uri":"vpc_SecurityGroup_0011.html", "doc_type":"usermanual", - "p_code":"54", - "code":"69" + "p_code":"55", + "code":"71" }, { "desc":"Change the security group associated with an ECS NIC.Log in to the management console.Click in the upper left corner and select your region and project.Under Computing, ", @@ -626,8 +644,8 @@ "title":"Changing the Security Group of an ECS", "uri":"SecurityGroup_0006.html", "doc_type":"usermanual", - "p_code":"54", - "code":"70" + "p_code":"55", + "code":"72" }, { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", @@ -635,8 +653,8 @@ "title":"Firewall", "uri":"vpc_acl_0000.html", "doc_type":"usermanual", - "p_code":"52", - "code":"71" + "p_code":"53", + "code":"73" }, { "desc":"A firewall is an optional layer of security for your subnets. After you associate one or more subnets with a firewall, you can control traffic in and out of the subnets.F", @@ -644,8 +662,8 @@ "title":"Firewall Overview", "uri":"acl_0001.html", "doc_type":"usermanual", - "p_code":"71", - "code":"72" + "p_code":"73", + "code":"74" }, { "desc":"This section provides examples for configuring firewalls.Denying Access from a Specific PortAllowing Access from Specific Ports and ProtocolsYou might want to block TCP p", @@ -653,8 +671,8 @@ "title":"Firewall Configuration Examples", "uri":"acl_0002.html", "doc_type":"usermanual", - "p_code":"71", - "code":"73" + "p_code":"73", + "code":"75" }, { "desc":"You can create a custom firewall. By default, a newly created firewall is disabled and has no inbound or outbound rules, or any subnets associated.By default, you can cre", @@ -662,8 +680,8 @@ "title":"Creating a Firewall", "uri":"en-us_topic_0051746698.html", "doc_type":"usermanual", - "p_code":"71", - "code":"74" + "p_code":"73", + "code":"76" }, { "desc":"Add an inbound or outbound rule based on your network security requirements.A firewall can contain no more than 20 rules in one direction, or performance will deteriorate", @@ -671,26 +689,26 @@ "title":"Adding a Firewall Rule", "uri":"en-us_topic_0051746702.html", "doc_type":"usermanual", - "p_code":"71", - "code":"75" + "p_code":"73", + "code":"77" }, { - "desc":"You can associate a firewall with a subnet to protect resources in the subnet. After a firewall is associated with a subnet, the firewall denies all traffic to and from t", + "desc":"You can associate a firewall with a subnet to protect resources in the subnet.You can associate a firewall with multiple subnets. However, a subnet can only be associated", "product_code":"vpc", "title":"Associating Subnets with a Firewall", "uri":"en-us_topic_0051746700.html", "doc_type":"usermanual", - "p_code":"71", - "code":"76" + "p_code":"73", + "code":"78" }, { - "desc":"Disassociate a subnet from a firewall when necessary.Log in to the management console.Click in the upper left corner and select the desired region and project.Click in ", + "desc":"You can disassociate a subnet from its firewall based on your network requirements.Log in to the management console.Click in the upper left corner and select the desired", "product_code":"vpc", - "title":"Disassociating a Subnet from a Firewall", + "title":"Disassociating Subnets from a Firewall", "uri":"vpc_acl_0003.html", "doc_type":"usermanual", - "p_code":"71", - "code":"77" + "p_code":"73", + "code":"79" }, { "desc":"If you need a rule to take effect before or after a specific rule, you can insert that rule before or after the specific rule.If multiple firewall rules conflict, only th", @@ -698,8 +716,8 @@ "title":"Changing the Sequence of a Firewall Rule", "uri":"vpc_acl_0004.html", "doc_type":"usermanual", - "p_code":"71", - "code":"78" + "p_code":"73", + "code":"80" }, { "desc":"Modify an inbound or outbound firewall rule based on your network security requirements.Log in to the management console.Click in the upper left corner and select the de", @@ -707,8 +725,8 @@ "title":"Modifying a Firewall Rule", "uri":"vpc_acl_0005.html", "doc_type":"usermanual", - "p_code":"71", - "code":"79" + "p_code":"73", + "code":"81" }, { "desc":"Enable or disable an inbound or outbound rule based on your network security requirements.Log in to the management console.Click in the upper left corner and select the ", @@ -716,8 +734,8 @@ "title":"Enabling or Disabling a Firewall Rule", "uri":"vpc_acl_0006.html", "doc_type":"usermanual", - "p_code":"71", - "code":"80" + "p_code":"73", + "code":"82" }, { "desc":"Delete an inbound or outbound rule based on your network security requirements.Log in to the management console.Click in the upper left corner and select the desired reg", @@ -725,8 +743,8 @@ "title":"Deleting a Firewall Rule", "uri":"vpc_acl_0007.html", "doc_type":"usermanual", - "p_code":"71", - "code":"81" + "p_code":"73", + "code":"83" }, { "desc":"View details about a firewall.Log in to the management console.Click in the upper left corner and select the desired region and project.Click in the upper left corner a", @@ -734,8 +752,8 @@ "title":"Viewing a Firewall", "uri":"vpc_acl_0009.html", "doc_type":"usermanual", - "p_code":"71", - "code":"82" + "p_code":"73", + "code":"84" }, { "desc":"Modify the name and description of a firewall.Log in to the management console.Click in the upper left corner and select the desired region and project.Click in the upp", @@ -743,8 +761,8 @@ "title":"Modifying a Firewall", "uri":"vpc_acl_0010.html", "doc_type":"usermanual", - "p_code":"71", - "code":"83" + "p_code":"73", + "code":"85" }, { "desc":"After a firewall is created, you may need to enable it based on network security requirements. You can also disable an enabled firewall if needed. Before enabling a firew", @@ -752,8 +770,8 @@ "title":"Enabling or Disabling a Firewall", "uri":"vpc_acl_0011.html", "doc_type":"usermanual", - "p_code":"71", - "code":"84" + "p_code":"73", + "code":"86" }, { "desc":"Delete a firewall when it is no longer required.Log in to the management console.Click in the upper left corner and select the desired region and project.Click in the u", @@ -761,8 +779,8 @@ "title":"Deleting a Firewall", "uri":"vpc_acl_0012.html", "doc_type":"usermanual", - "p_code":"71", - "code":"85" + "p_code":"73", + "code":"87" }, { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", @@ -771,7 +789,7 @@ "uri":"vpc_eip_0000.html", "doc_type":"usermanual", "p_code":"", - "code":"86" + "code":"88" }, { "desc":"You can assign an EIP and bind it to an ECS so that the ECS can access the Internet.Note the following when you use EIPs of the Dedicated Load Balancer (5_gray) type:In e", @@ -779,8 +797,8 @@ "title":"Assigning an EIP and Binding It to an ECS", "uri":"en-us_topic_0013748738.html", "doc_type":"usermanual", - "p_code":"86", - "code":"87" + "p_code":"88", + "code":"89" }, { "desc":"If you no longer need an EIP, unbind it from the ECS and release the EIP to avoid wasting network resources.In eu-de, EIPs of the Dedicated Load Balancer (5_gray) type ca", @@ -788,8 +806,8 @@ "title":"Unbinding an EIP from an ECS and Releasing the EIP", "uri":"vpc_eip_0001.html", "doc_type":"usermanual", - "p_code":"86", - "code":"88" + "p_code":"88", + "code":"90" }, { "desc":"Modify the EIP bandwidth name or size.This section describes how to modify the dedicated bandwidth or shared bandwidth of an EIP. For details about how to modify a shared", @@ -797,8 +815,8 @@ "title":"Modifying an EIP Bandwidth", "uri":"en-us_topic_0013748743.html", "doc_type":"usermanual", - "p_code":"86", - "code":"89" + "p_code":"88", + "code":"91" }, { "desc":"The information of all EIPs under your account can be exported in an Excel file to a local directory. The file records the ID, status, type, bandwidth name, and bandwidth", @@ -806,8 +824,8 @@ "title":"Exporting EIP Information", "uri":"eip_0003.html", "doc_type":"usermanual", - "p_code":"86", - "code":"90" + "p_code":"88", + "code":"92" }, { "desc":"Tags can be added to EIPs to facilitate EIP identification and administration. You can add a tag to an EIP when assigning the EIP. Alternatively, you can add a tag to an ", @@ -815,8 +833,8 @@ "title":"Managing EIP Tags", "uri":"en-us_topic_0068145818.html", "doc_type":"usermanual", - "p_code":"86", - "code":"91" + "p_code":"88", + "code":"93" }, { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", @@ -825,7 +843,7 @@ "uri":"vpc010003.html", "doc_type":"usermanual", "p_code":"", - "code":"92" + "code":"94" }, { "desc":"A shared bandwidth can be shared by multiple EIPs and controls the data transfer rate on these EIPs in a centralized manner. All ECSs, BMSs, and load balancers that have ", @@ -833,8 +851,8 @@ "title":"Shared Bandwidth Overview", "uri":"vpc010004.html", "doc_type":"usermanual", - "p_code":"92", - "code":"93" + "p_code":"94", + "code":"95" }, { "desc":"Assign a shared bandwidth for use with EIPs.Log in to the management console.Click in the upper left corner and select the desired region and project.Click in the upper", @@ -842,8 +860,8 @@ "title":"Assigning a Shared Bandwidth", "uri":"vpc010005.html", "doc_type":"usermanual", - "p_code":"92", - "code":"94" + "p_code":"94", + "code":"96" }, { "desc":"Add EIPs to a shared bandwidth and the EIPs can then share that bandwidth. You can add multiple EIPs to a shared bandwidth at the same time.The type of EIPs must be the s", @@ -851,8 +869,8 @@ "title":"Adding EIPs to a Shared Bandwidth", "uri":"vpc010006.html", "doc_type":"usermanual", - "p_code":"92", - "code":"95" + "p_code":"94", + "code":"97" }, { "desc":"Remove EIPs that are no longer required from a shared bandwidth if needed.Log in to the management console.Click in the upper left corner and select the desired region a", @@ -860,8 +878,8 @@ "title":"Removing EIPs from a Shared Bandwidth", "uri":"vpc010007.html", "doc_type":"usermanual", - "p_code":"92", - "code":"96" + "p_code":"94", + "code":"98" }, { "desc":"You can modify the name and size of a shared bandwidth as required.Log in to the management console.Click in the upper left corner and select the desired region and proj", @@ -869,8 +887,8 @@ "title":"Modifying a Shared Bandwidth", "uri":"vpc010008.html", "doc_type":"usermanual", - "p_code":"92", - "code":"97" + "p_code":"94", + "code":"99" }, { "desc":"Delete a shared bandwidth when it is no longer required.Before deleting a shared bandwidth, remove all the EIPs associated with it. For details, see Removing EIPs from a ", @@ -878,8 +896,8 @@ "title":"Deleting a Shared Bandwidth", "uri":"vpc010009.html", "doc_type":"usermanual", - "p_code":"92", - "code":"98" + "p_code":"94", + "code":"100" }, { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", @@ -888,7 +906,7 @@ "uri":"vpc_route01_0000.html", "doc_type":"usermanual", "p_code":"", - "code":"99" + "code":"101" }, { "desc":"A route table contains a set of routes that are used to determine where network traffic from your subnets in a VPC is directed. Each subnet must be associated with a rout", @@ -896,8 +914,8 @@ "title":"Route Tables and Routes", "uri":"vpc_route01_0001.html", "doc_type":"usermanual", - "p_code":"99", - "code":"100" + "p_code":"101", + "code":"102" }, { "desc":"A VPC automatically comes with a default route table. If your default route table cannot meet your service requirements, you can create a custom route table.By default, e", @@ -905,8 +923,8 @@ "title":"Creating a Custom Route Table", "uri":"vpc_route01_0005.html", "doc_type":"usermanual", - "p_code":"99", - "code":"101" + "p_code":"101", + "code":"103" }, { "desc":"After a subnet is created, the system associates the subnet with the default route table of its VPC. If you want to use specific routes for a subnet, you can associate th", @@ -914,8 +932,8 @@ "title":"Associating a Route Table with a Subnet", "uri":"vpc_route01_0007.html", "doc_type":"usermanual", - "p_code":"99", - "code":"102" + "p_code":"101", + "code":"104" }, { "desc":"You can change the route table for a subnet. If the route table for a subnet is changed, routes in the new route table will apply to all cloud resources in the subnet.Log", @@ -923,8 +941,8 @@ "title":"Changing the Route Table Associated with a Subnet", "uri":"vpc_route01_0008.html", "doc_type":"usermanual", - "p_code":"99", - "code":"103" + "p_code":"101", + "code":"105" }, { "desc":"This section describes how to view the route table associated with a subnet.Log in to the management console.Click in the upper left corner and select the desired region", @@ -932,8 +950,8 @@ "title":"Viewing the Route Table Associated with a Subnet", "uri":"vpc_route01_0015.html", "doc_type":"usermanual", - "p_code":"99", - "code":"104" + "p_code":"101", + "code":"106" }, { "desc":"This section describes how to view detailed information about a route table, including:Basic information, such as name, type (default or custom), and ID of the route tabl", @@ -941,8 +959,8 @@ "title":"Viewing Route Table Information", "uri":"vpc_route01_0009.html", "doc_type":"usermanual", - "p_code":"99", - "code":"105" + "p_code":"101", + "code":"107" }, { "desc":"Information about all route tables under your account can be exported as an Excel file to a local directory. This file records the name, ID, VPC, type, and number of asso", @@ -950,8 +968,8 @@ "title":"Exporting Route Table Information", "uri":"vpc_route01_0014.html", "doc_type":"usermanual", - "p_code":"99", - "code":"106" + "p_code":"101", + "code":"108" }, { "desc":"This section describes how to delete a custom route table.The default route table cannot be deleted.A custom route table with a subnet associated cannot be deleted direct", @@ -959,8 +977,8 @@ "title":"Deleting a Route Table", "uri":"vpc_route01_0010.html", "doc_type":"usermanual", - "p_code":"99", - "code":"107" + "p_code":"101", + "code":"109" }, { "desc":"Each route table contains a default system route, which indicates that ECSs in a VPC can communicate with each other. You can also add custom routes as required to forwar", @@ -968,8 +986,8 @@ "title":"Adding a Custom Route", "uri":"vpc_route01_0006.html", "doc_type":"usermanual", - "p_code":"99", - "code":"108" + "p_code":"101", + "code":"110" }, { "desc":"This section describes how to modify a custom route in a route table.System routes cannot be modified.When you create a VPC endpoint, VPN or Direct Connect connection, th", @@ -977,8 +995,8 @@ "title":"Modifying a Route", "uri":"vpc_route01_0011.html", "doc_type":"usermanual", - "p_code":"99", - "code":"109" + "p_code":"101", + "code":"111" }, { "desc":"This section describes how to replicate routes among all route tables of a VPC. VPC route tables include the default and custom route tables.Table 1 shows whether routes ", @@ -986,8 +1004,8 @@ "title":"Replicating a Route", "uri":"vpc_route01_0013.html", "doc_type":"usermanual", - "p_code":"99", - "code":"110" + "p_code":"101", + "code":"112" }, { "desc":"This section describes how to delete a custom route from a route table.System routes cannot be deleted.The routes automatically delivered by VPN or Direct Connect to the ", @@ -995,8 +1013,8 @@ "title":"Deleting a Route", "uri":"vpc_route01_0012.html", "doc_type":"usermanual", - "p_code":"99", - "code":"111" + "p_code":"101", + "code":"113" }, { "desc":"Together with VPC route tables, you can configure SNAT on an ECS to enable other ECSs that have no EIPs bound in the same VPC to access the Internet through this ECS.The ", @@ -1004,8 +1022,8 @@ "title":"Configuring an SNAT Server", "uri":"vpc_route_0004.html", "doc_type":"usermanual", - "p_code":"99", - "code":"112" + "p_code":"101", + "code":"114" }, { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", @@ -1014,16 +1032,16 @@ "uri":"vpc_peering_0000.html", "doc_type":"usermanual", "p_code":"", - "code":"113" + "code":"115" }, { - "desc":"A VPC peering connection is a networking connection between two VPCs and enables them to communicate using private IP addresses. The VPCs to be peered can be in the same ", + "desc":"A VPC peering connection is a networking connection that connects two VPCs for them to communicate using private IP addresses. The VPCs to be peered can be in the same ac", "product_code":"vpc", "title":"VPC Peering Connection Overview", "uri":"en-us_topic_0046655036.html", "doc_type":"usermanual", - "p_code":"113", - "code":"114" + "p_code":"115", + "code":"116" }, { "desc":"A VPC peering connection is a networking connection between two VPCs in the same region and enables them to communicate. Table 1 lists different scenarios of using VPC pe", @@ -1031,8 +1049,8 @@ "title":"VPC Peering Connection Usage Examples", "uri":"en-us_topic_0046809840.html", "doc_type":"usermanual", - "p_code":"113", - "code":"115" + "p_code":"115", + "code":"117" }, { "desc":"If two VPCs from the same region cannot communicate with each other, you can use a VPC peering connection. This section describes how to create a VPC peering connection b", @@ -1040,8 +1058,8 @@ "title":"Creating a VPC Peering Connection with Another VPC in Your Account", "uri":"en-us_topic_0046655037.html", "doc_type":"usermanual", - "p_code":"113", - "code":"116" + "p_code":"115", + "code":"118" }, { "desc":"If two VPCs from the same region cannot communicate with each other, you can use a VPC peering connection. This section describes how to create a VPC peering connection b", @@ -1049,8 +1067,8 @@ "title":"Creating a VPC Peering Connection with a VPC in Another Account", "uri":"en-us_topic_0046655038.html", "doc_type":"usermanual", - "p_code":"113", - "code":"117" + "p_code":"115", + "code":"119" }, { "desc":"If you create a VPC peering connection between two VPCs in different accounts, you can refer to this section to obtain the project ID of the region that the peer VPC resi", @@ -1058,8 +1076,8 @@ "title":"Obtaining the Peer Project ID of a VPC Peering Connection", "uri":"vpc_peering_0005.html", "doc_type":"usermanual", - "p_code":"113", - "code":"118" + "p_code":"115", + "code":"120" }, { "desc":"This section describes how to modify the name of a VPC peering connection.Either owner of a VPC in a peering connection can modify the VPC peering connection in any state", @@ -1067,8 +1085,8 @@ "title":"Modifying a VPC Peering Connection", "uri":"vpc_peering_0002.html", "doc_type":"usermanual", - "p_code":"113", - "code":"119" + "p_code":"115", + "code":"121" }, { "desc":"This section describes how to view basic information about a VPC peering connection, including the connection name, status, and information about the local and peer VPCs.", @@ -1076,8 +1094,8 @@ "title":"Viewing VPC Peering Connections", "uri":"vpc_peering_0001.html", "doc_type":"usermanual", - "p_code":"113", - "code":"120" + "p_code":"115", + "code":"122" }, { "desc":"This section describes how to delete a VPC peering connection.Either owner of a VPC in a peering connection can delete the VPC peering connection in any state.The owner o", @@ -1085,8 +1103,8 @@ "title":"Deleting a VPC Peering Connection", "uri":"vpc_peering_0003.html", "doc_type":"usermanual", - "p_code":"113", - "code":"121" + "p_code":"115", + "code":"123" }, { "desc":"This section describes how to modify the routes added for a VPC peering connection in the route tables of the local and peer VPCs.Modifying Routes of a VPC Peering Connec", @@ -1094,8 +1112,8 @@ "title":"Modifying Routes Configured for a VPC Peering Connection", "uri":"vpc_peering_0007.html", "doc_type":"usermanual", - "p_code":"113", - "code":"122" + "p_code":"115", + "code":"124" }, { "desc":"This section describes how to view the routes added to the route tables of local and peer VPCs of a VPC peering connection.Viewing Routes of a VPC Peering Connection Betw", @@ -1103,8 +1121,8 @@ "title":"Viewing Routes Configured for a VPC Peering Connection", "uri":"vpc_peering_0004.html", "doc_type":"usermanual", - "p_code":"113", - "code":"123" + "p_code":"115", + "code":"125" }, { "desc":"This section describes how to delete routes from the route tables of the local and peer VPCs connected by a VPC peering connection.Deleting Routes of a VPC Peering Connec", @@ -1112,8 +1130,8 @@ "title":"Deleting Routes Configured for a VPC Peering Connection", "uri":"vpc_peering_0006.html", "doc_type":"usermanual", - "p_code":"113", - "code":"124" + "p_code":"115", + "code":"126" }, { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", @@ -1122,7 +1140,7 @@ "uri":"FlowLog_0001.html", "doc_type":"usermanual", "p_code":"", - "code":"125" + "code":"127" }, { "desc":"A VPC flow log records information about the traffic going to and from a VPC. VPC flow logs help you monitor network traffic, analyze network attacks, and determine wheth", @@ -1130,8 +1148,8 @@ "title":"VPC Flow Log Overview", "uri":"FlowLog_0002.html", "doc_type":"usermanual", - "p_code":"125", - "code":"126" + "p_code":"127", + "code":"128" }, { "desc":"A VPC flow log records information about the traffic going to and from a VPC.Ensure that the following operations have been performed on the LTS console:Create a log grou", @@ -1139,8 +1157,8 @@ "title":"Creating a VPC Flow Log", "uri":"FlowLog_0003.html", "doc_type":"usermanual", - "p_code":"125", - "code":"127" + "p_code":"127", + "code":"129" }, { "desc":"View information about your flow log record.The capture window is approximately 10 minutes, which indicates that a flow log record will be generated every 10 minutes. Aft", @@ -1148,17 +1166,17 @@ "title":"Viewing a VPC Flow Log", "uri":"FlowLog_0004.html", "doc_type":"usermanual", - "p_code":"125", - "code":"128" + "p_code":"127", + "code":"130" }, { - "desc":"After a VPC flow log is created, the VPC flow log is automatically enabled. If you do not need to record traffic data, you can disable the corresponding VPC flow log. The", + "desc":"After a VPC flow log is created, the VPC flow log is automatically enabled. If you do not need to record flow log data, you can disable the corresponding VPC flow log. A ", "product_code":"vpc", "title":"Enabling or Disabling VPC Flow Log", "uri":"FlowLog_0006.html", "doc_type":"usermanual", - "p_code":"125", - "code":"129" + "p_code":"127", + "code":"131" }, { "desc":"Delete a VPC flow log that is not required. Deleting a VPC flow log will not delete the existing flow log records in LTS.If a NIC that uses a VPC flow log is deleted, the", @@ -1166,8 +1184,8 @@ "title":"Deleting a VPC Flow Log", "uri":"FlowLog_0005.html", "doc_type":"usermanual", - "p_code":"125", - "code":"130" + "p_code":"127", + "code":"132" }, { "desc":"Direct Connect allows you to establish a dedicated network connection between your data center and the cloud platform. With Direct Connect, you can establish a private co", @@ -1176,7 +1194,7 @@ "uri":"vpc_dc_0000.html", "doc_type":"usermanual", "p_code":"", - "code":"131" + "code":"133" }, { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", @@ -1185,7 +1203,7 @@ "uri":"vpc_vip_0000.html", "doc_type":"usermanual", "p_code":"", - "code":"132" + "code":"134" }, { "desc":"A virtual IP address can be shared among multiple ECSs. An ECS can have both private and virtual IP addresses, and you can access the ECS through either IP address. A vir", @@ -1193,8 +1211,8 @@ "title":"Virtual IP Address Overview", "uri":"vpc_vip_0001.html", "doc_type":"usermanual", - "p_code":"132", - "code":"133" + "p_code":"134", + "code":"135" }, { "desc":"If an ECS requires a virtual IP address or if a virtual IP address needs to be reserved, you can assign a virtual IP address from the subnet.Log in to the management cons", @@ -1202,17 +1220,17 @@ "title":"Assigning a Virtual IP Address", "uri":"vpc_vip_0002.html", "doc_type":"usermanual", - "p_code":"132", - "code":"134" + "p_code":"134", + "code":"136" }, { - "desc":"You can bind a virtual IP address to an EIP so that you can access the ECSs bound with the same virtual IP address from the Internet. These ECSs can work in the active/st", + "desc":"You can use a virtual IP address and an EIP together.If you bind a virtual IP address to ECSs that work in active/standby pairs and bind an EIP to the virtual IP address,", "product_code":"vpc", "title":"Binding a Virtual IP Address to an EIP or ECS", "uri":"en-us_topic_0067802474.html", "doc_type":"usermanual", - "p_code":"132", - "code":"135" + "p_code":"134", + "code":"137" }, { "desc":"This section describes how to bind a virtual IP address to an EIP.You have assigned an EIP.Log in to the management console.Click in the upper left corner and select the", @@ -1220,8 +1238,8 @@ "title":"Binding a Virtual IP Address to an EIP", "uri":"vpc_vip_0003.html", "doc_type":"usermanual", - "p_code":"132", - "code":"136" + "p_code":"134", + "code":"138" }, { "desc":"Configure the ECS networking based on Networking.Create a VPN.The VPN can be used to access the virtual IP address of the ECS.", @@ -1229,8 +1247,8 @@ "title":"Using a VPN to Access a Virtual IP Address", "uri":"vpc_vip_0004.html", "doc_type":"usermanual", - "p_code":"132", - "code":"137" + "p_code":"134", + "code":"139" }, { "desc":"Configure the ECS networking based on Networking.Create a Direct Connect connection.The created Direct Connect connection can be used to access the virtual IP address of ", @@ -1238,8 +1256,8 @@ "title":"Using a Direct Connect Connection to Access the Virtual IP Address", "uri":"vpc_vip_0005.html", "doc_type":"usermanual", - "p_code":"132", - "code":"138" + "p_code":"134", + "code":"140" }, { "desc":"Configure the ECS networking based on Networking.Create a VPC peering connection.You can access the virtual IP address of the ECS through the VPC peering connection.", @@ -1247,8 +1265,8 @@ "title":"Using a VPC Peering Connection to Access the Virtual IP Address", "uri":"vpc_vip_0006.html", "doc_type":"usermanual", - "p_code":"132", - "code":"139" + "p_code":"134", + "code":"141" }, { "desc":"If a virtual IP address is used in an active/standby scenario, disable IP forwarding on the standby ECS.Log in to the ECS.Run the following command to switch to user root", @@ -1256,8 +1274,8 @@ "title":"Disabling IP Forwarding on the Standby ECS", "uri":"vpc_vip_0007.html", "doc_type":"usermanual", - "p_code":"132", - "code":"140" + "p_code":"134", + "code":"142" }, { "desc":"If a virtual IP address is used in an HA load balancing cluster, you need to disable source/destination check for ECS NICs.Log in to the management console.Click in the ", @@ -1265,8 +1283,8 @@ "title":"Disabling Source and Destination Check (HA Load Balancing Cluster Scenario)", "uri":"vpc_vip_0008.html", "doc_type":"usermanual", - "p_code":"132", - "code":"141" + "p_code":"134", + "code":"143" }, { "desc":"This section describes how to unbind a virtual IP address from an ECS.Log in to the management console.Click in the upper left corner and select the desired region and p", @@ -1274,8 +1292,8 @@ "title":"Unbinding a Virtual IP Address from an Instance", "uri":"vpc_vip_0010.html", "doc_type":"usermanual", - "p_code":"132", - "code":"142" + "p_code":"134", + "code":"144" }, { "desc":"This section describes how to unbind a virtual IP address from an EIP.Log in to the management console.Click in the upper left corner and select the desired region and p", @@ -1283,8 +1301,8 @@ "title":"Unbinding a Virtual IP Address from an EIP", "uri":"vpc_vip_0011.html", "doc_type":"usermanual", - "p_code":"132", - "code":"143" + "p_code":"134", + "code":"145" }, { "desc":"If you no longer need a virtual IP address or a reserved virtual IP address, you can release it to avoid wasting resources.If you want to release a virtual IP address tha", @@ -1292,8 +1310,8 @@ "title":"Releasing a Virtual IP Address", "uri":"vpc_vip_0009.html", "doc_type":"usermanual", - "p_code":"132", - "code":"144" + "p_code":"134", + "code":"146" }, { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", @@ -1302,7 +1320,7 @@ "uri":"vpc010011.html", "doc_type":"usermanual", "p_code":"", - "code":"145" + "code":"147" }, { "desc":"This section describes the namespace, list, and measurement dimensions of EIP and bandwidth metrics that you can check on Cloud Eye. You can use APIs or the Cloud Eye con", @@ -1310,8 +1328,8 @@ "title":"Supported Metrics", "uri":"vpc010012.html", "doc_type":"usermanual", - "p_code":"145", - "code":"146" + "p_code":"147", + "code":"148" }, { "desc":"You can view the bandwidth and EIP usage on the Elastic IP and Bandwidth or Cloud Eye console.You can view the inbound bandwidth, outbound bandwidth, inbound bandwidth us", @@ -1319,8 +1337,8 @@ "title":"Viewing Metrics", "uri":"vpc010013.html", "doc_type":"usermanual", - "p_code":"145", - "code":"147" + "p_code":"147", + "code":"149" }, { "desc":"You can configure alarm rules to customize the monitored objects and notification policies. You can learn your resource statuses at any time.Log in to the management cons", @@ -1328,8 +1346,8 @@ "title":"Creating an Alarm Rule", "uri":"vpc010014.html", "doc_type":"usermanual", - "p_code":"145", - "code":"148" + "p_code":"147", + "code":"150" }, { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", @@ -1338,7 +1356,7 @@ "uri":"permission_0001.html", "doc_type":"usermanual", "p_code":"", - "code":"149" + "code":"151" }, { "desc":"This section describes how to use IAM to implement fine-grained permissions control for your VPC resources. With IAM, you can:Create IAM users for employees based on your", @@ -1346,8 +1364,8 @@ "title":"Creating a User and Granting VPC Permissions", "uri":"permission_0003.html", "doc_type":"usermanual", - "p_code":"149", - "code":"150" + "p_code":"151", + "code":"152" }, { "desc":"Custom policies can be created to supplement the system-defined policies of VPC. For the actions supported for custom policies, see Permissions Policies and Supported Act", @@ -1355,8 +1373,8 @@ "title":"VPC Custom Policies", "uri":"permission_0004.html", "doc_type":"usermanual", - "p_code":"149", - "code":"151" + "p_code":"151", + "code":"153" }, { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", @@ -1365,7 +1383,7 @@ "uri":"vpc_faq_0000.html", "doc_type":"usermanual", "p_code":"", - "code":"152" + "code":"154" }, { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", @@ -1373,8 +1391,8 @@ "title":"General Questions", "uri":"faq_common.html", "doc_type":"usermanual", - "p_code":"152", - "code":"153" + "p_code":"154", + "code":"155" }, { "desc":"A quota limits the quantity of a resource available to users, thereby preventing spikes in the usage of the resource. For example, a VPC quota limits the number of VPCs t", @@ -1382,8 +1400,8 @@ "title":"What Is a Quota?", "uri":"vpc_faq_0051.html", "doc_type":"usermanual", - "p_code":"153", - "code":"154" + "p_code":"155", + "code":"156" }, { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", @@ -1391,8 +1409,8 @@ "title":"VPCs and Subnets", "uri":"faq_vpc.html", "doc_type":"usermanual", - "p_code":"152", - "code":"155" + "p_code":"154", + "code":"157" }, { "desc":"The Virtual Private Cloud (VPC) service enables you to provision logically isolated virtual networks for Elastic Cloud Servers (ECSs), improving cloud resource security a", @@ -1400,8 +1418,8 @@ "title":"What Is Virtual Private Cloud?", "uri":"vpc_faq_0001.html", "doc_type":"usermanual", - "p_code":"155", - "code":"156" + "p_code":"157", + "code":"158" }, { "desc":"The following table lists the private CIDR blocks that you can specify when creating a VPC. Consider the following when selecting a VPC CIDR block:Number of IP addresses:", @@ -1409,8 +1427,8 @@ "title":"Which CIDR Blocks Are Available for the VPC Service?", "uri":"vpc_faq_0004.html", "doc_type":"usermanual", - "p_code":"155", - "code":"157" + "p_code":"157", + "code":"159" }, { "desc":"Subnets in the same VPC can communicate with each other by default.VPCs are isolated from each other. Subnets from different VPCs cannot communicate with each other. You ", @@ -1418,8 +1436,8 @@ "title":"Can Subnets Communicate with Each Other?", "uri":"vpc_faq_0005.html", "doc_type":"usermanual", - "p_code":"155", - "code":"158" + "p_code":"157", + "code":"160" }, { "desc":"A subnet is an IP address range from a VPC. The VPC service supports CIDR blocks 10.0.0.0/8-24, 172.16.0.0/12-24, and 192.168.0.0/16-24.Subnets must reside within your VP", @@ -1427,8 +1445,8 @@ "title":"What Subnet CIDR Blocks Are Available?", "uri":"vpc_faq_0006.html", "doc_type":"usermanual", - "p_code":"155", - "code":"159" + "p_code":"157", + "code":"161" }, { "desc":"Each account can have a maximum of 100 subnets. If the number of subnets cannot meet your service requirements, request a quota increase. For details, see What Is a Quota", @@ -1436,8 +1454,8 @@ "title":"How Many Subnets Can I Create?", "uri":"vpc_faq_0009.html", "doc_type":"usermanual", - "p_code":"155", - "code":"160" + "p_code":"157", + "code":"162" }, { "desc":"The network ID of the subnet is the neutron_network_id in the subnet fields in Subnet > Creating a Subnet in the Virtual Private Cloud API Reference.Parameter neutron_net", @@ -1445,8 +1463,8 @@ "title":"What Are the Differences Between the Network ID and Subnet ID of a Subnet?", "uri":"vpc_faq_0094.html", "doc_type":"usermanual", - "p_code":"155", - "code":"161" + "p_code":"157", + "code":"163" }, { "desc":"If VPCs and subnets are being used by other resources, you need to delete these resources first based on the prompts on the console before deleting the VPCs and subnets. ", @@ -1454,8 +1472,8 @@ "title":"Why Can't I Delete My VPCs and Subnets?", "uri":"vpc_faq_0075.html", "doc_type":"usermanual", - "p_code":"155", - "code":"162" + "p_code":"157", + "code":"164" }, { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", @@ -1463,8 +1481,8 @@ "title":"EIPs", "uri":"faq_eip.html", "doc_type":"usermanual", - "p_code":"152", - "code":"163" + "p_code":"154", + "code":"165" }, { "desc":"The Elastic IP (EIP) service enables your cloud resources to communicate with the Internet using static public IP addresses and scalable bandwidths. EIPs can be bound to ", @@ -1472,8 +1490,8 @@ "title":"What Is an EIP?", "uri":"vpc_faq_0013.html", "doc_type":"usermanual", - "p_code":"163", - "code":"164" + "p_code":"165", + "code":"166" }, { "desc":"Each EIP can be bound to only one ECS at a time.Multiple ECSs cannot share the same EIP. An ECS and its bound EIP must be in the same region. If you want multiple ECSs in", @@ -1481,8 +1499,8 @@ "title":"Can I Bind an EIP to Multiple ECSs?", "uri":"vpc_faq_0019.html", "doc_type":"usermanual", - "p_code":"163", - "code":"165" + "p_code":"165", + "code":"167" }, { "desc":"Each ECS is automatically added to a security group after being created to ensure its security. The security group denies access traffic from the Internet by default. To ", @@ -1490,8 +1508,8 @@ "title":"How Do I Access an ECS with an EIP Bound from the Internet?", "uri":"vpc_faq_0020.html", "doc_type":"usermanual", - "p_code":"163", - "code":"166" + "p_code":"165", + "code":"168" }, { "desc":"No. EIPs and their associated cloud resources must be in the same region.", @@ -1499,8 +1517,8 @@ "title":"Can I Bind an EIP to a Cloud Resource in Another Region?", "uri":"faq_eip_0012.html", "doc_type":"usermanual", - "p_code":"163", - "code":"167" + "p_code":"165", + "code":"169" }, { "desc":"The region of an EIP cannot be changed.If you assigned an EIP in region A but need an EIP in region B, you cannot directly change the region of the assigned EIP from A to", @@ -1508,8 +1526,8 @@ "title":"Can I Change the Region of My EIP?", "uri":"faq_eip_0014.html", "doc_type":"usermanual", - "p_code":"163", - "code":"168" + "p_code":"165", + "code":"170" }, { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", @@ -1517,8 +1535,8 @@ "title":"VPC Peering Connections", "uri":"faq_peer_0000.html", "doc_type":"usermanual", - "p_code":"152", - "code":"169" + "p_code":"154", + "code":"171" }, { "desc":"Each account can have a maximum of 50 VPC peering connections in each region by default.Number of VPC peering connections that you can create in each region between VPCs ", @@ -1526,8 +1544,8 @@ "title":"How Many VPC Peering Connections Can I Create in an Account?", "uri":"vpc_faq_0070.html", "doc_type":"usermanual", - "p_code":"169", - "code":"170" + "p_code":"171", + "code":"172" }, { "desc":"A VPC peering connection only can connect VPCs in the same region.Figure 1 shows an application scenario of VPC peering connections.There are two VPCs (VPC-A and VPC-B) i", @@ -1535,8 +1553,8 @@ "title":"Can a VPC Peering Connection Connect VPCs in Different Regions?", "uri":"faq_connection_0001.html", "doc_type":"usermanual", - "p_code":"169", - "code":"171" + "p_code":"171", + "code":"173" }, { "desc":"After a VPC peering connection is created, the local and peer VPCs cannot communicate with each other.The issues here are described in order of how likely they are to occ", @@ -1544,8 +1562,8 @@ "title":"Why Did Communication Fail Between VPCs That Were Connected by a VPC Peering Connection?", "uri":"vpc_faq_0069.html", "doc_type":"usermanual", - "p_code":"169", - "code":"172" + "p_code":"171", + "code":"174" }, { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", @@ -1553,8 +1571,8 @@ "title":"Bandwidth", "uri":"faq_bandwidth.html", "doc_type":"usermanual", - "p_code":"152", - "code":"173" + "p_code":"154", + "code":"175" }, { "desc":"The bandwidth range is from 5 Mbit/s to 1000 Mbit/s.", @@ -1562,8 +1580,8 @@ "title":"What Is the Bandwidth Size Range?", "uri":"vpc_faq_0011.html", "doc_type":"usermanual", - "p_code":"173", - "code":"174" + "p_code":"175", + "code":"176" }, { "desc":"There are dedicated bandwidths and shared bandwidths. A dedicated bandwidth can only be used by one EIP, but a shared bandwidth can be used by multiple EIPs.", @@ -1571,8 +1589,8 @@ "title":"What Bandwidth Types Are Available?", "uri":"vpc_faq_0012.html", "doc_type":"usermanual", - "p_code":"173", - "code":"175" + "p_code":"175", + "code":"177" }, { "desc":"A dedicated bandwidth can only be used by one EIP. An EIP can only be used by one cloud resource, such as an ECS, a NAT gateway, or a load balancer.A shared bandwidth can", @@ -1580,8 +1598,8 @@ "title":"What Are the Differences Between a Dedicated Bandwidth and a Shared Bandwidth? Can a Dedicated Bandwidth Be Changed to a Shared Bandwidth or the Other Way Around?", "uri":"faq_bandwidth_0003.html", "doc_type":"usermanual", - "p_code":"173", - "code":"176" + "p_code":"175", + "code":"178" }, { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", @@ -1589,8 +1607,8 @@ "title":"Connectivity", "uri":"faq_connection.html", "doc_type":"usermanual", - "p_code":"152", - "code":"177" + "p_code":"154", + "code":"179" }, { "desc":"If the two VPCs are in the same region, you can use a VPC peering connection to enable communication between them.If the two VPCs are in different regions, you can use a ", @@ -1598,8 +1616,8 @@ "title":"Does a VPN Allow Communication Between Two VPCs?", "uri":"vpc_faq_0058.html", "doc_type":"usermanual", - "p_code":"177", - "code":"178" + "p_code":"179", + "code":"180" }, { "desc":"When an ECS has more than one NIC, if different DNS server addresses are configured for the subnets used by the NICs, the ECS cannot access the Internet or domain names i", @@ -1607,8 +1625,8 @@ "title":"Why Are Internet or Internal Domain Names in the Cloud Inaccessible Through Domain Names When My ECS Has Multiple NICs?", "uri":"vpc_faq_0060.html", "doc_type":"usermanual", - "p_code":"177", - "code":"179" + "p_code":"179", + "code":"181" }, { "desc":"The priority of an EIP is higher than that of a custom route in a VPC route table. For example:The VPC route table of an ECS has a custom route with 0.0.0.0/0 as the dest", @@ -1616,8 +1634,8 @@ "title":"What Are the Priorities of the Custom Route and EIP If Both Are Configured for an ECS to Enable the ECS to Access the Internet?", "uri":"vpc_faq_0073.html", "doc_type":"usermanual", - "p_code":"177", - "code":"180" + "p_code":"179", + "code":"182" }, { "desc":"The priority of a custom route is higher than that of shared SNAT.", @@ -1625,8 +1643,8 @@ "title":"What Are the Priorities of the Shared SNAT and Custom Route If Both Are Configured for an ECS to Enable the ECS to Access the Internet?", "uri":"vpc_faq_00002.html", "doc_type":"usermanual", - "p_code":"177", - "code":"181" + "p_code":"179", + "code":"183" }, { "desc":"Users with IPv6 clients can call APIs to assign IPv6 EIPs and bind the EIPs to ECSs. Then, the users can use the EIP to access the ECSs in the VPC over the Internet.For d", @@ -1634,8 +1652,8 @@ "title":"How Does an IPv6 Client on the Internet Access the ECS That Has an EIP Bound in a VPC?", "uri":"vpc_faq_0076.html", "doc_type":"usermanual", - "p_code":"177", - "code":"182" + "p_code":"179", + "code":"184" }, { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", @@ -1643,8 +1661,8 @@ "title":"Routing", "uri":"faq_route.html", "doc_type":"usermanual", - "p_code":"152", - "code":"183" + "p_code":"154", + "code":"185" }, { "desc":"Currently, a route table can contain 100 routes.", @@ -1652,8 +1670,8 @@ "title":"How Many Routes Can a Route Table Contain?", "uri":"vpc_faq_0063.html", "doc_type":"usermanual", - "p_code":"183", - "code":"184" + "p_code":"185", + "code":"186" }, { "desc":"An ECS providing SNAT must have Unbind IP from MAC enabled.The destination of each route in a route table must be unique. The next hop must be a private IP address or a v", @@ -1661,8 +1679,8 @@ "title":"Are There Any Restrictions on Using a Route Table?", "uri":"vpc_faq_0064.html", "doc_type":"usermanual", - "p_code":"183", - "code":"185" + "p_code":"185", + "code":"187" }, { "desc":"No. Direct Connect connections and custom routes are used in different scenarios, so the routing priorities are different.", @@ -1670,8 +1688,8 @@ "title":"Do the Same Routing Priorities Apply to Direct Connect Connections and Custom Routes in the Same VPC?", "uri":"vpc_faq_0066.html", "doc_type":"usermanual", - "p_code":"183", - "code":"186" + "p_code":"185", + "code":"188" }, { "desc":"No. The routing priority of custom routes and that of VPNs are the same.", @@ -1679,8 +1697,8 @@ "title":"Are There Different Routing Priorities of the VPN and Custom Routes in the Same VPC?", "uri":"vpc_faq_00001.html", "doc_type":"usermanual", - "p_code":"183", - "code":"187" + "p_code":"185", + "code":"189" }, { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", @@ -1688,8 +1706,8 @@ "title":"Security", "uri":"faq_security.html", "doc_type":"usermanual", - "p_code":"152", - "code":"188" + "p_code":"154", + "code":"190" }, { "desc":"The default security group is named default and cannot be deleted.If you want to delete a security group that is associated with instances, such as cloud servers, contain", @@ -1697,8 +1715,8 @@ "title":"Why Can't I Delete a Security Group?", "uri":"faq_security_0003.html", "doc_type":"usermanual", - "p_code":"188", - "code":"189" + "p_code":"190", + "code":"191" }, { "desc":"Yes. Log in to the ECS console, switch to the page showing ECS details, and change the security group of the ECS.", @@ -1706,8 +1724,8 @@ "title":"Can I Change the Security Group of an ECS?", "uri":"vpc_faq_0039.html", "doc_type":"usermanual", - "p_code":"188", - "code":"190" + "p_code":"190", + "code":"192" }, { "desc":"The TFTP daemon determines whether a configuration file specifies the port range. If you use a TFTP configuration file that allows the data channel ports to be configurab", @@ -1715,8 +1733,8 @@ "title":"How Do I Configure a Security Group for Multi-Channel Protocols?", "uri":"vpc_faq_0059.html", "doc_type":"usermanual", - "p_code":"188", - "code":"191" + "p_code":"190", + "code":"193" }, { "desc":"Security groups are stateful. Responses to outbound traffic are allowed to go in to the instance regardless of inbound security group rules, and vice versa. Security grou", @@ -1724,8 +1742,8 @@ "title":"Does a Security Group Rule or a Firewall Rule Immediately Take Effect for Existing Connections After It Is Modified?", "uri":"vpc_faq_0074.html", "doc_type":"usermanual", - "p_code":"188", - "code":"192" + "p_code":"190", + "code":"194" }, { "desc":"Security group rules use the whitelist mechanism. If multiple security group rules conflict, the rules are aggregated to take effect.", @@ -1733,8 +1751,8 @@ "title":"Which Security Group Rule Has Priority When Multiple Security Group Rules Conflict?", "uri":"vpc_faq_0077.html", "doc_type":"usermanual", - "p_code":"188", - "code":"193" + "p_code":"190", + "code":"195" }, { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", @@ -1743,7 +1761,7 @@ "uri":"vpc_faq_0103.html", "doc_type":"usermanual", "p_code":"", - "code":"194" + "code":"196" }, { "desc":"For details about the terms involved in this document, see Glossary.", @@ -1752,6 +1770,6 @@ "uri":"vpc_faq_0106.html", "doc_type":"usermanual", "p_code":"", - "code":"195" + "code":"197" } ] \ No newline at end of file diff --git a/docs/vpc/umn/FlowLog_0002.html b/docs/vpc/umn/FlowLog_0002.html index e1a707f6b..451626a86 100644 --- a/docs/vpc/umn/FlowLog_0002.html +++ b/docs/vpc/umn/FlowLog_0002.html @@ -1,10 +1,10 @@

VPC Flow Log Overview

-

A VPC flow log records information about the traffic going to and from a VPC. VPC flow logs help you monitor network traffic, analyze network attacks, and determine whether security group and firewall rules require modification.

+

What Is a VPC Flow Log?

A VPC flow log records information about the traffic going to and from a VPC. VPC flow logs help you monitor network traffic, analyze network attacks, and determine whether security group and firewall rules require modification.

VPC flow logs must be used together with the Log Tank Service (LTS). Before you create a VPC flow log, you need to create a log group and a log topic in LTS. Figure 1 shows the process for configuring VPC flow logs.

Figure 1 Configuring VPC flow logs
-

+

Notes and Constraints

  • Currently, C3, M3, and S2 ECSs support VPC flow logs.
  • Each account can have up to 10 VPC flow logs in a region.
  • By default, a maximum of 400,000 flow log records are supported.
diff --git a/docs/vpc/umn/FlowLog_0003.html b/docs/vpc/umn/FlowLog_0003.html index 80792da70..225ec997f 100644 --- a/docs/vpc/umn/FlowLog_0003.html +++ b/docs/vpc/umn/FlowLog_0003.html @@ -53,7 +53,7 @@

The log group created in LTS.

-

lts-group-wule

+

lts-group-abc

Log Topic

diff --git a/docs/vpc/umn/FlowLog_0004.html b/docs/vpc/umn/FlowLog_0004.html index d89d853f6..d548bdeb1 100644 --- a/docs/vpc/umn/FlowLog_0004.html +++ b/docs/vpc/umn/FlowLog_0004.html @@ -18,121 +18,121 @@ 
1 5f67944957444bd6bb4fe3b367de8f3d 1d515d18-1b36-47dc-a983-bd6512aed4bd - - - - - - - 1431280876 1431280934 - NODATA

Example 3: The following is an example of a flow log record in which data was skipped during the capture window:

1 5f67944957444bd6bb4fe3b367de8f3d 1d515d18-1b36-47dc-a983-bd6512aed4bd - - - - - - - 1431280876 1431280934 - SKIPDATA
-

Table 1 describes the fields of a flow log record.

- -
- @@ -84,7 +84,7 @@ -
Table 1 Log field description

Field

+
Table 1 describes the fields of a flow log record. +
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Table 1 Log field description

Field

Description

+

Description

Example Value

+

Example Value

version

+

version

The VPC flow log version.

+

The VPC flow log version.

1

+

1

project-id

+

project-id

The project ID.

+

The project ID.

5f67944957444bd6bb4fe3b367de8f3d

+

5f67944957444bd6bb4fe3b367de8f3d

interface-id

+

interface-id

The ID of the NIC for which the traffic is recorded.

+

The ID of the NIC for which the traffic is recorded.

1d515d18-1b36-47dc-a983-bd6512aed4bd

+

1d515d18-1b36-47dc-a983-bd6512aed4bd

srcaddr

+

srcaddr

The source IP address.

+

The source IP address.

192.168.0.154

+

192.168.0.154

dstaddr

+

dstaddr

The destination IP address.

+

The destination IP address.

192.168.3.25

+

192.168.3.25

srcport

+

srcport

The source port.

+

The source port.

38929

+

38929

dstport

+

dstport

The destination port.

+

The destination port.

53

+

53

protocol

+

protocol

The Internet Assigned Numbers Authority (IANA) protocol number of the traffic. For details, see Assigned Internet Protocol Numbers.

+

The Internet Assigned Numbers Authority (IANA) protocol number of the traffic. For details, see Assigned Internet Protocol Numbers.

17

+

17

packets

+

packets

The number of packets transferred during the capture window.

+

The number of packets transferred during the capture window.

1

+

1

bytes

+

bytes

The number of bytes transferred during the capture window.

+

The number of bytes transferred during the capture window.

96

+

96

start

+

start

The time, in Unix seconds, of the start of the capture window.

+

The time, in Unix seconds, of the start of the capture window.

1548752136

+

1548752136

end

+

end

The time, in Unix seconds, of the end of the capture window.

+

The time, in Unix seconds, of the end of the capture window.

1548752736

+

1548752736

action

+

action

The action associated with the traffic:

+

The action associated with the traffic:

  • ACCEPT: The recorded traffic was allowed by the security groups or firewalls.
  • REJECT: The recorded traffic was denied by the security groups or firewalls.

ACCEPT

+

ACCEPT

log-status

+

log-status

The logging status of the VPC flow log:

+

The logging status of the VPC flow log:

  • OK: Data is logging normally to the chosen destinations.
  • NODATA: There was no traffic of the Filter setting to or from the NIC during the capture window.
  • SKIPDATA: Some flow log records were skipped during the capture window. This may be caused by an internal capacity constraint or an internal error.

Example:

When Filter is set to Accepted traffic, if there is accepted traffic, the value of log-status is OK. If there is no accepted traffic, the value of log-status is NODATA regardless of whether there is rejected traffic. If some accepted traffic is abnormally skipped, the value of log-status is SKIPDATA.

OK

+

OK
+

You can enter a keyword on the log topic details page on the LTS console to search for flow log records.

diff --git a/docs/vpc/umn/FlowLog_0006.html b/docs/vpc/umn/FlowLog_0006.html index ac5c098d5..6c43ad674 100644 --- a/docs/vpc/umn/FlowLog_0006.html +++ b/docs/vpc/umn/FlowLog_0006.html @@ -1,7 +1,9 @@

Enabling or Disabling VPC Flow Log

-

Scenarios

After a VPC flow log is created, the VPC flow log is automatically enabled. If you do not need to record traffic data, you can disable the corresponding VPC flow log. The disabled VPC flow log can be enabled again.

+

Scenarios

After a VPC flow log is created, the VPC flow log is automatically enabled. If you do not need to record flow log data, you can disable the corresponding VPC flow log. A disabled VPC flow log can be enabled again.

+
+

Notes and Constraints

  • After a VPC flow log is enabled, the system starts to collect flow logs in the next log collection period.
  • After a VPC flow log is disabled, the system stops collecting flow logs in the next log collection period. Generated flow logs will still be reported.

Procedure

  1. Log in to the management console.
  1. Click in the upper left corner and select the desired region and project.
  1. Click in the upper left corner and choose Network > Virtual Private Cloud.

    The Virtual Private Cloud page is displayed.

  1. In the navigation pane on the left, choose VPC Flow Logs.
  2. Locate the VPC flow log to be enabled or disabled, and choose More > Enable or More > Disable in the Operation column.
  3. Click Yes.
diff --git a/docs/vpc/umn/SecurityGroup_0003.html b/docs/vpc/umn/SecurityGroup_0003.html index 02c867372..ef1d17bc3 100644 --- a/docs/vpc/umn/SecurityGroup_0003.html +++ b/docs/vpc/umn/SecurityGroup_0003.html @@ -1,7 +1,7 @@

Default Security Group and Its Rules

-
If you have not created any security group, the system automatically creates a default security group for you and associates it with the instance (such as an ECS) when you create it. A default security group has the following rules:
  • Inbound rules control incoming traffic to instances in a security group. Only instances in the same security group can communicate with each other, and all inbound requests are denied.
  • Outbound rules allow all outbound traffic and response traffic to the outbound requests.
+
If you have not created any security groups yet, the system automatically creates a default security group for you and associates it with the instance (such as an ECS) when you create it. A default security group has the following rules:
  • Inbound rules control incoming traffic to instances in a security group. Only instances in the same security group can communicate with each other, and all inbound requests are denied.
  • Outbound rules allow all outbound traffic and response traffic to the outbound requests.
Figure 1 Default security group
  • You cannot delete the default security group, but you can modify existing rules or add rules to the group.
  • The default security group is automatically created to simplify the process of creating an instance for the first time. The default security group denies all external requests. To log in to an instance, add a security group rule by referring to Remotely Logging In to an ECS from a Local Server.
diff --git a/docs/vpc/umn/SecurityGroup_0004.html b/docs/vpc/umn/SecurityGroup_0004.html index 8145caa70..5129c7078 100644 --- a/docs/vpc/umn/SecurityGroup_0004.html +++ b/docs/vpc/umn/SecurityGroup_0004.html @@ -35,7 +35,7 @@

Source

Source of the security group rule. The value can be an IP address or a security group to allow access from IP addresses or instances in the security group. You can specify:
  • xxx.xxx.xxx.xxx/32 (IPv4 address)
  • xxx.xxx.xxx.0/24 (IPv4 address range)
  • 0.0.0.0/0 (all IPv4 addresses)
  • sg-abc (security group)
+
Source of the security group rule. The value can be an IP address, an IP address group, or a security group to allow access from IP addresses or instances in the security group. You can specify:
  • xxx.xxx.xxx.xxx/32 (IPv4 address)
  • xxx.xxx.xxx.0/24 (IPv4 address range)
  • 0.0.0.0/0 (all IPv4 addresses)
  • sg-abc (security group)
  • IP address group: ipGroup-test

If the source is a security group, this rule will apply to all instances associated with the selected security group.

Destination

Destination of the security group rule. The value can be an IP address or a security group to allow access to IP addresses or instances in the security group. You can specify:
  • xxx.xxx.xxx.xxx/32 (IPv4 address)
  • xxx.xxx.xxx.0/24 (IPv4 address range)
  • 0.0.0.0/0 (all IPv4 addresses)
  • sg-abc (security group)
+
Destination of the security group rule. The value can be an IP address, an IP address group, or a security group to allow access to IP addresses or instances in the security group. You can specify:
  • xxx.xxx.xxx.xxx/32 (IPv4 address)
  • xxx.xxx.xxx.0/24 (IPv4 address range)
  • 0.0.0.0/0 (all IPv4 addresses)
  • sg-abc (security group)
  • IP address group: ipGroup-test

0.0.0.0/0

diff --git a/docs/vpc/umn/SecurityGroup_0005.html b/docs/vpc/umn/SecurityGroup_0005.html new file mode 100644 index 000000000..c356ac4cd --- /dev/null +++ b/docs/vpc/umn/SecurityGroup_0005.html @@ -0,0 +1,90 @@ + + +

Allowing Common Ports with A Few Clicks

+

Scenarios

You can configure a security group to allow common ports with a few clicks. This function is suitable for the following scenarios:
  • Remotely log in to ECSs.
  • Use the ping command to test ECS connectivity.
  • ECSs functioning as web servers provide website access services.
+
+

Table 1 describes the common ports that can be opened with a few clicks.

+ +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Table 1 Common ports

Direction

+

Protocol & Port & Type

+

Source/Destination

+

Description

+

Inbound

+

TCP: 22 (IPv4)

+

0.0.0.0/0

+

Allows all IPv4 addresses to access ECSs in the security group over port 22 (SSH) for remotely logging in to Linux ECSs.

+

TCP: 3389 (IPv4)

+

0.0.0.0/0

+

Allows all IPv4 addresses to access ECSs in the security group over port 3389 (RDP) for remotely logging in to Windows ECSs.

+

TCP: 80 (IPv4)

+

0.0.0.0/0

+

Allows all IPv4 addresses to access ECSs in the security group over port 80 (HTTP) for visiting websites.

+

TCP: 443 (IPv4)

+

0.0.0.0/0

+

Allows all IPv4 addresses to access ECSs in the security group over port 443 (HTTPS) for visiting websites.

+

TCP: 20-21 (IPv4)

+

0.0.0.0/0

+

Allows all IPv4 addresses to access ECSs in the security group over ports 20 and 21 (FTP) for uploading or downloading files.

+

ICMP: All (IPv4)

+

0.0.0.0/0

+

Allows all IPv4 addresses to access ECSs in the security group over any port for using the ping command to test ECS connectivity.

+

Outbound

+

All (IPv4)

+

All (IPv6)

+

0.0.0.0/0

+

::/0

+

Allows access from ECSs in the security group to any IP address over any port.

+
+
+
+

Procedure

  1. Log in to the management console.
  2. Click in the upper left corner and select the desired region and project.
  3. Click in the upper left corner and choose Network > Virtual Private Cloud.

    The Virtual Private Cloud page is displayed.

    +
  4. In the navigation pane on the left, choose Access Control > Security Groups.

    The security group list is displayed.

    +
  5. In the security group list, click the name of the security group.

    The security group details page is displayed.

    +
  6. Click the Inbound Rules or Outbound Rules tab, and then click Allow Common Ports.

    The Allow Common Ports page is displayed.

    +
  7. Click OK.

    After the operation is complete, you can view the added rules in the security group rule list.

    +
+
+
+
+
+
Parent topic: Security Group
+
+
+ diff --git a/docs/vpc/umn/acl_0001.html b/docs/vpc/umn/acl_0001.html index f321f611f..d06e25397 100644 --- a/docs/vpc/umn/acl_0001.html +++ b/docs/vpc/umn/acl_0001.html @@ -73,7 +73,7 @@
Figure 2 firewall configuration procedure
  1. Create a firewall by following the steps described in Creating a Firewall.
  2. Add firewall rules by following the steps described in Adding a Firewall Rule.
  3. Associate subnets with the firewall by following the steps described in Associating Subnets with a Firewall. After subnets are associated with the firewall, the subnets will be protected by the configured firewall rules.
-

Notes and Constraints

  • By default, each account can have up to 200 firewalls in a region.
  • A firewall can contain no more than 20 rules in one direction, or performance will deteriorate.
+

Notes and Constraints

  • By default, each account can have up to 200 firewalls in a region.
  • A firewall can contain no more than 20 rules in one direction, or performance will deteriorate.
diff --git a/docs/vpc/umn/en-us_image_0000001646961692.png b/docs/vpc/umn/en-us_image_0000001646961692.png new file mode 100644 index 0000000000000000000000000000000000000000..d8f9804a86ba17c29671c2e708ea7d8a55e9e102 GIT binary patch literal 128 zcmeAS@N?(olHy`uVBq!ia0vp^l0YoR!3HEv_nU76QtqBEjv*eM$$$R;|6k80#jF+; z?O^U55wJ5{BC7O~q*zc+j>O?r+CO>N0_0+A4p~TjRK7gvqKc1@gq@&$jgF-6A(h65 b!XFtDtmNgH8Ra{GMlyK1`njxgN@xNAeY7O< literal 0 HcmV?d00001 diff --git a/docs/vpc/umn/en-us_image_0000001796404809.png b/docs/vpc/umn/en-us_image_0000001796404809.png new file mode 100644 index 0000000000000000000000000000000000000000..3bd705bb1279cd4d15bff49f0dff7ecbc93e64fb GIT binary patch literal 23749 zcmdSAWmFtd+btL@gy8NH+})jE!QI{6X;S4Kii-OKQ- z%TrljYqRI+y-u&Gqp1f73SG_2@XQ|G&A8gb2UGfHQ;o?qTgah|^1-{}{P+TgCKiN2 z3x)B6ED;Sl_zMPKc(z-tLhRJ0qiP6&PQA%cYPZsY8uvr4Z->|hID1M6ocm&wq4N}8 z;1!sWqgSRaVcC5CRzMqB;MF3VMIMQo`mwOE5kedJkk;SdUv_kUw9saRC8>gSp=qNg zan-8|T|m1TCTqqVSwK6PJX;dJ6H*K-q0)((GNcdbmQ7czfIbK>hXA=hDSb>ESmT%F6HRqcGeClgC5a#eVDc{u+zE&Df2i4TZ){T5%T$t5WtTxfSeKWf5UPm3e)do|Xpcpgyc(u;81*;SqNzgG zz_PSR1XlAb+*!#|w^0E&n*lR)fYP%4O1Odc=g$R&HA#ty->s}@-rn9sR&#SnA|oTi zBO|FnUPZHRe+8??_VE>#l$p=j)`U^nA3h*na8T=Qp`q>E3Ir( z1A9YO%d=SF=?Q3CO(wKXXeGcPuaM$1t6j0lsrpelUs`goOpHLrT$7p_>zD&ZCuOu^ zB1=t8LC3%-Kmc$=@Y9x*mSPg(mfip)Rg#DFJM&J9%K5XLr~K3L@lB2Y#N~E>3r+Q1 zKJmkvnxo-!=|h$l;IQb)tydz25jSHzMR9xgfkJlG(8mgFoGp1pI)Z!7hu?rYTMn`9(6_0%kRIrNKa4#?g779aWyjEjj#l<-oi2TW0HD;tbfZ}zS8pCCy zQw|CMEXrTbr+-#{D08ljnSit-*8tgiSc4s!tI2s8XBGnn?!%LQlz5rMys}#{(7-J9 zmW8b2_QqoNuzxqq+F67JPJdtrg-9e07N*zBch`4d^8dFPzOJmT$N~Z=&r?6+;boeh z9g52bgv^$=-E^_%$W-4ZEk#ccY4^uRNA6b4ls;0Bp)~l%qCD$UDr=L7>gT1W=Al5Xg21(l z{7ucDrqa7i&>Ih?j(_5U->BH>GY_XVG&^fjg1q3}em2)%o=HCrihJG*sj)bwLf+j# z{z)mbYE@{{^rrKRzv*!wcW}+{3x|U5VXL|cu~XGbPYV=oULSTM?11DaC2cgv-s`8) zi?@5Jd&9{#GttTpmt>2)&VMYV0qQ3gcV*WC{^1E$(1TU&adX^nr&gWsuLB?-V2{rp z8xF68iZ&?!=8@F44Wvurzk{&Pb?^2D!a@_svipY&5Hp%eH-J~f)Z0)1F9+P2a<$cE zyVcLEYnd4vhbKHa5_Pd8846jLWG;TKug)=T=_b((6Z|rzp|Hskxnsa5098k*5sV5F ze&+4*dA#R8OH+EwD9uT7C!$fb(lex_A+DO4Yw5kQr7m7|kdxyZ5u@R=c8JU`Ip-X* z2bsKLMwUCwRj;KyH$Q*2B2MPlR3a_ivZv2#Z@iB}{fU8g@dsAo3Va+$Pxii(FLDjW zjZOHo3z>_ZB!RFdDFZm*%!&YwFhZz4)BD)@pI-epyh>Wk(=zFMq+7xH?jW7VLcH@8tp~NwayAl8Lnpx0$l&X{^u1Y0HNzbe zTV3tnB+9NeQq7bnkks4 znPHam0%u5jE$!WQ!41IqB8*q(E7%!nq{Gz+e@O3l1@s1249=HR-&3{sj2aD{5DeDD z#cR(2HR33@AHgEm>Gc;3Qx(~|H@+m^@&+F0dN@Kufg%Nf%2jOe@RSfk^P&pIQDkl~ zTr;!DUJU4CR>4e?`J19Fy!1-T#g8vK$8=4yG!1o(Ib-LVvR~F?8a#3E>MYLRB zw9JGmbCl3^ikg%luG&=-+SH1#G>ri;N)dN+sVg!%d=CIjCwnK>%->BUDc!)AjueJh zAs6ejE&!8qpW&wnek=1CmZU^-l6ug-1iZZJrT?OPVG*vNIUB1P|@ zKmnH^ty7ci|2%=Z?6HhJ7dH=nga3H$%e7lL-aT&JzxW$jx1{#E7RKNlYlkOvQ8w}P zi_d;H=F0U(#}rMm+aqJ8kvEeg%puw5k`*fA_k4^I(h23mC<0Msa{Jso`p3WwcR|JP zzVNx_3wEig(WLa(LBVmu17elqm;JlUsti;`Xy^-*Bx~1%L4GDgS&pq5re^mK``)Pam z7w)~4o{wB3VZo+sxOXarB>u1h-US`ha6%T<#TCinvNHv)b@wG=G--m-nW@(~mP_Ch zb}+iIKvjbU+4r(&pfam3bdHMaGo>%aTUjVHXLbz^Bv(L*i-~7kN z^o?Kbdd_m@40=t8AM={i{+*0P$_KENYr-hR#cSpeYlyv?bbeROV4uV%q&W4xh$s40 z=$wiScp;+SaoCk`ak<{s`8MA0s^RtyI7MykctIP6*(q&?T?ZCOo?IBYti0X_EvH1j zR7^1dCYLYRo;%7w{o+wB3Y8j@`N9tpqS?1jb>qZoDN5Iug=TZ6(hpU)U1wbrMO6Uo z0iSeJ<2Kxf@aqVFS*wzIvY%!hmCJ#Lcv^@}v39f+9MkwhLTdMI&k3t#O-gm;oFQY< z6RhjIk)HO0Mg9e}0X+@aXj7GVSW11$c6#R%h7yn=FGsjYvw2p7WOOnucl#=g zWH+jxht5eAq?Hu8hWIg`{L&{RS>9+a+{)Y4K!CQ8w_x)|5$Juy8?mtpb%px6uYviK zfqHU5J0Y^va_>?}@FAAVBolp*I?_yNrGT@t=kexbe1UUwPKm8*@~e5C&)(&>mG{M3 zzkZF1Q_Z)x^?+1*zrb;*uP`XaaE7VF8#YAp_>wP7QlLu) zs1-*T^6q{mcHhxTRUUqPEK|Vw`3QYtnaDVyPkoO-GW(<*N*4w;``7) zGrY#*?B*fYS1yV$rK>QjyEgUe%}qrG!%suU{KuYCmp@%-Q$#q)gkL=kKTgRKGFAE$ z+;C~K2Sv-lflrrNe)aV6_7=Vxp`;yJWoxmxPtN=3JGK=v!Z!U&qkI8Ro9xZMap;Ge z6aDwmPBv8nTD&V*zYunO;nU-e$MO0ZQsTq=OcU>k8{F7X5mOnzd)mS&3Oa>V@z!W* zk@o&Zv}zZ;d45Bg#xvT0PD(~aw%IfXJ8-V=m*zJrhbq!%TRNR!Q=*}A`o71M8}P`+ zO&n36yfHHWHJo(iccKADUHmT}pJj%r@|t%-SL(vdpJ)`hFT8A}5qalNa#Bxp1*Biu6KSqNSeWv76uR4R3hxw=r zV;tdo166xQs^>?PfTw9AZ|`oVZH+m&0seYs;@N1Dcfe)~QRG7Av0Bau{+h-pU#?Ym z`xP_Y)@c4&rj5u2;{r{iaihK@26G8YC3{?vsGB`L8_F}I@@QA%0BoLn6+`XdQr+rf z#x=?NV7)=wKkLqypfZ%O7HID4m8|31`_>YUB9cMhwJq2sL_IFKs0#k%i^m7S?(Ipa zE0ut|!`;J|BDM02&&i_+d@R?#79cP)j}!}gOfJI{ZQ#q;+$dX=i(GYSu^Tzr`z-&@ z_T~}9u2)|eQ$j9_CFcc>zR}4LZH2?05CeMKsKnMS>*}_eq0!zD1~~qblV;6Cbni$5 zpGDrhZmI2gNIAVZqk|A`+rdwFYuH;u>ig5k?ijzy=j;k}Ghc$3Y<--ALNF%Is?jX+ zTxzvUPy}#twG+|_u$1k3hJU|~L>I#rVI}Lng)+(>TjY1b=TXeO$*sRgfn#Wm=V@;dTBtu<2 zg5LSZIpMq6N7Qc*fy8G=hJ@rH?)AvqpE)KD!xj|s_|@l| zE<+aZc%*0N@9=1MPbW9-)NP#^)*5i+5;W##0php_h+V3(fi9SJ9?s+3H7H)MK-6?~ zsod6F(;wi{^50aw?|Qn!`8ivH5U%DhzOz%^)LD@H;=Jovjcs>k_hWd>nU012MR-m? z!hXfz^FXy@Jv6u7xyWlV##ZWD&R??{pI(By1+cWXB{(YYMfITT`Ad&3SpLr<=UsU$ zyabi``?JegPuHp>(U+x65_K2+uC%;ug#9-H!+(XE9SzDP10_8l8PduA2j5aS%NsAm z)B{i#_Rt=aki!km)WO3p9&tXw1mffOZEj)+o&00}fjCJ211zwm{8=XQ7p+iyLGIB6 zeN=YC&wLA>R4jJ8Re_gbNP8#HSka+jqL02*+ty_l>5_HBYPon)2{Pft0CVn;W+TYYc{MppO>UFoOYFT_Ycz)AzOPNp2rE_$+3{c$MPXw zF44VXY>u$B4kCi&(l^si0b_+q!d!zwuv$Mvu}VEPVG3d;Z5PWwz6=t>6tr|}gMVxYa%H%;cl4*ctXem%*TP6=vF*}9Dgdc0Q^ z`hGn;>M@tEICZ)A2|3nl+7ul=wZnu-se(ZWKd(7Ka%fMKe1% zd~}++Lb|GX7U?}9q82|C#q;MbFposz8X_|UO&SE zIhv;Ksf|v&lLW`0*nBw2e14UJ*vPnxUv`_Pkc8egvX%SHC2x|4VQlm;<4XC-jyqg6 zpm$)3A&JL53Y5wU?tW`J&-)eaMYZAZPMYENk+ksOEKkUF^9;K#)D=vYD0_uE#m!7d zJ1sK%_P$l#0d8EzR*H_oj0K0`ygVD%fIx?byP{Xite6)4>;X>Zs(_U@bH}6G0}V0S z!b4cmbL|ZqVE2uCs5fO75yO2E7k#_^w~^p0kKvOwDY~raw9sH)v z6#WW(p|DwJhJB@T-IDBGNnw5e?8jN?z8sIs1B$rIDL6tt3?q^2H=FT;+1xvOT@#5P z)$RE;WRo-TQz>rUmoey8iG)K_<@DhLej7Bh@xD>mi(=-RXIOLXu*{ z#0NFUbR}^C!wJcuGHUW4H&As+p`-4v_hlDifp~ zkw0ATu;#|JY0riV1N}l{a7Vee<^6LfQwe6fkW%Ucw`yw2wMH~o({J5Q)sJ6k@_aG- z{{R#8T-(*v*S`*Y?_$3lNb=B4XL3d_ch^lq*!+ zZd^lq6UUWdAaOt~ty6PDE#UL<^^-~PMI)vCPm1CBHC$+Zi1+$Q;Dd-1{qX{>b6BQa8_Itl+$-9;ey=rppzH}a%LL(-pkYyOPQ3<@rE{gHi8K=LFP(_V*MB z>tiohH|)r#h3=?1upvp{;6^?o7Dp{W%q-REx-f(>MJ*?}xOz33e-Hp_{g^DRRDA0g z*tr}Br92<-2)3^$H9n6-%^!XZ#}2TQhS_oKJ0`TT&e>=$tujP7&b7qTJ{>%>9cg^f z<iP4mc9X&3+Lwjm)oN0PoNPk|A)m;-pm8?22~?Opm{7C(8U0 zX5iM8z)!BYT5CHXrS+1UY{!*ez(X8U_L#Ht<~0HmYEy z#=CJ=#OwXcY=HjGQ9*^id-1qgVkLkFO2uYaHqnpuO=5$(bMlo6{6l?GEdzft-{Ima zDvT67;na+tZ6pp<#bxrAFQ);$ha%&$CqFDmC?+EcBtKk&Y62!aE;tE>rUV2u*Dw41 zYtT#1dnxJ8w%vPcc<+g5^zHeG(&be)a*l79Wyxdfr$#?<#A(ag_I$X=@4OZM$FWU9 zsocm9uz+@_j*H_`V)y*AqKaY_STriI(MWx+9|Z5ShM!VODpzT|Z#_ZV?p5xuPZo5! zH(vW~rJQp2O6sXf*UJ}L&Wvr2?%qBs^JhvzWI$>3F|{eP#~0Ae;jUSp(_mPN@x#E$ zxSn90Zn+QKD8u=h_v6eAd!TO`9DG4aXjks(R=@q@#)VYg8jnZp@Y9`>@Lop_1W3s# zY>Tg8{@nRd#IJ0dqM-!u;|3QBo|7iL__|{-uKk*fVK{84bVecD1_}rZzEO~sp7L&q znxCifsz0w-N_lvE97tB3uw(dkRxWb6N1A)!0`R|lbb7K*V;R|RC*1Z$4nJ0rh(i6c3DX;fseYZ7 zUs#P-&(QT950ag8)~~FHin)Gbrj}Z6&z+M;UDQ#;8nnrQR74GtHl2m4@bAIWO()JV zvRl5dbnlO+a;-Kv!fI<`;yQR80Uw-k3bs5X8pl&$ul={VqS)MywqqQ_p;7Oq(Q;Cu ztA9>`JhQ3m8lvjzapbv82ZbOYi?w35oEzzTg;D*z#7|49?{2*SePj`pXOEt3t=;|P zd-*3~;my{lFK521R%6#$kL?$O|CTclc@WETO7hAK@v02eJU6{f8WlB|^Q(R9SUHC& z+TE|KzWx`TX-;_DC44+J3fw7In1nT7Qdluk+Uxz@`R-Y)>SYh5*?ojLC%2%eQ$&5b z{CzX0F#E)&DfQ93EUjdTzJ~ja)2aLY+8V#988&5<18wlalbhfs_TG~Go-VJyM|e!+ zPP+Q=n4YHq0}b(KovLt4pzoQ`c(r`nA9mog3vOx5urMf+Wny=3CZRvVm41{1x>iR} z(~-oe5@D8+r+U*Ui8#8Sy2|az~9{hJVy9*znQsnSU=k?FUlj>{AVohJ{J@s`XpWq(a7tL&q zfVeei9WLDFcL?<7a!SOkc0bife>|3Sx#<`yT+$d9F2=U)`0JJH#dS_M&q(3aWDcOiR;JxO`>o_zJFivV z)+TCFWdL~V%=|Y)viSmQr*oy`29@|;#Kod$25KTeXtVN zV^~WFx*Z)cDxrgNnWZl&;O(EZgix9d4pwqZ-dgKy?5usZJv1s7z_pT1?o=>_t2U{B zMM!JdzS1g>DG#xNMNycqv6*pD(;OZ7O^Hr91Pv9ScNm@OzyE1H*}80OY&>x_R*uE9 z5pZE<_~=690pSwmSTm^jOTeCh8BLu2qmV^B20-n}zCJMXf>lnulO-kS(dvW#&9$ZDaiL0ble102A-lBTq-4l8I8=z}9dnsZc)s_!6q$suyv`+*(iUdLG zIHC%5%S62v$2WIq(`Jz8WR~`uU``FM@5tG?xEqI@9 zY;7F9|Bm^~LSt?o_?>G*C@k{@W6h?Fe#f#F-lOChFLQM#Ksd9&gLq$3rIP_dj^dZo zQ=RXyosJ{V@HFX*CtRcHWHN{=RoiIkHpOZx^d0Z&HSNn zM*ibtvV3ZJl%tuDC_0F*3R&oGWrT<($+~Plo^b=;l>EVbo=a?U<9ElN7~ zcCH^iSyWaZ{9Iz0IX{&*Kc6Ejw7Oh2-*EKHTcB=i91Vs7a~vg`y8VwPj)Y%OPE(M! z7D!ZHo^fPkq>-NVJ3#rh4yaE5_3PL0?tq-vpWkz87$OTe4|d+nX(qVZByxp*HMQXn zg?>IfA~d#kjHxOVpb=DZK0P!!by#@0oz}X?&(N-2d&k4wjj~Rbw2`=yW`G#&bhYJI zCs@~Y6I2}PA-uzrLM!X&6%t?lSfaW49LHGS6dw(Q-_Noe<(sAR6)08^CU?OPY&917 z(A9v0wg412m5`t`G&IcS2OLZL9*pDv{P~lLD01iFKcsjMgcMhFP{HV>$ys*jLS&GW zV;rAg+l|c*+peZ7e$<-V;?nxz!HlDElnk}wVb>NT4AsMciICwD2NzB z9Kvx!Bnnot{~w7W4!5?@#KrsnD|!&o{a;VH?okJ#NI>Kh|2?jHj*pMg{-*&^OMJ}A z)8oR5q5bzD@uDRA`jhO-e-DEH|26tT1}<5}-@4oZW!6r1#Z6T)%^uhWLT^YY$Z7$Es}DvhMQ`YzrVtK`GQ2rN*f)1f>2~>o?xUYC#NNnh)pX0 ze_!@Ce)-8j0V4buKzAMbErcU=NQh@@Z5y1@#Kqm=uxw!y8Id6T{QOy)STH!y99oA8 z+5HxoobRgFR1?NDFi->l03@fTs;a88Q)p^v%&e^NJ^!BtmmgE+nMl!*cxf}UvWZT} z;Cji4+j1ESb4%+BkM35q*Jo7GV%`pXXDn4}HF2^FPRReJ88(TLsx8_TO)acEt}Ch@ z)?Z)GUQkfb>T^fGy}iw`(`2{Q3OGsqCGkI7+=?k~z?n?B6*!L~r^a!=OnPuzOzW7^ zGR^Tv;0hVAn3RS##HWO7&lJs8>%OP2PQ5_vk0krUk1V|@XnB5K!rYv4aBvU_2`Sp~ z%>@Y=84`M?VhDNujf~)L(EpF!^qGHF(V*VG=*D$3L%b)xqT=r$(74z-d>5Eo)Bpbc zkdCNQft8al$kQH*NeG60;}*&o;(`GHuHN2W4jhzWJR%}W3JP&d47mS2=$!mm*&RQF zWi#8p+BGrjM_r)Yzll*YA*PtdMt64Cs4~a1lEBL7%x>M;??NjzBr@x} zV)7;&LhR9AAdU(sHdGebfKGz`#&MS3N+0-q_A(=I2InQ)vV?E8;qKw!f1C5s~-8jh=`P zq!?(W7C{GzoI98tv<}A-9C#p*go-PXR!9g}Vc}}%FCz+Swy?;O>Jcr&^9(2gw;Id@ zb=v;NKBc&PG5#@(Hb1Hq;O30ODiZ4Kny!SY7bSj^f2Kl+e~!A<=6enT3If&XD)Q_# z(1y6Dh_6pni^HOvKNbPy8zW;RVfm9f=fn8=gIR4>b0)OvE;#}s^0uo4kMum(} zj`cMu2NU`_^fZJvzmyXhZ*?wD2GHsV(nF(iO4h(#g=|}G#Xt#`>e?cQYMeFO`i6w} zqC!FSFZzA*a3zL(G5@&X!}m31p2xPUqLleLw(`4ol4srWe~RSCz-#{A{9nVC$_1Sl z<+#CN{J?)Q;d`#(*DWY<|nS`UPsb2iN0pF9-Wrh74M*(TxIH;Kuq*%r!ly zKVSrSgqlW(*4XlvmWU||yUm_s3&>vK@y;*u$E_$>re==(M?V>B*n9p&9+S z(Y`-&fGFy4rEexGb(#|QBP)3D>MzVGb((ZR3%Q?NYjP}luB0?;bc>VqdXHmDmR|-` zrkA;9wmg;+@jZTSJfEbvR&ebv+Bg0^GR3f{5^6EZ(daWV6T@;85VlyW!;{rJcYO}< zL_X>ruAKpmx8I#;xA;)WrPU0MKasZ_`_gm(GCm&ddMjrK^2kYg(b~WP>ADG%QQKX?@g+3nv z6$e2p5_F{j8(f+70!(q3eiZ=)*^qGLtaOX@YuEc9Mt|4l01h|%rY=fFYjGpOJ&x3= z#}!R}WeN!(gkxP=t$-!WBdfs5Bl(0XMs`EQH9T}%DzWRdj(c(V-4%Vp;K4aT^>O7J zl#A{;8d}dHcq>CrLP9Fqmuec(YL08%H;_&{cXMdf{MrKB#0}o>``uk(czDyyux5Udg5F{1d^qyZXI3D>M8{YB zH#oO^!en)YJIW^9qWo5tP-4rWOGy|ZeiY86B#JS$*zt^C5lmi94yVueM zoUk>mY7#S(lw1dF?wt$=hEK9(Y!+{&@D3}f_UAQ)U(G3+!PN;RuV+rbNQR}J)&iSu zc=4HLq0oQ92XE(ozQ!a+=yH$v8}GcsF>0ODYRN0qA97m(9Et6b{Z}mdv%fkaT}|@E zKqKzWohQx4lJ6JnXLKK~(8iy-{O8BZhU!hfizJM`@v>@j5K>n(q8k|WY*$M~e!U){ zb;8eZC}>P#!sesY@2KRvmvzT@(kT4qFmzbTsC$&AOISNB5ZfnJHRjN-ut#M`GcFRe zyza9)OcR8ZFMBgQvWO%kPE)+&bJ0-eL>3W{0-2tc6yoS>;9BW6#z#4&1fmZ5KUyR@;R>jmwNoD=;31;0l7)pNk_ z#&CSGyVs5ol6i;-1$c@2Wq69zeRCZZO=?eYV2IfsxR>;MO!>CyO%Ydvj}Y!uYn*}U zLQ$F_>Yu_vgH*a;biIM%R3A7_wi6%ulNHy)VdJNqwXlPkQR_AeJ;rxlz-pe|?e-|FXz!4O;B8v% z#^p<3XEI$H=?BB<0JwRc*)$a)Gf}1s!zOIJLC25N^ce*SqlU5=P2{o zHCOAD6Lq9=*)7&C3}hfiV0(67mIag;&mg~|WHfkB&}-Hh_8)Vd%rpp#Sz99KB*hY! zRM7t1l_uiFGL*kChHq*i=e4jJ7+R=EF~eT6A9xHxoqzDbg2=%t=5PuC`Qr z^H&NbJTI-H4-22WKV@e#O*^qDMm}ymyGH<4Z?`XDz{okN5~|B0VV`S3g4UBP9=mx~^DF9)<{o@W)UlV#_feem-dd6Hk!A8uzvzRaz@W z9;;^-ti*Qda5TIG*PBD~U~9wi+|;r&za9tjK`fL?eg}Puo2Hyj=N0Y9Ss`I5>++1K ziYzQTk81fb-Ue?W%82bQR_7f}XPjC*WT0MP!`o~M4~U&or75vyo$|*Q70D_J(8nSn5!<{~SOR9SjSA7*vzy1d14IToK8cEB8rYOR`|7?^ z1Bo1+BAkA(hj$COtUFZ8_Y=q>@(~w#W3Xr;7N-bIAbID2ONO3d+(M+@lI}UblxM^)Cu@a(S@sUBf@NE9G5J zrMh4l9H96$p!Z}x^tf$bn^=>&jHW8=f5tYgqHxV8m&&9a7o){H(o!#jBJz7n{(kV!E~yJkbmUCnhOq#yplrTkCQ z<}=posYk7C6Q85lmAQEd24Iq;3)^nm^UI#*jl5*Ftm!1lkknLYL){an{KpCH$LB82 zlp^P+Ju#0A0+Z$oyl?nTWsR0~(Q}FaM&3GDX9d2?8=U+AX}7W@1o1LG;Gl)Q@R!T* z{eCJ?(l*EaVd+nkqQ&^+QO;JHva4YxQ_}(~($AvZ{eZ!Tydle}P7i!W>hw4>A5Qpk zt>^QPuPMkI1MPPnSpx=Iis-beD{|@njkYYW4(7mEyu(P^0dGIdhyo@_Ma ze1{ROIHb%^*NKvN(URbls_XKtO7}>Y);%Q=FHcOx0p4F+@{v)`YYD23XCVU>WDqep zW43$&3Q2j_Y_8TD;gM^u1#82?F}+cIV|)4H)Wb~*#=5hMCKBlT6ak+LZc`GX#Ul(* zw{UrKW7^vRP37LO#GxgF6r zRE2PyNOKGEAvI4Oe$7JZz?rK5njSa0$t?~G^FzKDqgJ`}=Zcz!hXyU3y#TvRG%2HpII$-A4{Wbd>!_@@<*0I1Pv z{$WqWi8irkrNR{PA$nT%gH*ZCb!IOFZP>BK#`5Tu!wt^FcTEY5D}a~k{*!uynxR}jL*%Ycb|UHb+&%s2Tz zR@gDnj1JCFm&|-!cYHnGU->!(vuoF{iSzs%!tErE8j+L3rTKh>)7Nb*>F<*z zwjCd_YdT-}#>P=x4s5@Ad$)w&dCs|GEN14A0XviOfxOw#G0W%989(XN0KmeB{1$6$ zc)wX2#<;(hQNkrOrnFhE+a2WNzwYuJ1{9voTd?5sTU=>6{2{U;*MtsAV@%Kls5j%0 zy%;BR6e8VSwChO!xbNs}u;%*g7(4)?FQ5cdci*o)9#{QN55=0D5gAal!c7$HQ@O_aY=nUmP<54n$aW} zLr8McZWBo4HyB3YPI6oMO+3c!LZ;jCldy=5BM8O^;)Qx-<__!pxgxUpPXFer(KX&K zC3>x9DiAXAWmIn9p(qmvBF!RgPiV{b3pPzC;XdL#i)gyRQ8wH`bhAIRf z>Ot>b9%DY|1+((FNp?*`c@;|4G=~R-`8IkhJsHg;fsBz)wPhvZ9>Ye@~+B zT;i%TyRo$*!WQoe$+@48loZ4hRWSZ{dE7NBRohwc2LU#1(0JTPfNRzzRH({u*t6+UVCI!%)3M-o^l7 zQf8jsqh*^;f4@r=!NxZSL!;IVm|?}86m^+WA9Mt<$%4d6xZDbD`UYH$0wmzGn z&}KA>T&RORwsUe`c1O%QeQo7Bx;{t4UOHW_bH$8JbG5FDG@WX`J8TP8VLjUX_f1wj zTBk!I4s$6|CFQqis}Gl@)ec?WJPSd=WuH{Hf&I`^GQHyk?h#731Dw_u1iW&QA$dl- zQaT@z8&Ck;Ta;vDY$*txeFLZnN{;6j2Db=mGa82syq-;C#&aU$%2bBsUTG6ui_TBV(ZG!(aPw@%4O`kI`42}>w zy-^PB*UOh;lybqTRdDVwn}hotZU5UwvJZp9#L4HmMlJ)+Vq&vhfg8RAu6BoHF%4vy zb3*SA4!!ClTes&-TBH`MlQafik^Qggf&M7@FFf_m5M&U*$R(ykC9|n{Sj9!{F8j8q zM=~YT5L3x{^-a9k9?zDF;gFWOnOVO^_4s5Gx|;Xw@4rK|x>cC8uN&U^M9cLF4k)r8 zm(qrhMB*vLp6xECRPJRc3{p zS)Q)E|70m5#t8%loK#z_KG>R@BUq(5!LA{rvs0&cfowutPekGi-1kVEHF?<8KP7{PZz?Uv47g5PU z1ypYTYy2!FtBnP6E{;KGacb~=^}YZVS!kMd;8bXN+ji_zX3BE5YxjZQ#^cE<#C+~e2h%p_jZ)?@|WPMPurM?sCEoYj%UGvBs&O}RibB6x1ULGEE? zSHh;TrlhU*(BEr0t(l;rT|=x5sJg9Fa^Zjz($`&5%*?Rl>Gbo#mW!U)-rwZ9)Nli0 zvm2Y+ci#7ujUF7@+rzVbEM^3Yq8CND4&+`ZH-Z(O83$_^Pn=LLWqFgQyNrH!$fu6h zMkb^MrCe!qS?`1ELUm=I`IFJk`*u7<`sidj)<2zTAP}v*LK%_BPP0YQf9ZP*Rt;0n zHoHSb3Xdt5*7*p5*%51gjSpHjkSR!`5;!L(LuuYecYS4j$tI`O(sCiDfSS34{NGB& z@MBa4o>BgkmpDi6jq?HfzENFOGg~P@gJZ)JFaEHqBe>;_Szi7OVbbw?d&vXOf1uS+ z=pAPUgjhT6reT;Gal%KR1_71d6BIYizH4Pwz@pAdzr+L-(yQ}K|6e5ss;Z#DzsZnF z`!SAfzSIv{|8cK)Y57>~kNdTBiydA;PgS&CSSoF=nW_3=ER>7ap4btt!{X)0ccIC> zXr$7&4(I|Om!MWP%}RrA;)n3r2rJ<`o}}}Zuo%Kymo{D52T>s&p^25|L4ulr2>4di z^6M{+Yen7%CfdQX6nJIdM!n$)J(n@lS2zO(J<5bIN$0RDYx!mLGp+^hwJ1?QRcoTg;&}0^GJZ@dLg4PLfSlAFUFf_Z8}gPb3?^oHIWq1JcS>+17SGv>LbV{4>a>3{r# zWy(X>Dk4NWLs7e(4-S&`pgC#pd{v4#)`X2ht)BPFbGraK`l}tek|&A@B@AVEnn|vX zJOY|{&fh$*)AiGy6BLFBb?it)9j92&o=k`U8zKIWhd+5BPK){T;Tf;!KoMf1Y#av| z!y~KNc#BB#XwL{7#<4ErJ?@?DAYbb&D6KDs+0JgNkSJmmN4zurTLPE~n5fV=ET>@l zi%rNOUKuB)GCxbvBDw+oPkMm=HT-K;#AKymOK6RVe_G6NO6spn$rPe21Xv!!-;R98&Uf z3Y7Pwe6i;XR!_rGtjSlc$gld&w(FRZ5Sn@(!4JEh905s;PL zc6q4@mm2&(_zF0p=;;2D4UMJVF)Y?S_(5xAhMC`~p##FJDtL?!PnG->>8PG;Byt+f zpAzqQL(OOY+yrYsc%T-vlZ;)jk6Mvd|2^KbP`zd-XP%&bZlnTre=uq0OS;<}B;O~T zG^Kjy+4sNCDqN4+(N09r9BvV8K6z2#MoC>%pbMUno7P!_}{efS}b5gIjP2~iuEtK^Q70)L`WA!R`#sJL{S|F45BnZ&& z7K(2h)q8yh)^_)}HoxxO#4$w;_-AL7{mn>=i*;Sj&V`KnX49&$=U#WX|CSRMqt*9Y zUgbln#8O=d{V1kle$OT0c+Gr_qdLbg;43xFL~8vwWA;}AjZ0BXo!(e`y=MGj?X&!e zZ<+NW&eM9sD8szAVeQFi#}QFEOu=x4G7Uxu)w!DX>&AmC>Sv)2@v9O_<2;U54=e5j zfUa{?^IEzzhSIY-PHyn@O2s-*MM0;WV6;HUrJk#I&x^7cnP1f#ziHVS=!UFi3_XVvurxyM{TT1ZwY!y&k=B!28|f4g*jr)5-c zK1i@wsWVvbBm$n39Gh+tk}{te82FnI^oTUobIWYRs5M$m>~eRE&G>fD&}{(Zj6Clx z;!$kWTfIAFuI4HW?XLlTPIzrU;8=)_c0Q}b|K9k8UJdBq$%#Pin^2fAXs8L+N) z1|zRUv$C&_lmN2Wc%5U@3l6TrHc*?eF?SuNCSwSf8~b4?`p@k3JK!ivKP8T?4dDjk z+m7r4!GW74Qah%#X{_}Y4Wq}p)j+8nkhlE#KV!Qi#&(s+7U4-d}Zk`h>|w|zpfXEvV(-b~1oqTv(#sh~{k zA3Aw*+_yxUsA5&_yITcV@`momeJJ1`=2JbehaoLBxZi0aO)yTcHOJoR+4H(qS({2| zL9&;`?OxrVJUzW~SOU;z z`(XD?o3y&ClXpiZ1F}pvVM*_{+n~##4$bmI zS|f>vlWg!$is-)4^UULi+!3yj>V8*Jf~zal=QDPTJ-s@p&6@pJh{qu2JT+*)Ivjgu zN48>zo5hpmLf&j!)Wc^+dj?RX+>BjJ&paJk0Dq;kP${o(P{LrO{$bv5{f`SzPG{1u$_QZ>C{3CaRBj(FW17aL8f93sO-JFM0Q(L>n4}u~c zDbhiz1e7AZqX-jw-oic&7+6AQK4%F@x*tCRn9m6|Vt=c5)cAv$~pxLlsc&Q>) z=y!T2m$jbF$d_znuZ7G6%?$O(H*@ULMH$>@tg_wvq^<8-ENgT}v#KOy8saL#v_|i%BGA!btkv21 zL~45aFL`WH4h-(;gd)q{v!SKoiKI&o2}|vgx_$AD+p8gYP8FS*6k&?xNe=AyiS8&$ zs5_4b#jHJnCfoCiunK6dd?Vd}X9OR;aa69Ej_gpAnj;qy-f@kd9ErU_y;H@TqQL)Y zlS$Icg^1OAt>Ea11##2+=@u&~nb+`yom@!eF6!VAkHyj@HR8f8Y?9RTiLS-hr6H`t z$i5z>`^!ZLwl@`XGHSyX851*#9_B3TADDW|=qzVE(R?^AlSucz^8K(^`BjZ6W$1N> zA;ZCYnA*9$Ui>i)`%YqE1K&+`>q>?yB6P&d>#Lmle7%jIfjE%b(;!tF!3wj`a-r{a zd^AJ?`1P+-J%dL>6Fym(wg;F<>PHWLDTB!FEmk3Y*VI&Lw18CtI}2giKqY7HC6aq} zNyhI!2V_5YAOA-Kaf<;=(}M`VHVn?>a^u1rR`Yu_I(065Fz~_`-|dKIl0)h|oA*XY zu@s0U)l@;yw~AC#_~}Nq)vE3>{s8ZMQ-FXqepOqF-00-p)(X$RxvBY}H%x^33>nw? zt)c2TQIE^qs?1OB9TTYVOx9oqMb$Gg#n`XzAku_0`KjMvYii~PFB>;U zxuWXwg2qy+OXjTex&7gV0TEH7va?$D7Uq_i>W4B4Ti-m0A){PIIcM=(^PvJedx( z+~U!3it3b)cCJ&i*8M*8R|^3^Xs370P2EM2LV~);hl(U(^V{12{|4dn_vhM;d!NVs z0eMFM;$pw=a%f0MPk%p)q@=G)Oi6tc^RCwWA4wEAzFJ8R(z{c`N7UK|u zPsBGgqhM_!QKvPoiPF^2n30YwN%Qr9Ph$=OKosDsa(HwU9v;pJ0)?-vtT2>ch;PMq z*4FZ?sFD4Vco3UM1NX8TW2`PJ3L6{K%m~i#TSuG_)1{l;$KV=h8{CQh|tA%toZ|-{{K*;w`^oXp+YlDG=e1jhyo6N#uq7DwX zlG~@##xQqoubtEC+ic9xbp3r{2C$+!CS41r=pb{%LLuNI^Uv3>ibaPMZ0%^1!F1-g z^qk63_(OdB?OoQ?gQ~RjUld&W=ffA5m!wow3bL}nNEGS6^}GBwFL!9CzZ`VU)&G%zXUZpxkMY3t zVSgk^f&FAx?O zHPqHtR{RX}4Auq)bW>APsY4*fee~nvWVYip-p88d2 z2o+V5pE=Uc?yYajE5vJtY9D>Mu9X+}iG4o*m%=k=|8TW0HCtF*yk9w6QdL`<0t5oF zu(ED?171JBH7KV?2raSnY(z zSd$wpNoOYOSOWYqCnqNkE^cbIgK)@&cZ1y=lc3<6-)>63I_L7>)O;#FSC(X0cq}W| zdfxX6ptjqPj$O70($0O!-4B6*5~ru34x+n=#N*eg&9!${q=k0O9Mhev5nYoX@{;+A zt|`nAf*)_gUA-syMGl)bU3ZA}w-f zzH_qEi8V?ZYGWI#km_*Wdvf1&CL0|N%paW0>8@{~zi@5dsc=&i5o1`!rP+v+weH#j zlJT`AJ%r+6)pdC7o8vB}4Rv$Nx#bv~Qn%@Yh3Bh(pKRA2EGn84*tTd4x^laHa&r5x6`g_818;kTa)+r7G1~8E3I?y#}gZAM4%g&x#%p@yc^qiJXZ0 z8vb-)A30m8Q!^T5Fai5kH)Pn?@sok)%vs5sw9oP~K6kr%Z^?n#rTY-jk7W;e!pwnoPk=9@T8vMnWI*q#9wy3gzWh6=qPs%*J z)68iL=9+%wWfRuzu}S^VcmK{{B|vlDB<$qXFeYJUwIa2n>4l&82HrhAC@M&Z1wc;# z2=x8vh*r0Wj9}lRcplo<;p@o`xVlWAs}A|6k{+U4`xe7o1qTb z$;i`()aWe>J9K)ATM1-nZB2I8Hfos9k(IwLp&m5)>N0{^#LT}T?(8%cbL{_(wF2Qch;jC-YwFDpUa@WIN9QKPt}_fNfv9>oTIjaDsNwxi{02^ByLQ6$)CjF1lT4hE!rmo&gxJZUb!IDhY?? zv;s@#KsO9~FX%3z(~yz~=c!_>LJ`R+{;elRd$mcmLmJzthOgHnDu63j;;>V8;Ngmz z_)a;GAkW&@CQ2tXj50;H0z@t)B&Lk7-;{3fd)Dx?zIHc^EPs)}EX`BHUhB`bC$UdIT-!V4y5)cxv zKN`5)t3KFp#ZB{4&!>lu=hg`at*9*s=+=wS7v?hA5Eq@;b-En=fX%Z zcfFFX59}bWHbsYIvxV~5Kj4u!6i)ze2=+# zp$*)AB9tFgG^ut>7>nCN3rb!@zrVM?OK<2~NqaUN`wIMJJZD6?bL;`}r5Jm!f?18v zUs*rRKk*4hpyuSBdy<48eZ@_F^hpuj%VkKFl`|RaxuH7P#WdEoeA2oL;~i`0m^!0w zDA6nQ1LtDBJfH_CnR560VcY{t1McgG?br+-#q4)4fs+YN@8%=+;h!q0r9zl=o3w_o zusXu_)Fs~&54|55I)}jz3Q2n93X%o8e*Eo5mjsOmS?`Q1R{MQ*Ov!d0h+6x9<;d&;K;{ZPnEFyc^qO|k(R~ZTl&qwF`gyr)Wy-%4K_F!Gc z=y3nZ;*t)>80_1$agT@Fr`^vM@9k1_oKIfiw^ier7s9wBW8|H$6!GQ25OG^)oF6n% zz12Sa?8o~O}atp(0ZF_hKwqgYkAL}E+W3}=t8@Hh}3WEw#ohg+V z5|+!Et#DkTA3kYE-cBrcQ2SW4J}=H)8Yt{Dlpn!83tkv=dZ3U?Hs)V*j)qqRw>bEW zeXJfmKBdWnx~HPwYV}^i0XZzEvGAs8;7!G77ulHQfDI{P27sh~H7dgs^OhVDuhU&B z)Mg{Mk>lG04uEFc-WrhRep`sDdLM|HlWJK|-X+3i67XHYE~#N;L0jc`p0%w0n5|A9 zCooTlObIYpYd#&Fi$e}`uk%1xsT9A_Z;mV|$P{3gLVV-zo;v3JY0tujwgxPDbi8;i zcgT4GSaVLIwxQmM^I1yUrYcStOyWGNAbFo%ZFpoVs-!7=axwDCJ_O>uk|FEiML}o4 zp%}?GWxk4#Lb4lGHU#GOqrFXj4DKcn>L&gWZ5Cw*^_ZY?oV{0*@V z@I_ig@F7<-KXa@>!diabx%}q<}GpM-C`55{=ahWPLb6VBF6WB0N z8tuA;ry+Jkdq3*LlXQU|a}vInk2UaFPgJ0Zzjm0j{ur)DIhDB6u#m?dp{ppJJ^=^| zPNK2CycwF95VZ4>rU_+j$VP2rSB*{GcPyW)mYY8v4+&!j@tFB%IA3LfnQNi>jN@!hu-$c(^R9`n#vX$%J zT%2!(U7{eo7g1h~Q^ELFvvxkGjGg0Gt1?u*isJIZJ(xKl&?5?sr*-kq$9uZ3_=Mpz z&4T_bZ%wRZ87|esuwgHFwGI)5z2A%1rJIy~(k1LS&>gfL+r+Ld#McsZIjDLw3n4u2 zhTe)oe0}KA*JDH-$-mc8@cLg8o5??=+|m){I$~AqGcamlpN&)hbG&s^t8cv^jA|aP zu-lngitgEJlSBYe2wJZm_AjCZoDsV7k6N!rrEyZ$B(IPYS#|R`FUbT|TCp9Iv2W4H z_$wj_BKm2X-gf-)a}jJkYvIaT$J~0{sbmo&`+$H|^$K&X9BRDQT;V8S z)o={~JV-!X@T&Mq0(Yb89hrwS7jck$>ZXzL1yy@{A_!3q>%OiKDZ}S>{#_(V_mELR+rd?DZ|xQZrJ2c8}v%IK2thg4WEv_rH#p& zvBUp(2Ec)$iJ}ini{T!zKQ2G=x;4FY8s@(qnXu^qi@vig8f-tpArm-#)%N-d!ukk| zRt8QYFCw_AexPGMA6<#1WT_VFx~}K=G-0b>fkcN;vaX-#ogu!YGn8{@+{g7O;=RUC z$qP3@n2zOt0?lsVNlkW7@8WrT`G)$$go{Jil#dU?(FVrGe(EwhJ^$Rp5{HXk^6FGt z*f%i`!!d@a($nnq)ch;`G4lD^L#UQ1q6c$T>qNhWq{F&CXOgAiW0tcZ-G=pJsS8>z z*fDRdO9!`LOi1Q;vyymBkyV@E@dM%!MHhG_^4ap$Y?T17v|lAfwTG)q-$u@RieJ6| zGhSHWwOLS#4+8#^?L1#Q3T&AI!3kSd9i9i1LzCNjIkRB#Qvw6B(XE7AqpB7UOMk9N zlL`DA(e@t5JSH6bHd*FbzDaw2TXIM(4`d=O09dws!HZh0uHlRNQ!hW?OnAPyx_)nL zNC{b;jvOn}=B3N7D@m7m?0w#u^9q^BzT}!6c-7C6qdqGY<9T_^MXvZM>~7VF zROr=iIO_a>a0sRTZ9qwWsuW9{xyI+cJ~&s|+92X)-mY0xvq%(X55umm;R?Oa4Lwca zSQ;7&h{OrzKk0d@v^)opuDaM8JAkoDMQ*A4F`mGXlC~G;)18b_DX3iG^|1?kcU{p& zYa}So$AGzV80E)Z$rw>nHe%scFEBhi?HYp_6RyRRJ$u ztNYDlUylUaQ|60ML3PMA-P}ruS@i&jenJXS`El?t=hD^tNOz;TFd)!N&10^0mkl5< z9lDUTn3$L!m6dsGYRwx0Y3QLo`z?!+$%UNJmu^O8MiJrFj29On+fE0}Ty6IfJrjKl zem(d9@8|fK65{@ib^G5U#bi(K+?0O zTV^PMX6EKpl+L>D&-i-^DkcA|BI2HRA&_7q>c#d#!_Tkn@IoSW>gkW?iY;N_n7>t~ z=7+_oZxU>MT3S*;87ctoQ4i`q?!WlRz3RS$*1BUQLiJ$Xp<3%hZfh&a9ReO6{w}q0 z5?X@elOc@{IVU-z`U;?&))qbUyl}ua2QN%ZODiZSXb6Q8qDGtFJ89y3_N>wI$2Z$b z&_BUMoaHM@@9d$6%X+5)3Vo@ZKW=$BEHdV?BxA7NPx3K=y3yfrnMx9TvoW=+9Hg$a zjh!8vsHiUKnmGqcNhNM#Vxr^qg)0Eby0ljO+d%Uu4xi7Fbei#rh{x0KD^|%kI9c+afM(&CQ{I zo~{7!t$(f|;eZ3*KiQmL6M0t5?^)sB4}fLkKbK_xR|<&dH+~3%*qQTJ3&eo+_+JXL L;FlFI-hKEVM+eXK literal 0 HcmV?d00001 diff --git a/docs/vpc/umn/en-us_image_0129473334.png b/docs/vpc/umn/en-us_image_0129473334.png deleted file mode 100644 index 9083ba2c1cab6f26f25ee4e4123f543e49a5be60..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 10485 zcmc(FX*iVc8}>AfJ%pm{QORBkg&4_FBH6d0$iDBpu@p&`60$2>ma*@{jHR+=X9i=2 z?2MhU5AXQDAAaTA`|17i9QPc@Gv|Gu*S$RFd0lsehPpB>H7hj$0HA%M@>ml9INwBS zyHb*qo~bgm-T(kM;K^foZSQj{SU+bSLgVfRJr4!h1#aq(8mkwla}4Dfz7hTmEcs~M zH?eh~r=0zrbXVWy3VT={-GQ=4<%g{4ckxy|GF6XnnH21t`-!4sd7<#Qxl8Nb#nsQ0 z->f5yA8B=N5n)|8yS3%(etdp>Mw=$j+I#AcP)^95V^|de?`6QTvs@^9<0j~0dja_5 z8)D3eXrMcI{SN8(vmnvQA9RvVU{`aV?1DtbCfr4KD_v-&z|Nq`^N*e8vr%2Q6o;c1O8yoxZNfuvJ;jX^R zsTodp)uFBPufhM1MmBFO0kD^n%zF9q<$Ps&8q2$1Z0+FzhdcQxG$BcU$KaG$dpQ_& zesa1k+JgP4epg#VBXhbf#_A!U*xU6JCj=WirlA%v<${&@{&n`Za;68!vr$HQR~FuQ z+!OX}&^%_MU@kz>Yl+^?vhbk#a=qU(Vs^!Ywl1iT4b5h9_joKbu$y7MtLqa7p@zeC zp2>F`)l6W?zH5ciK%*~9Q|Po3=HD+E zByI4Ecg_bpRRpmdb@uFbP0#zS8Ozlfy2Uwu4oI2c^HJu`AX7gC)bbyF7S~&CF`uRs zy|R&@H(|>nM`I@5(ZQmElPVjNwvA5_v+_9rW;rG2Ueon+Z<4q=6CfIS&%-OpSXf72 zFn*7iaxoRmTV+6V)8=^*xuDpD1uy?XbnfL`t}d8foK9|Oh)^B-57aanFfSgQe-rmW zdsi2(GF(CyoxsE|dsExxf!ey+5W>k)S?L^i(|~eZO%35RLgV6koB}rH&i`Ekwab-T$Ao3^cU}~3P=h@?+(K^;3cJZ|Eq^oHi7R-=*Cq%m=PRxM zZ8xxtuq%F&3k_knW+^+~UAqHc4|Fd-Jf=l;$H={6>05n_FA*eTsXdQPv#LP|Pc(vS zWNdU^IF>U_HujR+jP4ru%I3(undPAjq|i6a?+nfWobWmy(A+bgYuQCSRb9@_H~m%A zpl`rBMb@#gDgl=*71KLt{7^4(eGRSZrJR%==wnrDzT#ayZu_CtyjcTga4|j7c(i5` zja}dDJcbnnN(7d%ak7n*d3;%`JKyE*rthi`n(famMo?ZbQ zW*>%)|J3DoG@ibS<88Z!SGs|B-B@tMYtD9_G*Eps56xkrNzax)g{1KHT&2FB7z)LY$YsldnCYcIFqiwG!2xG8E^nB5(ZW!{!pCmNk3 z53?IN=oBSYk#$roPx%wNa1lM&y%)8jhv{=})kh+QmkXhcy@Ft| zP;eL7@?7s=ajK7`;-H`#m86E&%p{oLNn88U`TdQL1|~in1$XrJ@U-;=7aH|x3#^=% zBFam&ZGx3;umxUMh?SZwE{8<9JsRD$t1>r&2k^V5SC9opeTLeY~?s*9Jc6 zg{Dlat-PD1^rs;k3t+NFXRpj*Zd!M!a@i)5)rER;^l{PvSEB>JoTp)09b#dots2=4 z@*I8plhXm6JQ}w=bE0x~q_rQ;dwFYkW* z@-p3rV-9Ge-HD@}m_b3yo{*g$ zzlrBy^DHW-*}UXqE#-j%1A;$*LdHyL)cWc>p`2&0L0-%8Ap zTI~?<`*QI%O`F5=9jR3W<1_$_y=*8_4ek*1=%%n5lu0bU>$~a(5HjxZy^96 zOf+^2;e?ko(3;6kDWW1egd*xcju}6{#=KYW)s@R zp~pItZ&5%#oA~T2MIm^iR>~Wm_Qd!Z^oVv`>(dOrYna@$SQe14u$Celv}5SNmRL zqi|Q`R(Y8SV^?71QLc={z0b^B4B*Ut;HpxBq`I;z^l-Q}1VmW!si zk@7vmhDVd`OxyrE+5UcBJ{5_kzE8pZ#|h1k?9!{n8oC|3bxaH#ye6GoS9*>DwKsy5 z#t&9k1N>u)xXA*q#hwp7m_R~AcKCaaQbDvz>xVAWoV9wZdR+D>@Fa@qnd2^V_zi|T1`4?(CWM>NGI?22$kKDPEX?y zb*q-~4K0}J7{yty_jj}UuS9t;2pJRqG_wMn`sCmx(%e&@r{`BGy?$ZiAikm$|U)ADhKJ*aoMQ!%Y?ILonTaM2+u3i}oN4pA89|6N z;JsivxthsLZ4M6N17nFFA=8QWr6FX;7tq=>mb-h@DdSDo-3s|e+u<7w;x?3afhF0t`1zj?=w#7MT;A+X6 zJ&Ib~ps!`vYQ`Vhgir+!>SVU22Mp(x@6RFbmzwe_eX!R3lp^6Uu>V#K%j%>%U}HaH z+mQar@~1MwgUv^wAKu13dVBLv8Bf#?{hTzKZPBH|#^H=AH!_?o&_NLV!2ZX?@H#^K zM;(lThxuA;G@vcX{j)wr@DXDsmHVDgZQJ9KwEeCKR|SSZ-c!+{Jv*2W)ffF#mGf|`mMPkp5iBbCN&x)r{%e13j~r;nVZzsCS+5T3qA!9{35p#p^m z9@lzk^9nb@{;v=R1Q$_hV3Wn4GCulOa<^NZ15WxMySKCbtK6wcrzlN3Gb))UHq`z47v%Al?N!D~)ua159hoI7)ia+JJ;i+a*Zy@*Gx<$PKFOm0lJ&Xe>_6`dE7;R8@?`J(YVKh|C+)GA z({hbv$uEn~`uAkT)@}4_s&l59t^6tF5iZLkcUG`)J>?kA?pve95O{$pGH?k6Gg88o ziT%y8G6ak@X(UcX9&DK+K6CBlj#=@gc`ed=9Il`Xpn2L|N#S4&_3MWKT)9OgH4V*h zmU7GooPnBJR6${(j;7|Pe$S#0f6vMT=I@0Ah0o*jkGA48+Z+Yzmu(?lgj@03a>{8! z?8lZ)IT8(U^|e4_7_VczY)-Q0t{SWQ#nfr~u$jA;+kLrS>TRXitmDNX8XDYseyPO# zrxseuwzdX3vD>yp*BO*}423BD$nm@N`qggLc^aJ=mgcm6<(v zca+0D^ekFE>NTST(xJ`tfpEHE!io6v3dfAhPd$EBtMNI8_1l*l>)=@;jXnu;L^OeQ zOh;5 z@CCAhPG-BG*-w(S>oj^L=fj?b9h!T9E~+q>P9IENPJTUG>iTEvm^N=lXOE4voUEOI z8O1204E^0-(E-{A(>AR5F$pfi5{r|@$AvgdQFn@*_C8*9d!h?fn0unHcIc9S;Ql!} za5F&{I)*FtM(&IBsh^*`#MQNKlPvpWth(f>j)j)ESRHxKFy-~`LIFRG!Z0<)sA?^5 zvBIlBodSKG{3ki|--i&9f}IgTDZ%YGDJ!347Cb5x;LG0*)>IpyesRI*R|kruQ*M=J zl`ElP((Fe=3qKV;&W1-X6_1qj`u4*x8nh*aL~MX&0WsXNNcvk%=xbKB2?r+ClTyx! zX{Q-m=sZ_~>;vy-=m2fD4vnMP+!(n5^o~{UM>IY+Q*EpGJ#9hdm)b2ar6mfvD>>(M z@qU$?YA|Btkj0rPMv~xmGTe>;?WHz zB|Gn0gm^%p^DqbtZ3}XyLo!$=H7(6o^+CL25`XzIteYjHYMy0iT(@x>miR+Co`2y?f+VZ+lYC)Wt8Q=;(fP@K$2 z`~9l(^`kqwKYdY2zH{}C^{7u?&1)Z$qj$XCZ$q3L4>Jz-Z#0*y_6+S{0|9|6vsi+L z*P>a?T37GWjTbsL69^^=WTHsJ-nWrW-m110556=x_cy;{xJqaaYZb+%4x*5qiY%tq zMk;(eD}@uVF4MOs4AxAf!z&hR>pc&<)&HiSd5Vq;Ms*`zqQURVxe{HUS|R-j$aUHj zSz*qL;fw2R!IspuDMGqLyF{!+6jGsr5fR$`>~r@;F!%X$UPWF%`vl+WUa%U5Urm-b zD|%0&eotgFWQ5y$I2~$TM^>?$0OD05EEQzvYa}0Q7tT`TWEjn3uKiI;I99+uU#im% z@DnEHl?e8&h&*y|Js!N^MwxBNfUCc!Sb+Q7ed-zKjq~5iapb>!lF^h+#wOk^IMOQa`zV6BxIiPm`wF7o zSn%mhYXkiSNNEw-*h2BgmMahVg^wR|^PaPNQ99yS{@ZZQ)Efi2aw5HOz^(4rMF0No z)7W?hFt^sZ68gXnp`Vdo;aBT5XkZG*l@u-INj3#VF(kGi;CU(hJVmq(LR`Ufa3&Zl z&S$MsJ3S%?6W&1n2-P#f)wod<$`W)P4v-3bRgk<&|E*Uf!4u%v0R1j6uTskn zGS-ikmYW%`qY$4gRZ>CQkULO}EE&F{9J>Ca@*6ZQk5i;ufr9Y1 zaF0sxO@mJK_qh*SI<6i2OCF1`19VqUw39yJtvw5~|8AepMqR_B%x+dqx#ngg_eFIp}QVoewRj>Cc$LQ|ihdC1*m& zQi&amSxN^v;q0*MS9?If+n-y%=CD7brN+s*Mp0CsbpVh0Ih>EqsTW{98q>`PELSX^ zb)OF;GMZZ^US|S2+yZk=l5Y@ievhYNF|3t-Mr?sYrn$cF?qxHwQH(v*jhL*Ff5v?8 z<|I}-DSMG$q`0xU^b`4OJ0boAQZ8-_M4Gcft;!3V6s-mB5VPdOdq$@!01+ff?RI}5 zzFTVBtI+@>f09*0IOK57y@`3(6Z4kn;m}twf0Qs_vy_(8(I~AS<$66}w8;=PKE}2( z%Jxc1YRMgjtJ&t;wHMeUc*#wbcQwxSm^%3@l;|p^vovhE-jax$k4YUZDjTP^=U^~i-0LgF5;-Q{ht-%qj28oK4_ntRF=d3$~3L#J9!MCp@ z;6vNr0Dun|DGw(nK9*l14}G;^zskNCCj?wk=DzZ|lW=Z_Q~7n4EIr2+y2l;~b0h7) zUDe{So85Urx2t8F(xh*0)2KI5hs<5YA2p$dm+R$A%oa;3=zhGCGsmCzFCmZ}SCKHd z-nu`+z_^@8DE7zFIf!lCqvna4>MT*{UD4`!_Ov78S<%lnD>!b-)qwPaS{Jw!LFofVaIf+v_h7o>;>m*`|ERm&pI55g1QdJJ%1l=%w7rSQNBF zG>oU8m+^V&tM=LGMqFAL{#VjT{;DYAyWGjFst&aDY1eYz@z9fb$bkYj@UUu$OJ+F# zSn9WY<_f6XQPp>fhhwtp&zrB2zSKaH)T=h9A zgj*x+rNgh)%l9)C+K%S>((1Q0|HRS|8vB{I1l(NDb6t4=O%Ug|1|tm1HY-qvNNGF zXL{z2)jDSz}kH>9F5;y|9_&*;I2%-^NI3(vAuesztMJ)C-{ zo_a4jI&FC62q7R+XPEU=RC`T*CFPyhgfEaI8jVWtoLf~NLfM`i6Qz8&t(7`FSH^S# zsA)WQMy;$WIRyWX3^qmH_MF)}8AA47h2PG#P`+Z;^^W z-n+#Rfl6>S$wghYsL0J#8Xg{Iz31(G)CDe!%oNr_`YNGW=IAaauu(UWSW7DXZqH9fS(`1RSogFlm z6$C}RV=0TEn$0oUR~7KG;}RJrel*jQxhu1FziXy4XK0=s+SsTyc%SP={MOt`Z_oRL zwH#uWPu23x9N1LS!OC5&OX+jT<<>D1oVdF{8!B&fROBVOI6h9RPlN46MLB+{R6C#4 zO~%VI%__a3NU3XkF8Fcw{DgC}lQID@Wr@ABubEb8xPn_(hG9MQJs`bW8#(5LK|dv% ztouhb*AU%_dAkUnD_Ks&A- zr-ZQCEmH%pUDMXcb{xGhGyU9lG^CO{;Q&fhba20(V&C zHOy8?^0)q`+w)u`k|1glw{_(Z1F7xN^M}sT+bn!rEIZ1sk(1ktB3}tS@SN^;%&Y@o zYf8;O%pU8hnmgsXMC#x4A?<<);IT&*hl<(!1_fX75V2!^%{ePKTKbP~^O}2CBhuH` z$H3@STS&hrMy9nvMO*-if5=g(+Y5PLLLV|A<#00XR5?TNBAf^a>eOvG5GSmlS#l0? z%8Ad8BLelu6{UPM)*1=X4&86StDsY126P{}q?UBcp#*1X;U88^CFw zlhA^)ET+zHUO4`=Vnt8&vezl8sAHTXLYVGv6s5I+689Bl zyzb2+Ij!_F8S3NJg8DFca`58h68~+QU=*`T!xg8M#tJzQVg-o%3E8+0xf}y!!VMrA zH^?LZgai_Gb#7h-04PgO?*a(lGOlPAF|JvxSot%)zI&U%Apk3KUJ>5OKb|8FO#o-a z*;<&o?;|C45&f@#QAeIEIjA>d!=2fw1EZ!;q{Lwo7yrIcHLM<&(qGE6*6j^bX01_4 zx@O4}6vQ-ABRR1BfO`>*#EDzIi#IS(%^MHr&r4$Qx+_%MpI~5;UC(i-v*IZ^;+T0E zbO_5Ic41-iI*tx|ekF@)g5z~#po5gFcKG-j5Z<#B1}s1Yb9gw?F##WtJ{fcdjdOO* z*ptbgfTNZl5c}(>3$^eyg)FbFR`@ za($B3MXE18lKbG@HD8r%HRzdg?IicUG1_DcE}~9N8XiK3M>q_BTg*Xa@w>PZ(~g3R zj^<1v$I}Ara>ahz(MhNyX-mkBONH>^i;jqJ$u*|9DN)dv$xA#Bv8WPPGj5y2(|sEw zn>YgqK4K`9ZA5M!%nwTy9h-Od*IcV4D5ZTcSOR3cmHh@@@g%F-(wr+h zxXDKN<@w+H&uP{tEVgC((3blFFQ-{T1GWBmpEr{XdovvI;~itl1#)7rd1R>N;6}GO z<_1!Q9Ws`N%pDV0^>Tmgg=G6dM9qw?QH&oEeGVr~R;P9Gm82|pFuZ1p3OlUW1_9uZM!GjRV0ZNu75A*Rv9(t_VoIvwM=~wj9 zhSxmbiyYOfr%`>}9j27K%GJBc)O-?F(L%J2PwS2m{dF7Y#m}Q}wG7e{Tn=3&08yj3uJQI^vD2CPd; zEwjyBP---;Y;VD~2iq(MlzqiFwkeEciM(%=-uSbSLVL3v2x4V+=4~;In;kJ%3K4Jo zXp*vAf#*y!3-E*Obe8PfcuNY&1A@sxzmD7ehI&;$TD?)E__b*pswWch5Y_%G0HwOq zH0jJOAo&T8QbfkcnF+npwmI=HcYU(1awG9=6%x(EMvICnPTqgbi+o(r! zF2efXBp1ZGA{)bH^_F;`Dpv8xYI)P2I20$$h>-h`+$IaBk1+Hz+d>Y6p*v^k*#kZn zFEbf6(SXWHInESt-u%L4Pk7T4|Dngem~v)d5>>787olpfXMJ&mC&r`qDB$KI_2>b= zi8*hRQl1&w>CUG9+XXQb(q$(p;HryR@rAKWO;q>Kly6wd2IX1d0b>6Kukrqc$UK_N z$UGx_ruQHB*#R!SmSpLA8JV&F7SE~l*dBYB#f*^?|`?v6>vW4Bscd4us?P86A?LXtYDab770 z0!0^b^`ct5Uy1Zvw$?e>8sx9dDaY@lwDpHPqfP>%A9aX{WCFxvodfUZZ|NKZ6naJ1 z7-eW`^LieZq)2hf6jzAe`iwW>p^1?cg{nhwwrL^KJ1CtAq|%?J{y@W{7_cXq6nhEm zVSM*>xzPrL|Eg|36O9Lo97g}C@@y(k7Si_ONe0*B2PbqWAMG4<#Un=vB4PZnw_FAl z2rG!082&|@qV4g$hg8%Os5_S1o_=wx6}mMKiH#dn3u2udTw$6e{$(p-DS-3Q^$K_E zk6v`0Y$JBq3kKjN@Qj12_z{Po;)XvH?yWf>B*EiLoWp71YYkVWO1gTbBQI|m#bRq~ zs||s`
  • In the navigation pane on the left, choose Access Control > Security Groups.

    The security group list is displayed.

  • In the upper right corner, click Create Security Group.

    The Create Security Group page is displayed.

  • Configure the parameters as prompted.
    Figure 1 Create Security Group
    -

    -
    Table 1 Parameter description

    Parameter

    +
    - - - - - - - - - - - - - - diff --git a/docs/vpc/umn/en-us_topic_0013748726.html b/docs/vpc/umn/en-us_topic_0013748726.html index 4178e7cc9..57a95dc05 100644 --- a/docs/vpc/umn/en-us_topic_0013748726.html +++ b/docs/vpc/umn/en-us_topic_0013748726.html @@ -32,11 +32,20 @@ - - - + + + + - @@ -57,7 +57,7 @@ diff --git a/docs/vpc/umn/en-us_topic_0013935842.html b/docs/vpc/umn/en-us_topic_0013935842.html index d429e8cd5..010bc423a 100644 --- a/docs/vpc/umn/en-us_topic_0013935842.html +++ b/docs/vpc/umn/en-us_topic_0013935842.html @@ -9,11 +9,11 @@
    Table 1 Parameter description

    Parameter

    Description

    +

    Description

    Example Value

    +

    Example Value

    Name

    +

    Name

    Mandatory

    +

    Mandatory

    Enter the security group name.

    The security group name can contain a maximum of 64 characters, which may consist of letters, digits, underscores (_), hyphens (-), and periods (.). The name cannot contain spaces.

    NOTE:

    You can change the security group name after a security group is created. It is recommended that you give each security group a different name.

    sg-AB

    +

    sg-AB

    Enterprise Project

    +

    Enterprise Project

    Mandatory

    +

    Mandatory

    When creating a security group, you can add the security group to an enabled enterprise project.

    An enterprise project facilitates project-level management and grouping of cloud resources and users. The name of the default project is default.

    default

    +

    default

    Template

    +

    Template

    Mandatory

    +

    Mandatory

    A template comes with default security group rules, helping you quickly create security groups. The following templates are provided:

    • Custom: This template allows you to create security groups with custom security group rules.
    • General-purpose web server (default value): The security group that you create using this template is for general-purpose web servers and includes default rules that allow all inbound ICMP traffic and allow inbound traffic on ports 22, 80, 443, and 3389.
    • All ports open: The security group that you create using this template includes default rules that allow inbound traffic on any port. Note that allowing inbound traffic on any port poses security risks.

    General-purpose web server

    +

    General-purpose web server

    Description

    +

    Description

    Optional

    +

    Optional

    Supplementary information about the security group. This parameter is optional.

    The security group description can contain a maximum of 255 characters and cannot contain angle brackets (< or >).

    N/A

    +

    N/A

    Subnet

    CIDR Block

    +

    IPv4 CIDR Block

    The CIDR block for the subnet. This value must be within the VPC CIDR block.

    +

    The CIDR block for the subnet. This value must be within the VPC CIDR block.

    192.168.0.0/24

    +

    192.168.0.0/24

    +

    IPv6 CIDR Block

    +

    Specifies whether to set IPv6 CIDR Block to Enable.

    +

    +

    If you select this option, the system automatically assigns an IPv6 CIDR block to the created subnet. Currently, the IPv6 CIDR block cannot be customized. IPv6 cannot be disabled after the subnet is created.

    +

    -

    Associated Route Table

    diff --git a/docs/vpc/umn/en-us_topic_0013748738.html b/docs/vpc/umn/en-us_topic_0013748738.html index d0f39bc9b..84d213552 100644 --- a/docs/vpc/umn/en-us_topic_0013748738.html +++ b/docs/vpc/umn/en-us_topic_0013748738.html @@ -26,7 +26,7 @@

    EIP Type

    • Dynamic BGP: Dynamic BGP provides automatic failover and chooses the optimal path when a network connection fails.
    • Mail BGP: EIPs with port 25, 465, or 587 enabled are used for email services.
    +
    • Dynamic BGP: Dynamic BGP provides automatic failover and chooses the optimal path when a network connection fails.
    • Mail BGP: EIPs with port 25, 465, or 587 enabled are used for email services.

    The selected EIP type cannot be changed after the EIP is assigned.

    Dynamic BGP

    @@ -35,7 +35,7 @@

    Billed By

    Two options are available:

    -
    • Dedicated: The bandwidth can be used by only one EIP.
    • Shared: The bandwidth can be shared by multiple EIPs.
    +
    • Dedicated: The bandwidth can be used by only one EIP.
    • Shared: The bandwidth can be shared by multiple EIPs.

    Dedicated

    Enterprise Project

    The enterprise project that the EIP belongs to.

    -

    An enterprise project facilitates project-level management and grouping of cloud resources and users. The name of the default project is default.

    +

    An enterprise project facilitates project-level management and grouping of cloud resources and users. The name of the default project is default.

    default

    - - - @@ -89,20 +89,30 @@ - - - - + + + + + - diff --git a/docs/vpc/umn/en-us_topic_0017816228.html b/docs/vpc/umn/en-us_topic_0017816228.html index 4aface7dd..6ebe1ea57 100644 --- a/docs/vpc/umn/en-us_topic_0017816228.html +++ b/docs/vpc/umn/en-us_topic_0017816228.html @@ -6,11 +6,11 @@
    Table 1 VPC parameter descriptions

    Category

    Parameter

    +

    Parameter

    Description

    +

    Description

    Example Value

    +

    Example Value

    Subnet

    Default Subnet

    +

    Default Subnet

    CIDR Block

    +

    IPv4 CIDR Block

    The CIDR block for the subnet. This value must be within the VPC CIDR block.

    +

    The CIDR block for the subnet. This value must be within the VPC CIDR block.

    192.168.0.0/24

    +

    192.168.0.0/24

    +

    Default Subnet

    +

    IPv6 CIDR Block

    +

    Specifies whether to set IPv6 CIDR Block to Enable.

    +

    After the IPv6 function is enabled, the system automatically assigns an IPv6 CIDR block to the created subnet. Currently, the IPv6 CIDR block cannot be customized. IPv6 cannot be disabled after the subnet is created.

    +

    -

    Default Subnet

    Associated Route Table

    The default route table to which the subnet will be associated. You can change the route table to a custom route table on the Subnets page.

    +

    The default route table to which the subnet will be associated. You can change the route table to a custom route table on the Subnets page.

    Default

    - - - @@ -86,20 +86,30 @@ - - - - + + + + + - diff --git a/docs/vpc/umn/en-us_topic_0030969460.html b/docs/vpc/umn/en-us_topic_0030969460.html index 2131450f0..801f3cb94 100644 --- a/docs/vpc/umn/en-us_topic_0030969460.html +++ b/docs/vpc/umn/en-us_topic_0030969460.html @@ -8,6 +8,8 @@
  • Subnet
    • +
  • IPv4 and IPv6 Dual-Stack Network
    +
    • diff --git a/docs/vpc/umn/en-us_topic_0030969470.html b/docs/vpc/umn/en-us_topic_0030969470.html index 7470e0b52..154f1dcca 100644 --- a/docs/vpc/umn/en-us_topic_0030969470.html +++ b/docs/vpc/umn/en-us_topic_0030969470.html @@ -19,54 +19,53 @@
  • Locate the row that contains the target security group, and click Manage Rule in the Operation column.

    The page for configuring security group rules is displayed.

  • On the Inbound Rules tab, click Add Rule.

    The Add Inbound Rule dialog box is displayed.

  • Configure required parameters.

    You can click + to add more inbound rules.

    -

    Figure 1 Add Inbound Rule
    -
    • Table 1 VPC parameter descriptions

    Category

    Parameter

    +

    Parameter

    Description

    +

    Description

    Example Value

    +

    Example Value

    Subnet

    Default Subnet

    +

    Default Subnet

    CIDR Block

    +

    IPv4 CIDR Block

    The CIDR block for the subnet. This value must be within the VPC CIDR block.

    +

    The CIDR block for the subnet. This value must be within the VPC CIDR block.

    192.168.0.0/24

    +

    192.168.0.0/24

    +

    Default Subnet

    +

    IPv6 CIDR Block

    +

    Specifies whether to set IPv6 CIDR Block to Enable.

    +

    After the IPv6 function is enabled, the system automatically assigns an IPv6 CIDR block to the created subnet. Currently, the IPv6 CIDR block cannot be customized. IPv6 cannot be disabled after the subnet is created.

    +

    -

    Default Subnet

    Associated Route Table

    The default route table to which the subnet will be associated. You can change the route table to a custom route table on the Subnets page.

    +

    The default route table to which the subnet will be associated. You can change the route table to a custom route table on the Subnets page.

    Default
    + + + + - @@ -56,8 +56,8 @@ diff --git a/docs/vpc/umn/vpc_faq_0059.html b/docs/vpc/umn/vpc_faq_0059.html index 8c8ad7d7c..12d90d34e 100644 --- a/docs/vpc/umn/vpc_faq_0059.html +++ b/docs/vpc/umn/vpc_faq_0059.html @@ -5,7 +5,7 @@

    Security Group Configuration

    You can configure port 69 and configure data channel ports used by TFTP for the security group. In RFC1350, the TFTP protocol specifies that ports available to data channels range from 0 to 65535. However, not all these ports are used by the TFTP daemon processes of different applications. You can configure a smaller range of ports for the TFTP daemon.

    The following figure provides an example of the security group rule configuration if the ports used by data channels range from 60001 to 60100.

    -
    Figure 1 Security group rules
    +
    Figure 1 Security group rules
    diff --git a/docs/vpc/umn/vpc_faq_0075.html b/docs/vpc/umn/vpc_faq_0075.html index f5f7afed2..5a3b44b31 100644 --- a/docs/vpc/umn/vpc_faq_0075.html +++ b/docs/vpc/umn/vpc_faq_0075.html @@ -130,6 +130,13 @@
    + + + +
    Table 1 Inbound rule parameter description

    Parameter

    +
    - - - - - - - - - - - - - - - - @@ -75,54 +74,53 @@
  • Click OK.

    The inbound rule list is displayed.

  • On the Outbound Rules tab, click Add Rule.

    The Add Outbound Rule dialog box is displayed.

  • Configure required parameters.

    You can click + to add more outbound rules.

    -

    Figure 2 Add Outbound Rule
    -
    • Table 1 Inbound rule parameter description

    Parameter

    Description

    +

    Description

    Example Value

    +

    Example Value

    Protocol & Port

    +

    Protocol & Port

    The network protocol used to match traffic in a security group rule.

    +

    The network protocol used to match traffic in a security group rule.

    Currently, the value can be All, TCP, UDP, GRE, ICMP, or more.

    TCP

    +

    TCP

    Port: The port or port range over which traffic can reach your ECS. The value can be from 1 to 65535.

    +

    Port: The port or port range over which traffic can reach your ECS. The value can be from 1 to 65535.

    22, or 22-30

    +

    22, or 22-30

    Type

    +

    Type

    Source IP address version. You can select:
    • IPv4
    • IPv6
    +
    Source IP address version. You can select:
    • IPv4
    • IPv6

    IPv4

    +

    IPv4

    Source

    +

    Source

    Source of the security group rule. The value can be an IP address or a security group to allow access from IP addresses or instances in the security group. For example:
    • IP address:
      • Single IP address: 192.168.10.10/32
      • All IP addresses: 0.0.0.0/0
      • IP address range: 192.168.1.0/24
      -
    • Security group: sg-A
    +
    Source of the security group rule. The value can be an IP address, a security group, or an IP address group to allow access from IP addresses or instances in the security group. For example:
    • IP address:
      • Single IP address: 192.168.10.10/32
      • All IP addresses: 0.0.0.0/0
      • IP address range: 192.168.1.0/24
      +
    • Security group: The source is from another security group. You can select a security group in the same region under the current account from the drop-down list. Instance A is in security group A and instance B is in security group B. If security group A has an inbound rule with Action set to Allow and Source set to security group B, access from instance B is allowed to instance A.
    • IP address group: An IP address group is a collection of one or more IP addresses. You can select an available IP address group from the drop-down list. An IP address group can help you manage IP address ranges and IP addresses with same security requirements in a more simple way.

    If the source is a security group, this rule will apply to all instances associated with the selected security group.

    0.0.0.0/0

    +

    0.0.0.0/0

    Description

    +

    Description

    Supplementary information about the security group rule. This parameter is optional.

    +

    Supplementary information about the security group rule. This parameter is optional.

    The security group rule description can contain a maximum of 255 characters and cannot contain angle brackets (< or >).

    N/A

    +

    N/A
    @@ -40,7 +40,7 @@
    • IP address:
      • Example IPv4 address: 192.168.10.10/32
      • Example IPv6 address: 2002:50::44/128
      • Example IPv4 address range: 192.168.52.0/24 All IPv4 addresses: 0.0.0.0/0
      • Example IPv6 address range: 2407:c080:802:469::/64 All IPv6 addresses: ::/0
    • Security group: You can select another security group in the same region under the current account as the destination.

      For example, instance A is in security group A and instance B is in security group B. If security group A has a rule with Destination set to security group B, access from instance A is allowed to instance B.

      -
    +
  • IP address group: If you have multiple IP address ranges and IP addresses with same security requirements, add them to an IP address group and select the group as the destination to help you manage them in a more simple way.
    • diff --git a/docs/vpc/umn/permission_0004.html b/docs/vpc/umn/permission_0004.html index 5434a6683..43d1dc30d 100644 --- a/docs/vpc/umn/permission_0004.html +++ b/docs/vpc/umn/permission_0004.html @@ -4,7 +4,7 @@

    Custom policies can be created to supplement the system-defined policies of VPC. For the actions supported for custom policies, see Permissions Policies and Supported Actions.

    You can create custom policies in either of the following ways:

    • Visual editor: Select cloud services, actions, resources, and request conditions. This does not require knowledge of policy syntax.
    • JSON: Edit JSON policies from scratch or based on an existing policy.
    -

    For operation details, see Creating a Custom Policy. The following section contains examples of common VPC custom policies.

    +

    For operation details, see Creating a Custom Policy. The following section contains examples of common VPC custom policies.

    Example Custom Policies

    • Example 1: Allowing users to create and view VPCs
      { 
     "Version": "1.1", 
     "Statement": [ 
diff --git a/docs/vpc/umn/vpc010005.html b/docs/vpc/umn/vpc010005.html
index c8ac26a5d..53c6d4725 100644
--- a/docs/vpc/umn/vpc010005.html
+++ b/docs/vpc/umn/vpc010005.html
@@ -38,7 +38,7 @@
    diff --git a/docs/vpc/umn/vpc010006.html b/docs/vpc/umn/vpc010006.html index 1bc6fbcea..b2cfbda59 100644 --- a/docs/vpc/umn/vpc010006.html +++ b/docs/vpc/umn/vpc010006.html @@ -5,7 +5,7 @@

    Notes and Constraints

    • The type of EIPs must be the same as that of the shared bandwidth the EIPs to be added to.
    • Do not add EIPs of the dedicated load balancer type (5_gray) and other types to the same shared bandwidth. Otherwise, the bandwidth limit policy will not take effect.
    -

    Procedure

    1. Log in to the management console.
    1. Click in the upper left corner and select the desired region and project.
    2. Click in the upper left corner and choose Network > Elastic IP.
    3. In the navigation pane on the left, choose Elastic IP and Bandwidth > Shared Bandwidths.
    4. In the shared bandwidth list, locate the row that contains the shared bandwidth that you want to add EIPs to. In the Operation column, choose Add EIP, and select the EIPs to be added.
      • After an EIP is added to a shared bandwidth, the dedicated bandwidth used by the EIP will become invalid and the EIP will start to use the shared bandwidth. The EIP's dedicated bandwidth will be deleted and will no longer be billed.
      +

      Procedure

      1. Log in to the management console.
      1. Click in the upper left corner and select the desired region and project.
      2. Click in the upper left corner and choose Network > Elastic IP.
      3. In the navigation pane on the left, choose Elastic IP and Bandwidth > Shared Bandwidths.
      4. In the shared bandwidth list, locate the row that contains the shared bandwidth that you want to add EIPs to. In the Operation column, choose Add EIP, and select the EIPs to be added.
        • After an EIP is added to a shared bandwidth, the dedicated bandwidth used by the EIP will become invalid and the EIP will start to use the shared bandwidth. The EIP's dedicated bandwidth will be deleted and will no longer be billed.
        Figure 1 Add EIP
      5. Click OK.
      diff --git a/docs/vpc/umn/vpc010007.html b/docs/vpc/umn/vpc010007.html index 920879949..ce59ad6a3 100644 --- a/docs/vpc/umn/vpc010007.html +++ b/docs/vpc/umn/vpc010007.html @@ -3,7 +3,7 @@

      Removing EIPs from a Shared Bandwidth

      Scenarios

      Remove EIPs that are no longer required from a shared bandwidth if needed.

      -

      Procedure

      1. Log in to the management console.
      1. Click in the upper left corner and select the desired region and project.
      2. Click in the upper left corner and choose Network > Elastic IP.
      3. In the navigation pane on the left, choose Elastic IP and Bandwidth > Shared Bandwidths.
      4. In the shared bandwidth list, locate the row that contains the bandwidth from which EIPs are to be removed, choose More > Remove EIP in the Operation column, and select the EIPs to be removed in the displayed dialog box.
        Figure 1 Remove EIP
        +

        Procedure

        1. Log in to the management console.
        1. Click in the upper left corner and select the desired region and project.
        2. Click in the upper left corner and choose Network > Elastic IP.
        3. In the navigation pane on the left, choose Elastic IP and Bandwidth > Shared Bandwidths.
        4. In the shared bandwidth list, locate the row that contains the bandwidth from which EIPs are to be removed, choose More > Remove EIP in the Operation column, and select the EIPs to be removed in the displayed dialog box.
          Figure 1 Remove EIP
        5. Click OK.
      diff --git a/docs/vpc/umn/vpc010013.html b/docs/vpc/umn/vpc010013.html index 9547eb340..9d9c1efc1 100644 --- a/docs/vpc/umn/vpc010013.html +++ b/docs/vpc/umn/vpc010013.html @@ -6,7 +6,7 @@

      Procedure (Elastic IP and Bandwidth Console)

      1. Log in to the management console.
      2. Click in the upper left corner and select the desired region and project.
      3. Click in the upper left corner and choose Network > Elastic IP.
      4. On the EIPs page, search for the EIP, click More in the Operation column, and click View Metric to view the monitoring metric details.
      5. In the navigation pane on the left, choose Elastic IP and Bandwidth > Shared Bandwidths.
      6. On the Shared Bandwidths page, locate the shared bandwidth, click More in the Operation column, and click View Metric to view the monitoring metric details.
      -

      Procedure (Cloud Eye Console)

      1. Log in to the management console.
      1. Click in the upper left corner and select the desired region and project.
      2. In the upper left corner of the page, click to open the service list and choose Management & Deployment > Cloud Eye.
      3. Click Cloud Service Monitoring on the left of the page, and choose Elastic IP and Bandwidth.
      4. Locate the row that contains the target bandwidth or EIP and click View Metric in the Operation column to check the bandwidth or EIP monitoring information.
      +

      Procedure (Cloud Eye Console)

      1. Log in to the management console.
      1. Click in the upper left corner and select the desired region and project.
      2. In the upper left corner of the page, click to open the service list and choose Management & Deployment > Cloud Eye.
      3. Click Cloud Service Monitoring on the left of the page, and choose Elastic IP and Bandwidth.
      4. Locate the row that contains the target bandwidth or EIP and click View Metric in the Operation column to check the bandwidth or EIP monitoring information.
      diff --git a/docs/vpc/umn/vpc_0002.html b/docs/vpc/umn/vpc_0002.html new file mode 100644 index 000000000..f18478563 --- /dev/null +++ b/docs/vpc/umn/vpc_0002.html @@ -0,0 +1,83 @@ + + +

      IPv4 and IPv6 Dual-Stack Network

      +

      What Is an IPv4/IPv6 Dual-Stack Network?

      IPv4 and IPv6 dual-stack allows your resources, such as ECSs, to use both IPv4 and IPv6 addresses for private and public network communications. For example, if ECSs use the IPv4/IPv6 dual-stack network:
      • ECSs can communicate with each other using private IPv4 addresses.
      • ECSs can communicate with the Internet after they are bound with EIPs.
      • ECSs can communicate with each other using IPv6 addresses.
      • ECSs can communicate with the Internet after their IPv6 addresses are added to shared bandwidths.
      +

      If you select Enable for IPv6 CIDR Block when creating a subnet, an IPv6 CIDR block will be automatically assigned to the subnet.

      +

      Basic operations on IPv4 and IPv6 dual-stack networks are the same as those on IPv4 networks, except some parameters. Check the console pages for details.

      +
      +
      +
      +

      Notes and Constraints

      • Only certain ECS specifications support IPv6 networks and can use IPv4/IPv6 dual-stack networks. You need to select such ECSs in supported regions.
        To check which ECSs support IPv6:
        • On the ECS console, click Buy ECS. On the displayed page, view the ECS specifications.

          If there is the IPv6 parameter with the value of Yes, the ECS specifications support IPv6.

          +
        +
        +
      +
      +

      IPv6 Application Scenarios

      If your ECS supports IPv6, you can use the IPv4/IPv6 dual-stack network. Table 1 shows the example application scenarios. +
    Table 2 Outbound rule parameter description

    Parameter

    +
    - - - - - - - - - - - - - - - - diff --git a/docs/vpc/umn/en-us_topic_0038263963.html b/docs/vpc/umn/en-us_topic_0038263963.html index 6d6010d12..dde7ab9a9 100644 --- a/docs/vpc/umn/en-us_topic_0038263963.html +++ b/docs/vpc/umn/en-us_topic_0038263963.html @@ -4,12 +4,14 @@

    Route Tables

    A route table contains a set of routes that are used to determine where network traffic from your subnets in a VPC is directed. Each subnet must be associated with a route table. A subnet can only be associated with one route table, but you can associate multiple subnets with the same route table.

    Figure 1 Route tables
    • Default route table: When you create a VPC, the system automatically generates a default route table for the VPC. If you create a subnet in the VPC, the subnet automatically associates with the default route table. The default route table ensures that subnets in a VPC can communicate with each other.
      • You can add routes to, delete routes from, and modify routes in the default route table, but cannot delete the table.
      • When you create a VPC endpoint, VPN or Direct Connect connection, the default route table automatically delivers a route that cannot be deleted or modified.
      -
    • Custom route table: If you do not want to use the default route table, you can create a custom route table and associate it with the subnet. Custom route tables can be deleted if they are no longer required.

      The custom route table associated with a subnet affects only the outbound traffic. The default route table controls the inbound traffic.

      +
    • Custom route table: If you do not want to use the default route table, you can create a custom route table and associate it with the subnet. Custom route tables can be deleted if they are no longer required.

      The custom route table associated with a subnet affects only the outbound traffic. The default route table of a subnet controls the inbound traffic.

    Route

    You can add routes to default and custom route tables and configure the destination, next hop type, and next hop in the routes to determine where network traffic is directed. Routes are classified into system routes and custom routes.

    -
    • System routes: These routes are automatically added by the system and cannot be modified or deleted.
      After a route table is created, the system automatically adds the following system routes to the route table, so that instances in a VPC can communicate with each other.
      • Routes whose destination is 100.64.0.0/10 or 198.19.128.0/20.
      • Routes whose destination is a subnet CIDR block.

        In addition to the preceding system routes, the system automatically adds a route whose destination is 127.0.0.0/8. This is the local loopback address.

        +
        • System routes: These routes are automatically added by the system and cannot be modified or deleted.
          After a route table is created, the system automatically adds the following system routes to the route table, so that instances in a VPC can communicate with each other.
          • Routes whose destination is 100.64.0.0/10 or 198.19.128.0/20.
          • Routes whose destination is a subnet CIDR block.
            If you enable IPv6 when creating a subnet, the system automatically assigns an IPv6 CIDR block to the subnet. Then, you can view IPv6 routes in its route table. Example destinations of subnet CIDR blocks are as follows:
            • IPv4: 192.168.2.0/24
            • IPv6: 2407:c080:802:be7::/64
            +
            +

            In addition to the preceding system routes, the system automatically adds a route whose destination is 127.0.0.0/8. This is the local loopback address.

          diff --git a/docs/vpc/umn/en-us_topic_0046655036.html b/docs/vpc/umn/en-us_topic_0046655036.html index 1efe996d4..d1775cfc0 100644 --- a/docs/vpc/umn/en-us_topic_0046655036.html +++ b/docs/vpc/umn/en-us_topic_0046655036.html @@ -1,7 +1,7 @@

          VPC Peering Connection Overview

          -

          What Is a VPC Peering Connection?

          A VPC peering connection is a networking connection between two VPCs and enables them to communicate using private IP addresses. The VPCs to be peered can be in the same account or different accounts, but must be in the same region. +

          What Is a VPC Peering Connection?

          A VPC peering connection is a networking connection that connects two VPCs for them to communicate using private IP addresses. The VPCs to be peered can be in the same account or different accounts, but must be in the same region.
          Figure 1 shows an application scenario of VPC peering connections.
          • There are two VPCs (VPC-A and VPC-B) in region A that are not connected.
          • Service servers (ECS-A01 and ECS-A02) are in VPC-A, and database servers (RDS-B01 and RDS-B02) are in VPC-B. The service servers and database servers cannot communicate with each other.
          • You need to create a VPC peering connection (peering-AB) between VPC-A and VPC-B so the service servers and database servers can communicate with each other.
          diff --git a/docs/vpc/umn/en-us_topic_0046655037.html b/docs/vpc/umn/en-us_topic_0046655037.html index c8639be22..a4e6c52dd 100644 --- a/docs/vpc/umn/en-us_topic_0046655037.html +++ b/docs/vpc/umn/en-us_topic_0046655037.html @@ -3,8 +3,10 @@

          Creating a VPC Peering Connection with Another VPC in Your Account

          Scenarios

          If two VPCs from the same region cannot communicate with each other, you can use a VPC peering connection. This section describes how to create a VPC peering connection between two VPCs in the same account.

          This following describes how to create a VPC peering connection between VPC-A and VPC-B in account A to enable communications between ECS-A01 and RDS-B01.

          -
          Procedure:
          1. Step 1: Create a VPC Peering Connection
          2. Step 2: Add Routes for the VPC Peering Connection
          3. Step 3: Verify Network Connectivity
          -
          +

          Procedure:

          +

          Step 1: Create a VPC Peering Connection

          +

          Step 2: Add Routes for the VPC Peering Connection

          +

          Step 3: Verify Network Connectivity

          Figure 1 Networking diagram of a VPC peering connection between VPCs in the same account

          Notes and Constraints

          • Only one VPC peering connection can be created between two VPCs at the same time.
          • A VPC peering connection can only connect VPCs in the same region. @@ -165,7 +167,7 @@
    - diff --git a/docs/vpc/umn/en-us_topic_0046655038.html b/docs/vpc/umn/en-us_topic_0046655038.html index 5e7aef025..722b851e5 100644 --- a/docs/vpc/umn/en-us_topic_0046655038.html +++ b/docs/vpc/umn/en-us_topic_0046655038.html @@ -3,8 +3,11 @@

    Creating a VPC Peering Connection with a VPC in Another Account

    Scenarios

    If two VPCs from the same region cannot communicate with each other, you can use a VPC peering connection. This section describes how to create a VPC peering connection between two VPCs in different accounts.

    This following describes how to create a VPC peering connection between VPC-A in account A and VPC-B in account B to enable communications between ECS-A01 and RDS-B01.

    -
    Procedure:
    1. Step 1: Create a VPC Peering Connection
    2. Step 2: Peer Account Accepts the VPC Peering Connection Request
    3. Step 3: Add Routes for the VPC Peering Connection
    4. Step 4: Verify Network Connectivity
    -
    +

    Procedure:

    +

    Step 1: Create a VPC Peering Connection

    +

    Step 2: Peer Account Accepts the VPC Peering Connection Request

    +

    Step 3: Add Routes for the VPC Peering Connection

    +

    Step 4: Verify Network Connectivity

    Figure 1 Networking diagram of a VPC peering connection between VPCs in different accounts

    Notes and Constraints

    • Only one VPC peering connection can be created between two VPCs at the same time.
    • A VPC peering connection can only connect VPCs in the same region. @@ -97,7 +100,7 @@

    Step 2: Peer Account Accepts the VPC Peering Connection Request

    After you create a VPC peering connection with a VPC in another account, you need to contact the peer account to accept the VPC peering connection request. In this example, account A notifies account B to accept the request. Account B needs to:

    1. Log in to the management console.
    2. Click in the upper left corner and choose Network > Virtual Private Cloud.

      The Virtual Private Cloud page is displayed.

      -
    3. In the navigation pane on the left, choose Virtual Private Cloud > VPC Peering Connections.

      The VPC peering connection list is displayed.

      +
    4. In the navigation pane on the left, choose Virtual Private Cloud > VPC Peering Connections.

      The VPC peering connection list is displayed.

    5. In the VPC peering connection list, locate the VPC peering connection request to be accepted.
      Figure 3 VPC peering connection list
    6. Locate the row that contains the target VPC peering connection and click Accept Request in the Operation column.

      After the status of the VPC peering connection changes to Accepted, the VPC peering connection is created.

    7. Go to Step 3: Add Routes for the VPC Peering Connection.
    @@ -171,7 +174,7 @@
    - diff --git a/docs/vpc/umn/en-us_topic_0051746700.html b/docs/vpc/umn/en-us_topic_0051746700.html index 8aa9b49fd..df974633f 100644 --- a/docs/vpc/umn/en-us_topic_0051746700.html +++ b/docs/vpc/umn/en-us_topic_0051746700.html @@ -1,13 +1,13 @@

    Associating Subnets with a Firewall

    -

    Scenarios

    You can associate a firewall with a subnet to protect resources in the subnet. After a firewall is associated with a subnet, the firewall denies all traffic to and from the subnet until you add rules to allow traffic.

    +

    Scenarios

    You can associate a firewall with a subnet to protect resources in the subnet.

    -

    Notes and Constraints

    You can associate a firewall with multiple subnets. However, a subnet can only be associated with one firewall at a time.

    +

    Notes and Constraints

    • You can associate a firewall with multiple subnets. However, a subnet can only be associated with one firewall at a time.
    • After a firewall is associated with a subnet, the default firewall rules deny all traffic to and from the subnet until you add custom rules to allow traffic. For details, see Adding a Firewall Rule.

    Procedure

    1. Log in to the management console.
    1. Click in the upper left corner and select the desired region and project.
    2. Click in the upper left corner and choose Network > Virtual Private Cloud.

      The Virtual Private Cloud page is displayed.

      -
    3. In the navigation pane on the left, choose Access Control > Firewalls.
    4. Locate the target firewall and click its name to switch to the page showing details of that particular firewall.
    5. On the displayed page, click the Associated Subnets tab.
    6. On the Associated Subnets page, click Associate.
    7. On the displayed page, select the subnets to be associated with the firewall, and click OK.
    -

    Subnets with firewalls associated will not be displayed on the page for you to select. If you want to associate such a subnet with another firewall, you must first disassociate the subnet from the original firewall. One-click subnet association and disassociation are not supported currently. A subnet can only be associated with one firewall.

    +
  • In the navigation pane on the left, choose Access Control > Firewalls.
  • Locate the target firewall and click its name to switch to the page showing details of that particular firewall.
  • On the displayed page, click the Associated Subnets tab.
  • On the Associated Subnets tab, click Associate.
  • On the displayed page, select the subnets to be associated with the firewall, and click OK.
    • +

    A subnet with a firewall associated will not be displayed on the page for you to select. If you want to associate such a subnet with another firewall, you must first disassociate the subnet from the original firewall. One-click subnet association and disassociation are not supported currently. A subnet can only be associated with one firewall.

    diff --git a/docs/vpc/umn/en-us_topic_0051746702.html b/docs/vpc/umn/en-us_topic_0051746702.html index e27604558..fb96094bd 100644 --- a/docs/vpc/umn/en-us_topic_0051746702.html +++ b/docs/vpc/umn/en-us_topic_0051746702.html @@ -43,7 +43,7 @@
    @@ -59,8 +59,8 @@ diff --git a/docs/vpc/umn/en-us_topic_0067802474.html b/docs/vpc/umn/en-us_topic_0067802474.html index ad098d620..73007a4e2 100644 --- a/docs/vpc/umn/en-us_topic_0067802474.html +++ b/docs/vpc/umn/en-us_topic_0067802474.html @@ -1,45 +1,114 @@

    Binding a Virtual IP Address to an EIP or ECS

    -

    Scenarios

    You can bind a virtual IP address to an EIP so that you can access the ECSs bound with the same virtual IP address from the Internet. These ECSs can work in the active/standby mode to improve fault tolerance.

    +

    Scenarios

    You can use a virtual IP address and an EIP together.

    +

    If you bind a virtual IP address to ECSs that work in active/standby pairs and bind an EIP to the virtual IP address, you can access the ECSs over the Internet.

    Notes and Constraints

    • Each virtual IP address can be bound to only one EIP.
    -

    Procedure

    1. Log in to the management console.
    2. Click in the upper left corner and select the desired region and project.
    3. Click in the upper left corner and choose Network > Virtual Private Cloud.

      The Virtual Private Cloud page is displayed.

      -
    4. In the navigation pane on the left, choose Virtual Private Cloud > Subnets.
    5. In the subnet list, click the name of the subnet that the virtual IP address belongs to.
    6. Click the IP Addresses tab.
      • To bind a virtual IP address to an EIP, locate the row that contains the virtual IP address and click Bind to EIP in the Operation column.
      • To bind a virtual IP address to an ECS, locate the row that contains the virtual IP address and click Bind to Server in the Operation column.
      -
    7. Select the EIP or ECS to be bound.
      • If the ECS has multiple NICs, bind the virtual IP address to the primary NIC.
      • Multiple virtual IP addresses can be bound to an ECS NIC.
      +

      Binding a Virtual IP Address to an EIP or ECS on the Console

      1. Log in to the management console.
      2. Click in the upper left corner and select the desired region and project.
      3. Click in the upper left corner and choose Network > Virtual Private Cloud.

        The Virtual Private Cloud page is displayed.

        +
      4. In the navigation pane on the left, choose Virtual Private Cloud > Subnets.

        The Subnets page is displayed.

        +
      5. Click the name with a hyperlink of the subnet that the virtual IP address belongs to.

        The subnet details page is displayed.

        +
      6. Click the IP Addresses tab.
        • To bind a virtual IP address to an EIP, locate the row that contains the virtual IP address and click Bind to EIP in the Operation column.
        • To bind a virtual IP address to an ECS, locate the row that contains the virtual IP address and click Bind to Server in the Operation column.
        +
      7. Select the EIP or ECS to be bound.
        • If an ECS has multiple NICs, bind the virtual IP address to the primary NIC.
        • An ECS NIC can have multiple virtual IP addresses bound.
        -
      8. Click OK.
      1. Manually configure the virtual IP address bound to an ECS.

        After a virtual IP address is bound to an ECS NIC, you need to manually configure the virtual IP address on the ECS.

        -
        Linux OS (CentOS 7.2 64bit is used as an example.)
        1. Run the following command to obtain the NIC to which the virtual IP address is to be bound and the connection of the NIC:

          nmcli connection

          +
        2. Click OK.

          After a virtual IP address is bound to an ECS NIC, you need to manually configure the virtual IP address on the ECS. For details, see Configuring a Virtual IP Address for an ECS.

          +
          +
        +
        +

        Configuring a Virtual IP Address for an ECS

        Manually configure the virtual IP address bound to an ECS.

        +
        This following OSs are used as examples here. For other OSs, see the help documents on their official websites.
        • Linux: CentOS 7.2 64bit and Ubuntu 22.04 server 64bit
        • Windows: Windows Server
        +
        +
        Linux (CentOS 7.2 64bit is used as an example.)
        1. Obtain the NIC that the virtual IP address is to be bound and the connection of the NIC:

          nmcli connection

          Information similar to the following is displayed:

          The command output in this example is described as follows:

          -
          • eth0 in the DEVICE column indicates the NIC to which the virtual IP address is to be bound.
          • Wired connection 1 in the NAME column indicates the connection of the NIC.
          -
        2. Run the following command to add the virtual IP address for the target connection:

          nmcli connection modify "CONNECTION" ipv4.addresses VIP

          +
          • eth0 in the DEVICE column indicates the NIC that the virtual IP address is to be bound.
          • Wired connection 1 in the NAME column indicates the connection of the NIC.
          +
        3. Add the virtual IP address for the connection:

          nmcli connection modify "Connection name of the NIC" +ipv4.addresses Virtual IP address

          Configure the parameters as follows:

          -
          • CONNECTION: connection of the NIC obtained in 9.a.
          • VIP: virtual IP address to be added.
            • If you add multiple virtual IP addresses at a time, separate them with commas (,).
            • If a virtual IP address already exists and you need to add a new one, the command must contain both the new and original virtual IP addresses.
            -
          -
          Example commands:
          • Adding a single virtual IP address: nmcli connection modify "Wired connection 1" ipv4.addresses 172.16.0.125
          • Adding multiple virtual IP addresses: nmcli connection modify "Wired connection 1" ipv4.addresses 172.16.0.125,172.16.0.126
          +
          • Connection name of the NIC: The connection name of the NIC obtained in 1. In this example, the connection name is Wired connection 1.
          • Virtual IP address: Enter the virtual IP address to be added. If you add multiple virtual IP addresses at a time, separate every two with a comma (,).
          +
          Example commands:
          • Adding a single virtual IP address: nmcli connection modify "Wired connection 1" +ipv4.addresses 172.16.0.125
          • Adding multiple virtual IP addresses: nmcli connection modify "Wired connection 1" +ipv4.addresses 172.16.0.125,172.16.0.126
          -
        4. Run the following command to make the configuration take effect:

          nmcli connection up "CONNECTION"

          +
        5. Make the configuration in 2 take effect:

          nmcli connection up "Connection name of the NIC"

          In this example, run the following command:

          nmcli connection up "Wired connection 1"

          Information similar to the following is displayed:

          -
        6. Run the following command to check whether the virtual IP address has been bound:

          ip a

          +
        7. Check whether the virtual IP address has been bound:

          ip a

          Information similar to the following is displayed. In the command output, the virtual IP address 172.16.0.125 is bound to NIC eth0.

          +

          To delete an added virtual IP address, perform the following steps:

          +
          1. Delete the virtual IP address from the connection of the NIC:

            nmcli connection modify "Connection name of the NIC" -ipv4.addresses Virtual IP address

            +
            To delete multiple virtual IP addresses at a time, separate every two with a comma (,). Example commands are as follows:
            • Deleting a single virtual IP address: nmcli connection modify "Wired connection 1" -ipv4.addresses 172.16.0.125
            • Deleting multiple virtual IP addresses: nmcli connection modify "Wired connection 1" -ipv4.addresses 172.16.0.125,172.16.0.126
            +
            +
          2. Make the deletion take effect by referring to 3.
          +
        -

        Windows OS (Windows Server is used as an example here.)

        -
        1. In Control Panel, click Network and Sharing Center, and click the corresponding local connection.
        2. On the displayed page, click Properties.
        3. On the Network tab page, select Internet Protocol Version 4 (TCP/IPv4).
        4. Click Properties.
        5. Select Use the following IP address and set IP address to the private IP address of the ECS, for example, 10.0.0.101.
          Figure 1 Configuring private IP address
          -
        6. Click Advanced.
        7. On the IP Settings tab, click Add in the IP addresses area.

          Add the virtual IP address. For example, 10.0.0.154.

          +

          Linux (Ubuntu 22.04 server 64bit is used as an example.)

          +
          If an ECS runs Ubuntu 22 or Ubuntu 20, perform the following operations:
          1. Obtain the NIC that the virtual IP address is to be bound:

            ifconfig

            +
            Information similar to the following is displayed. In this example, the NIC bound to the virtual IP address is eth0.
            root@ecs-X-ubantu:~# ifconfig
+eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
+        inet 172.16.0.210  netmask 255.255.255.0  broadcast 172.16.0.255
+        inet6 fe80::f816:3eff:fe01:f1c3  prefixlen 64  scopeid 0x20<link>
+        ether fa:16:3e:01:f1:c3  txqueuelen 1000  (Ethernet)
+        RX packets 43915  bytes 63606486 (63.6 MB)
+        RX errors 0  dropped 0  overruns 0  frame 0
+        TX packets 3364  bytes 455617 (455.6 KB)
+        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
+...
            +
            +
          2. Switch to the /etc/netplan directory:

            cd /etc/netplan

            +
          3. Add a virtual IP address to the NIC.
            1. Open the configuration file 01-netcfg.yaml:

              vim 01-netcfg.yaml

              +
            2. Press i to enter the editing mode.
            3. In the NIC configuration area, add a virtual IP address.

              In this example, add a virtual IP address for eth0:

              +

              addresses:

              +

              - 172.16.0.26/32

              +
              The file content is as follows:
              network:
+    version: 2
+    renderer: NetworkManager
+    ethernets:
+        eth0:
+            dhcp4: true
+            addresses:
+            - 172.16.0.26/32
+        eth1:
+            dhcp4: true
+        eth2:
+            dhcp4: true
+        eth3:
+            dhcp4: true
+        eth4:
+            dhcp4: true
              +
              +
            4. Press Esc, enter :wq!, save the configuration, and exit.
            +
          4. Make the configuration in 3 take effect:

            netplan apply

            +
          5. Check whether the virtual IP address has been bound:

            ip a

            +
            Information similar to the following is displayed. In the command output, the virtual IP address 172.16.0.26 is bound to NIC eth0.
            root@ecs-X-ubantu:/etc/netplan# ip a
+...
+2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
+    link/ether fa:16:3e:01:f1:c3 brd ff:ff:ff:ff:ff:ff
+    altname enp0s3
+    altname ens3
+    inet 172.16.0.26/32 scope global noprefixroute eth0
+       valid_lft forever preferred_lft forever
+    inet 172.16.0.210/24 brd 172.16.0.255 scope global dynamic noprefixroute eth0
+       valid_lft 107999971sec preferred_lft 107999971sec
+    inet6 fe80::f816:3eff:fe01:f1c3/64 scope link 
+       valid_lft forever preferred_lft forever
            +
            +

            To delete an added virtual IP address, perform the following steps:

            +
            1. Open the configuration file 01-netcfg.yaml and delete the virtual IP address of the corresponding NIC by referring to 3.
            2. Make the deletion take effect by referring to 4.
            +
            +
          +
          +

          Windows OS (Windows Server is used as an example here.)

          +
          1. In Control Panel, click Network and Sharing Center, and click the corresponding local connection.
          2. On the displayed page, click Properties.
          3. On the Network tab page, select Internet Protocol Version 4 (TCP/IPv4).
          4. Click Properties.
          5. Select Use the following IP address and set IP address to the private IP address of the ECS, for example, 10.0.0.101.
            Figure 1 Configuring private IP address
            +
          6. Click Advanced.
          7. On the IP Settings tab, click Add in the IP addresses area.

            Add the virtual IP address, for example, 10.0.0.154.

            Figure 2 Configuring virtual IP address
          8. Click OK.
          9. In the Start menu, open the Windows command line window and run the following command to check whether the virtual IP address has been configured:

            ipconfig /all

            In the command output, IPv4 Address is the virtual IP address 10.0.0.154, indicating that the virtual IP address of the ECS NIC has been correctly configured.

          -
      diff --git a/docs/vpc/umn/en-us_topic_0068145818.html b/docs/vpc/umn/en-us_topic_0068145818.html index 6d6ab67f8..133e699f0 100644 --- a/docs/vpc/umn/en-us_topic_0068145818.html +++ b/docs/vpc/umn/en-us_topic_0068145818.html @@ -32,7 +32,7 @@
    Table 2 Outbound rule parameter description

    Parameter

    Description

    +

    Description

    Example Value

    +

    Example Value

    Protocol & Port

    +

    Protocol & Port

    The network protocol used to match traffic in a security group rule.

    +

    The network protocol used to match traffic in a security group rule.

    Currently, the value can be All, TCP, UDP, GRE, ICMP, or more.

    TCP

    +

    TCP

    Port: The port or port range over which traffic can leave your ECS. The value can be from 1 to 65535.

    +

    Port: The port or port range over which traffic can leave your ECS. The value can be from 1 to 65535.

    22, or 22-30

    +

    22, or 22-30

    Type

    +

    Type

    Source IP address version. You can select:
    • IPv4
    • IPv6
    +
    Source IP address version. You can select:
    • IPv4
    • IPv6

    IPv4

    +

    IPv4

    Destination

    +

    Destination

    Destination of the security group rule. The value can be an IP address or a security group to allow access to IP addresses or instances in the security group. For example:

    +

    Destination of the security group rule. The value can be an IP address or a security group to allow access to IP addresses or instances in the security group. For example:

    • IP address:
      • Single IP address: 192.168.10.10/32
      • All IP addresses: 0.0.0.0/0
      • IP address range: 192.168.1.0/24
      -
    • Security group: sg-A
    +
  • Security group: The source is from another security group. You can select a security group in the same region under the current account from the drop-down list. Instance A is in security group A and instance B is in security group B. If security group A has an inbound rule with Action set to Allow and Source set to security group B, access from instance B is allowed to instance A.
  • IP address group: An IP address group is a collection of one or more IP addresses. You can select an available IP address group from the drop-down list. An IP address group can help you manage IP address ranges and IP addresses with same security requirements in a more simple way.

    • 0.0.0.0/0

    +

    0.0.0.0/0

    Description

    +

    Description

    Supplementary information about the security group rule. This parameter is optional.

    +

    Supplementary information about the security group rule. This parameter is optional.

    The security group rule description can contain a maximum of 255 characters and cannot contain angle brackets (< or >).

    N/A

    +

    N/A

    Next Hop Type

    The next hop type. Select VPC peering connection.

    +

    The next hop type. Select VPC peering connection.

    VPC peering connection

    Next Hop Type

    The next hop type. Select VPC peering connection.

    +

    The next hop type. Select VPC peering connection.

    VPC peering connection

    The source from which the traffic is allowed. The source can be an IP address or IP address range.

    • IP address:
      • Single IP address: 192.168.10.10/32
      • All IP addresses: 0.0.0.0/0
      • IP address range: 192.168.1.0/24
      -
    • Security group: sg-A
    +
  • IP address group: The source is an IP address group. An IP address group is a collection of one or more IP addresses. You can select an available IP address group from the drop-down list. An IP address group can help you manage IP address ranges and IP addresses with same security requirements in a more simple way.
    		•

    0.0.0.0/0

    Destination

    The destination to which the traffic is allowed. The destination can be an IP address or IP address range.

    -
    • IP address:
      • Single IP address: 192.168.10.10/32
      • All IP addresses: 0.0.0.0/0
      • IP address range: 192.168.1.0/24
      -
    • Security group: sg-A
    +
    • IP address:
      • Single IP address: 192.168.10.10/32
      • All IP addresses: 0.0.0.0/0
      • IP address range: 192.168.1.0/24
      +
    • IP address group: The source is an IP address group. An IP address group is a collection of one or more IP addresses. You can select an available IP address group from the drop-down list. An IP address group can help you manage IP address ranges and IP addresses with same security requirements in a more simple way.

    0.0.0.0/0
    -

    Procedure

    Searching for EIPs by tag key and value on the page showing the EIP list
    1. Log in to the management console.
    2. Click in the upper left corner and select the desired region and project.
    3. Click in the upper left corner and choose Network > Elastic IP.
    4. Click the search box and then click Tag in the drop-down list.
    5. Select the tag key and value of the EIP.

      You can add multiple tag keys and values to refine your search results. If you add more than one tag to search for EIPs, the system will display only the EIPs that contain all of the tags you specified.

      +

      Procedure

      Searching for EIPs by tag key and value on the page showing the EIP list
      1. Log in to the management console.
      2. Click in the upper left corner and select the desired region and project.
      3. Click in the upper left corner and choose Network > Elastic IP.
      4. Click the search box above the EIP list.
      5. Select the tag key and value of the EIP.

        You can add multiple tag keys and values to refine your search results. If you add more than one tag to search for EIPs, the system will display only the EIPs that contain all of the tags you specified.

      6. Click OK.

        The system displays the EIPs you are looking for based on the entered tag keys and values.

      diff --git a/docs/vpc/umn/en-us_topic_0073379079.html b/docs/vpc/umn/en-us_topic_0073379079.html index e95c4b8aa..3e8e69582 100644 --- a/docs/vpc/umn/en-us_topic_0073379079.html +++ b/docs/vpc/umn/en-us_topic_0073379079.html @@ -1,8 +1,8 @@

      Security Groups and Security Group Rules

      -

      Security Groups

      A security group is a collection of access control rules for cloud resources, such as cloud servers, containers, and databases, that have the same security protection requirements and that are mutually trusted. After a security group is created, you can create various access rules for the security group, these rules will apply to all cloud resources added to this security group.

      -

      If you have not created any security group yet, the system automatically creates a default security group for you and associates it with the instance (such as an ECS) when you create it. For details about the default security group, see Default Security Group and Its Rules.

      +

      Security Groups

      A security group is a collection of access control rules for cloud resources, such as cloud servers, containers, and databases, that have the same security protection requirements and that are mutually trusted. After a security group is created, you can create various access rules for the security group and these rules will apply to all cloud resources added to this security group.

      +

      If you have not created any security groups yet, the system automatically creates a default security group for you and associates it with the instance (such as an ECS) when you create it. For details about the default security group, see Default Security Group and Its Rules.

      Security groups are stateful. If you send a request from your instance and the outbound traffic is allowed, the response traffic for that request is allowed to flow in regardless of inbound security group rules. Similarly, if inbound traffic is allowed, responses to allowed inbound traffic are allowed to flow out, regardless of outbound rules.

      Security groups use connection tracking to track traffic to and from instances that they contain and security group rules are applied based on the connection status of the traffic to determine whether to allow or deny traffic.

      • If you add, modify, or delete a security group rule, or add or remove an instance to or from a security group, the inbound connection tracking of all instances in the security group will be automatically cleared. The inbound or outbound traffic of the instance will be considered as new connections, which need to match the inbound or outbound security group rules to ensure that the rules take effect immediately and the security of incoming traffic.
      @@ -30,7 +30,7 @@
    The source in an inbound rule is used to match the IP address or address range of an external request. The source can be:
    • IP address:
      • Example IPv4 address: 192.168.10.10/32
      • Example IPv6 address: 2002:50::44/128
      • Example IPv4 address range: 192.168.52.0/24 All IPv4 addresses: 0.0.0.0/0
      • Example IPv6 address range: 2407:c080:802:469::/64 All IPv6 addresses: ::/0
    • Security group: You can select another security group in the same region under the current account as the source.

      For example, instance A is in security group A and instance B is in security group B. If security group A has a rule with Source set to security group B, access from instance B is allowed to instance A.

      -
    +
  • IP address group: If you have multiple IP address ranges and IP addresses with same security requirements, add them to an IP address group and select the group as the source to help you manage them in a more simple way.
    		•

    Enterprise Project

    The enterprise project that the EIP belongs to.

    -

    An enterprise project facilitates project-level management and grouping of cloud resources and users. The name of the default project is default.

    +

    An enterprise project facilitates project-level management and grouping of cloud resources and users. The name of the default project is default.

    default
    + + + + + + + + + + + + + + + + + + +
    Table 1 Application scenarios of IPv4/IPv6 dual stack

    Application Scenario

    +

    Description

    +

    Subnet

    +

    ECS

    +

    Private communication using IPv6 addresses

    +

    Your applications deployed on ECSs need to communicate with other systems (such as databases) through private networks using IPv6 addresses.

    +
    • IPv4 CIDR block
    • IPv6 CIDR block
    +
    • Private IPv4 address: used for private communication
    • IPv6 address: used for private communication.
    +

    Public communication using IPv6 addresses

    +

    Your applications deployed on ECSs need to provide services accessible from the Internet using IPv6 addresses.

    +
    • IPv4 CIDR block
    • IPv6 CIDR block
    +
    • Private IPv4 address + IPv4 EIP: used for public network communication
    • IPv6 address + shared bandwidth: used for public network communication
    +

    Your applications deployed on ECSs need to both provide services accessible from the Internet and analyze the access request data using IPv6 addresses.

    +
    +
    + +

    + +

    Basic Operations

    Creating an IPv6 Subnet

    +

    Create an IPv6 subnet by following the instructions in Creating a Subnet for the VPC. Select Enable for IPv6 CIDR Block. An IPv6 CIDR block will be automatically assigned to the subnet. IPv6 cannot be disabled after the subnet is created. Currently, customizing IPv6 CIDR block is not supported.

    +

    Viewing In-Use IPv6 Addresses

    +

    In the subnet list, click the subnet name. On the displayed page, view in-use IPv4 and IPv6 addresses on the IP Addresses tab.

    +

    Adding a Security Group Rule (IPv6)

    +

    Add a security group rule with Type set to IPv6 and Source or Destination set to an IPv6 address or IPv6 CIDR block.

    +

    Adding a Network ACL Rule (IPv6)

    +

    Add a network ACL rule with Type set to IPv6 and Source or Destination set to an IPv6 address or IPv6 CIDR block.

    +

    Adding a Route (IPv6)

    +

    Add a route with Destination and Next Hop set to an IPv4 or IPv6 CIDR block. For details about how to add a route, see Adding a Custom Route. If the destination is an IPv6 CIDR block, the next hop can only be an IP address in the same VPC as the IPv6 CIDR block.

    +

    If the destination is an IPv6 CIDR block, the next hop type can only be an ECS, extension NIC, or virtual IP address. The next hop must also have IPv6 addresses.

    +
    +

    Assigning an IPv6 Virtual IP Address

    +

    Assign a virtual IPv4 or IPv6 address by referring to Assigning a Virtual IP Address.

    +

    Each virtual IPv6 address can only be bound to one dual-stack NIC.

    +
    +

    Dynamically Assigning IPv6 Addresses

    +

    After an ECS is created successfully, you can view the assigned IPv6 address on the ECS details page. You can also log in to the ECS and run the ifconfig command to view the assigned IPv6 address.

    +

    If an IPv6 address fails to be automatically assigned or the selected image does not support the function of automatic IPv6 address assignment, manually obtain the IPv6 address by referring to "Dynamically Assigning IPv6 Addresses" in Elastic Cloud Server User Guide.

    +

    If an ECS is created from a public image:

    + +

    Before enabling dynamic IPv6 address assignment for a Linux public image, check whether IPv6 is supported and then check whether dynamic IPv6 address assignment has been enabled. Currently, all Linux public images support IPv6, and dynamic IPv6 address assignment is enabled for Ubuntu 16 by default. You do not need to configure dynamic IPv6 address assignment for the Ubuntu 16 OS. For other Linux public images, you need to enable this function.

    +
    +
    + +
    +
    +
    Parent topic: VPC and Subnet
    +
    +
    + diff --git a/docs/vpc/umn/vpc_Concepts_0005.html b/docs/vpc/umn/vpc_Concepts_0005.html index 33d025338..15aa8c187 100644 --- a/docs/vpc/umn/vpc_Concepts_0005.html +++ b/docs/vpc/umn/vpc_Concepts_0005.html @@ -1,7 +1,7 @@

    Security Group

    -

    A security group is a collection of access control rules for cloud resources, such as cloud servers, containers, and databases, that have the same security protection requirements and that are mutually trusted. After a security group is created, you can create various access rules for the security group, these rules will apply to all cloud resources added to this security group.

    +

    A security group is a collection of access control rules for cloud resources, such as cloud servers, containers, and databases, that have the same security protection requirements and that are mutually trusted. After a security group is created, you can create various access rules for the security group and these rules will apply to all cloud resources added to this security group.

    Like whitelists, security group rules work as follows:
    • Inbound rules control incoming traffic to instances in the security group.

      If an inbound request matches the source in an inbound security group rule, the request is allowed and other requests are denied.

      By default, you do not need to configure deny rules in the inbound direction because requests that do not match allow rules will be denied.

    • Outbound rules control outgoing traffic from instances in the security group.

      If the destination of an outbound security group rule is 0.0.0.0/0, all outbound requests are allowed.

      diff --git a/docs/vpc/umn/vpc_Concepts_0011.html b/docs/vpc/umn/vpc_Concepts_0011.html index bd898f0c3..28c073bb3 100644 --- a/docs/vpc/umn/vpc_Concepts_0011.html +++ b/docs/vpc/umn/vpc_Concepts_0011.html @@ -1,7 +1,7 @@

      VPC Peering Connection

      -
      A VPC peering connection is a networking connection between two VPCs and enables them to communicate using private IP addresses. The VPCs to be peered can be in the same account or different accounts, but must be in the same region. +
      A VPC peering connection is a networking connection that connects two VPCs for them to communicate using private IP addresses. The VPCs to be peered can be in the same account or different accounts, but must be in the same region.
      Figure 1 shows an application scenario of VPC peering connections.
      • There are two VPCs (VPC-A and VPC-B) in region A that are not connected.
      • Service servers (ECS-A01 and ECS-A02) are in VPC-A, and database servers (RDS-B01 and RDS-B02) are in VPC-B. The service servers and database servers cannot communicate with each other.
      • You need to create a VPC peering connection (peering-AB) between VPC-A and VPC-B so the service servers and database servers can communicate with each other.
      diff --git a/docs/vpc/umn/vpc_SecurityGroup_0001.html b/docs/vpc/umn/vpc_SecurityGroup_0001.html index 4ac4bf114..8ec25020f 100644 --- a/docs/vpc/umn/vpc_SecurityGroup_0001.html +++ b/docs/vpc/umn/vpc_SecurityGroup_0001.html @@ -22,6 +22,8 @@
    • Fast-Adding Security Group Rules
      • +
    • Allowing Common Ports with A Few Clicks
      +
    • Modifying a Security Group Rule
    • Replicating a Security Group Rule
      diff --git a/docs/vpc/umn/vpc_SecurityGroup_0007.html b/docs/vpc/umn/vpc_SecurityGroup_0007.html index 2966c420a..1260bb929 100644 --- a/docs/vpc/umn/vpc_SecurityGroup_0007.html +++ b/docs/vpc/umn/vpc_SecurityGroup_0007.html @@ -39,10 +39,18 @@

    22, or 22-30

    Type

    +
    Source IP address version. You can select:
    • IPv4
    • IPv6
    +
    +

    IPv4

    +

    Source

    Source of the security group rule. The value can be an IP address or a security group to allow access from IP addresses or instances in the security group. For example:
    • IP address:
      • Single IP address: 192.168.10.10/32
      • All IP addresses: 0.0.0.0/0
      • IP address range: 192.168.1.0/24
      -
    • Security group: sg-A
    +
    Source of the security group rule. The value can be an IP address, a security group, or an IP address group to allow access from IP addresses or instances in the security group. For example:
    • IP address:
      • Single IP address: 192.168.10.10/32
      • All IP addresses: 0.0.0.0/0
      • IP address range: 192.168.1.0/24
      +
    • Security group: The source is from another security group. You can select a security group in the same region under the current account from the drop-down list. Instance A is in security group A and instance B is in security group B. If security group A has an inbound rule with Action set to Allow and Source set to security group B, access from instance B is allowed to instance A.
    • IP address group: An IP address group is a collection of one or more IP addresses. You can select an available IP address group from the drop-down list. An IP address group can help you manage IP address ranges and IP addresses with same security requirements in a more simple way.

    sg-test[96a8a93f-XXX-d7872990c314]

    diff --git a/docs/vpc/umn/vpc_SecurityGroup_0009.html b/docs/vpc/umn/vpc_SecurityGroup_0009.html index 6a6723d75..cae99bc6b 100644 --- a/docs/vpc/umn/vpc_SecurityGroup_0009.html +++ b/docs/vpc/umn/vpc_SecurityGroup_0009.html @@ -3,9 +3,7 @@

    Cloning a Security Group

    Scenarios

    You can clone a security group from one region to another to quickly apply the security group rules to ECSs in another region.

    You can clone a security group in the following scenarios:

    -
    • For example, you have security group sg-A in region A. If ECSs in region B require the same security group rules as those configured for security group sg-A, you can clone security group sg-A to region B, freeing you from creating a new security group in region B.
    • If you need new security group rules, you can clone the original security group as a backup.
    • Before you modify security group rules used by a service, you can clone the security group and modify the security group rules in the test environment to ensure that the modified rules work.

      Security group cloning is not supported now.

      -
      -
    +
    • For example, you have security group sg-A in region A. If ECSs in region B require the same security group rules as those configured for security group sg-A, you can clone security group sg-A to region B, freeing you from creating a new security group in region B.
    • If you need new security group rules, you can clone the original security group as a backup.
    • Before you modify security group rules used by a service, you can clone the security group and modify the security group rules in the test environment to ensure that the modified rules work.

    Notes and Constraints

    • You can clone a security group from the same or a different region.
      • If you want to clone a security group from the same region, you can clone all rules in the security group.
      • If you want to clone a security group from a different region, the system will clone only rules whose source and destination are IP addresses and rules whose source and destination is the current security group.
    • Cloning a security group clones its security group rules, but not the instances associated with the security group.
    diff --git a/docs/vpc/umn/vpc_acl_0000.html b/docs/vpc/umn/vpc_acl_0000.html index dc16d01eb..268adb203 100644 --- a/docs/vpc/umn/vpc_acl_0000.html +++ b/docs/vpc/umn/vpc_acl_0000.html @@ -14,7 +14,7 @@
  • Associating Subnets with a Firewall
    • -
  • Disassociating a Subnet from a Firewall
    +
  • Disassociating Subnets from a Firewall
  • Changing the Sequence of a Firewall Rule
    • diff --git a/docs/vpc/umn/vpc_acl_0003.html b/docs/vpc/umn/vpc_acl_0003.html index ee8b49ab9..a62dd1247 100644 --- a/docs/vpc/umn/vpc_acl_0003.html +++ b/docs/vpc/umn/vpc_acl_0003.html @@ -1,12 +1,12 @@ -

    Disassociating a Subnet from a Firewall

    -

    Scenarios

    Disassociate a subnet from a firewall when necessary.

    +

    Disassociating Subnets from a Firewall

    +

    Scenarios

    You can disassociate a subnet from its firewall based on your network requirements.

    Procedure

    1. Log in to the management console.
    1. Click in the upper left corner and select the desired region and project.
    2. Click in the upper left corner and choose Network > Virtual Private Cloud.

      The Virtual Private Cloud page is displayed.

    3. In the navigation pane on the left, choose Access Control > Firewalls.
    4. Locate the target firewall and click its name to switch to the page showing details of that particular firewall.
    5. On the displayed page, click the Associated Subnets tab.
    6. On the Associated Subnets page, locate the row that contains the target subnet and click Disassociate in the Operation column.
    7. Click Yes in the displayed dialog box.

    Disassociating subnets from a firewall

    -

    Select multiple subnets and click Disassociate above the subnet list to disassociate the subnets from a firewall at a time.

    +

    Select multiple subnets and click Disassociate above the subnet list to disassociate the subnets from the firewall at a time.

    diff --git a/docs/vpc/umn/vpc_acl_0005.html b/docs/vpc/umn/vpc_acl_0005.html index add9378eb..e047df870 100644 --- a/docs/vpc/umn/vpc_acl_0005.html +++ b/docs/vpc/umn/vpc_acl_0005.html @@ -40,7 +40,7 @@

    The source from which the traffic is allowed. The source can be an IP address or IP address range.

    • IP address:
      • Single IP address: 192.168.10.10/32
      • All IP addresses: 0.0.0.0/0
      • IP address range: 192.168.1.0/24
      -
    • Security group: sg-A
    +
  • IP address group: The source is an IP address group. An IP address group is a collection of one or more IP addresses. You can select an available IP address group from the drop-down list. An IP address group can help you manage IP address ranges and IP addresses with same security requirements in a more simple way.
    		•

    0.0.0.0/0

    Destination

    The destination to which the traffic is allowed. The destination can be an IP address or IP address range.

    -
    • IP address:
      • Single IP address: 192.168.10.10/32
      • All IP addresses: 0.0.0.0/0
      • IP address range: 192.168.1.0/24
      -
    • Security group: sg-A
    +
    • IP address:
      • Single IP address: 192.168.10.10/32
      • All IP addresses: 0.0.0.0/0
      • IP address range: 192.168.1.0/24
      +
    • IP address group: The source is an IP address group. An IP address group is a collection of one or more IP addresses. You can select an available IP address group from the drop-down list. An IP address group can help you manage IP address ranges and IP addresses with same security requirements in a more simple way.

    0.0.0.0/0

    On the Direct Connect console, locate the virtual gateway and delete it.

    Delete the VPN gateway that is using the VPC and then delete the VPC.

    +

    The VPC is being used by a VPN gateway.

    +

    On the VPN console, locate the VPN gateway and delete it.

    +

    Delete all custom security groups in this region and then delete this last VPC.

    In the current region, this is the last VPC and there are custom security groups.

    diff --git a/docs/vpc/umn/vpc_faq_0103.html b/docs/vpc/umn/vpc_faq_0103.html index 94813a6f8..4c681f5e8 100644 --- a/docs/vpc/umn/vpc_faq_0103.html +++ b/docs/vpc/umn/vpc_faq_0103.html @@ -2,13 +2,45 @@

    Change History

    -

    Released On

    +
    - + + + + + + + + + + + + + + +

    Released On

    Description

    2023-10-10

    +

    2023-12-19

    +

    This release incorporates the following changes:

    +

    Added screenshots in How Do I Configure a Security Group for Multi-Channel Protocols?.

    +

    Modified the table in Why Can't I Delete My VPCs and Subnets?.

    +

    2023-12-18

    +

    This release incorporates the following changes:

    +

    Added IPv6-related content.

    +

    2023-12-12

    +

    This release incorporates the following changes:

    +

    Added descriptions about security group and IP address group as source or destination in Adding a Security Group Rule.

    +

    2023-11-30

    +

    This release incorporates the following changes:

    +

    Added descriptions about IP address groups as source and destination in Adding a Firewall Rule.

    +

    2023-11-14

    +

    This release incorporates the following changes:

    +

    Added the following content:

    +

    Added description about allowing common ports with a few clicks in Allowing Common Ports with A Few Clicks.

    +

    2023-10-10

    This release incorporates the following changes:

    • Added the figure for configuring route tables in Route Table.
    • Modified Step 4: Add a Security Group Rule.
      • Changed the location of parameter Type.
      • Added protocol GRE.
      diff --git a/docs/vpc/umn/vpc_peering_0004.html b/docs/vpc/umn/vpc_peering_0004.html index fd1db5926..55333238c 100644 --- a/docs/vpc/umn/vpc_peering_0004.html +++ b/docs/vpc/umn/vpc_peering_0004.html @@ -13,7 +13,7 @@

      Viewing Routes of a VPC Peering Connection Between VPCs in Different Accounts

      Only the account owner of a VPC in a VPC peering connection can view the routes added for the connection.

      1. Log in to the management console using the account of the local VPC and view the route of the local VPC:
        1. Click in the upper left corner and select the desired region and project.
        2. Click in the upper left corner and choose Network > Virtual Private Cloud.

          The Virtual Private Cloud page is displayed.

          -
        3. In the navigation pane on the left, choose Virtual Private Cloud > VPC Peering Connections.

          The VPC peering connection list is displayed.

          +
        4. In the navigation pane on the left, choose Virtual Private Cloud > VPC Peering Connections.

          The VPC peering connection list is displayed.

        5. In the VPC peering connection list, click the name of the target VPC peering connection.

          The page showing the VPC peering connection details is displayed.

        6. Click the Local Routes tab to view the local route added for the VPC peering connection.
      2. Log in to the management console using the account of the peer VPC and view the route of the peer VPC by referring to 1.
      diff --git a/docs/vpc/umn/vpc_peering_0006.html b/docs/vpc/umn/vpc_peering_0006.html index 3077f768f..fcee19d72 100644 --- a/docs/vpc/umn/vpc_peering_0006.html +++ b/docs/vpc/umn/vpc_peering_0006.html @@ -5,7 +5,7 @@

      Deleting Routes of a VPC Peering Connection Between VPCs in the Same Account

      1. Log in to the management console.
      2. Click in the upper left corner and select the desired region and project.
      3. Click in the upper left corner and choose Network > Virtual Private Cloud.

        The Virtual Private Cloud page is displayed.

        -
      4. In the navigation pane on the left, choose Virtual Private Cloud > VPC Peering Connections.

        The VPC peering connection list is displayed.

        +
      5. In the navigation pane on the left, choose Virtual Private Cloud > VPC Peering Connections.

        The VPC peering connection list is displayed.

      6. In the VPC peering connection list, click the name of the target VPC peering connection.

        The page showing the VPC peering connection details is displayed.

      7. Delete the route added to the route table of the local VPC:
        1. Click the Local Routes tab and then click the Route Tables hyperlink.

          The Summary tab of the default route table for the local VPC is displayed.

        2. Locate the row that contains the route to be deleted and click Delete in the Operation column.

          A confirmation dialog box is displayed.

          @@ -17,9 +17,9 @@

      Deleting Routes of a VPC Peering Connection Between VPCs in Different Accounts

      Only the account owner of a VPC in a VPC peering connection can delete the routes added for the connection.

      1. Log in to the management console using the account of the local VPC and delete the route of the local VPC:
        1. Click in the upper left corner and select the desired region and project.
        2. Click in the upper left corner and choose Network > Virtual Private Cloud.

          The Virtual Private Cloud page is displayed.

          -
        3. In the navigation pane on the left, choose Virtual Private Cloud > VPC Peering Connections.

          The VPC peering connection list is displayed.

          +
        4. In the navigation pane on the left, choose Virtual Private Cloud > VPC Peering Connections.

          The VPC peering connection list is displayed.

        5. In the VPC peering connection list, click the name of the target VPC peering connection.

          The page showing the VPC peering connection details is displayed.

          -
        6. Delete the route added to the route table of the local VPC:
          1. Click the Local Routes tab and then click the Route Tables hyperlink.

            The Summary tab of the default route table for the local VPC is displayed.

            +
          2. Delete the route added to the route table of the local VPC:
            1. Click the Local Routes tab and then click the Route Tables hyperlink.

              The Summary tab of the default route table for the local VPC is displayed.

            2. Locate the row that contains the route to be deleted and click Delete in the Operation column.

              A confirmation dialog box is displayed.

            3. Click Yes.
          diff --git a/docs/vpc/umn/vpc_peering_0007.html b/docs/vpc/umn/vpc_peering_0007.html index 3af8d5432..360a0e777 100644 --- a/docs/vpc/umn/vpc_peering_0007.html +++ b/docs/vpc/umn/vpc_peering_0007.html @@ -18,7 +18,7 @@

      Modifying Routes of a VPC Peering Connection Between VPCs in Different Accounts

      Only the account owner of a VPC can modify the routes added for the connection.

      1. Log in to the management console using the account of the local VPC and modify the route of the local VPC:
        1. Click in the upper left corner and select the desired region and project.
        2. Click in the upper left corner and choose Network > Virtual Private Cloud.

          The Virtual Private Cloud page is displayed.

          -
        3. In the navigation pane on the left, choose Virtual Private Cloud > VPC Peering Connections.

          The VPC peering connection list is displayed.

          +
        4. In the navigation pane on the left, choose Virtual Private Cloud > VPC Peering Connections.

          The VPC peering connection list is displayed.

        5. In the VPC peering connection list, click the name of the target VPC peering connection.

          The page showing the VPC peering connection details is displayed.

        6. Modify the route added to the route table of the local VPC:
          1. Click the Local Routes tab and then click the Route Tables hyperlink.

            The Summary tab of the default route table for the local VPC is displayed.

          2. Locate the row that contains the route to be modified and click Modify in the Operation column.

            The Modify Route dialog box is displayed.

            diff --git a/docs/vpc/umn/vpc_qs_0005.html b/docs/vpc/umn/vpc_qs_0005.html index aff795b62..c930051bd 100644 --- a/docs/vpc/umn/vpc_qs_0005.html +++ b/docs/vpc/umn/vpc_qs_0005.html @@ -9,11 +9,11 @@
            - - - @@ -89,20 +89,30 @@ - - - - + + + + + - diff --git a/docs/vpc/umn/vpc_qs_0006.html b/docs/vpc/umn/vpc_qs_0006.html index 86e75d434..8dd7cc542 100644 --- a/docs/vpc/umn/vpc_qs_0006.html +++ b/docs/vpc/umn/vpc_qs_0006.html @@ -32,11 +32,20 @@ - - - + + + +
            Table 1 VPC parameter descriptions

            Category

            Parameter

            +

            Parameter

            Description

            +

            Description

            Example Value

            +

            Example Value

            Subnet

            Default Subnet

            +

            Default Subnet

            CIDR Block

            +

            IPv4 CIDR Block

            The CIDR block for the subnet. This value must be within the VPC CIDR block.

            +

            The CIDR block for the subnet. This value must be within the VPC CIDR block.

            192.168.0.0/24

            +

            192.168.0.0/24

            +

            Default Subnet

            +

            IPv6 CIDR Block

            +

            Specifies whether to set IPv6 CIDR Block to Enable.

            +

            After the IPv6 function is enabled, the system automatically assigns an IPv6 CIDR block to the created subnet. Currently, the IPv6 CIDR block cannot be customized. IPv6 cannot be disabled after the subnet is created.

            +

            -

            Default Subnet

            Associated Route Table

            The default route table to which the subnet will be associated. You can change the route table to a custom route table on the Subnets page.

            +

            The default route table to which the subnet will be associated. You can change the route table to a custom route table on the Subnets page.

            Default

            Subnet

            CIDR Block

            +

            IPv4 CIDR Block

            The CIDR block for the subnet. This value must be within the VPC CIDR block.

            +

            The CIDR block for the subnet. This value must be within the VPC CIDR block.

            192.168.0.0/24

            +

            192.168.0.0/24

            +

            IPv6 CIDR Block

            +

            Specifies whether to set IPv6 CIDR Block to Enable.

            +

            +

            If you select this option, the system automatically assigns an IPv6 CIDR block to the created subnet. Currently, the IPv6 CIDR block cannot be customized. IPv6 cannot be disabled after the subnet is created.

            +

            -

            Associated Route Table

            diff --git a/docs/vpc/umn/vpc_qs_0007.html b/docs/vpc/umn/vpc_qs_0007.html index fefdd2f7d..a5d2916b3 100644 --- a/docs/vpc/umn/vpc_qs_0007.html +++ b/docs/vpc/umn/vpc_qs_0007.html @@ -9,52 +9,51 @@
          3. In the navigation pane on the left, choose Access Control > Security Groups.

            The security group list is displayed.

          4. In the upper right corner, click Create Security Group.

            The Create Security Group page is displayed.

          5. Configure the parameters as prompted.
            Figure 1 Create Security Group
            -

            -
            Table 1 Parameter description

            Parameter

            +
            - - - - - - - - - - - - - - diff --git a/docs/vpc/umn/vpc_qs_0008.html b/docs/vpc/umn/vpc_qs_0008.html index 0d0dccbae..200165cfa 100644 --- a/docs/vpc/umn/vpc_qs_0008.html +++ b/docs/vpc/umn/vpc_qs_0008.html @@ -17,54 +17,53 @@
          6. Locate the row that contains the target security group, and click Manage Rule in the Operation column.

            The page for configuring security group rules is displayed.

          7. On the Inbound Rules tab, click Add Rule.

            The Add Inbound Rule dialog box is displayed.

          8. Configure required parameters.

            You can click + to add more inbound rules.

            -

            Figure 1 Add Inbound Rule
            -
            9. Table 1 Parameter description

            Parameter

            Description

            +

            Description

            Example Value

            +

            Example Value

            Name

            +

            Name

            Mandatory

            +

            Mandatory

            Enter the security group name.

            The security group name can contain a maximum of 64 characters, which may consist of letters, digits, underscores (_), hyphens (-), and periods (.). The name cannot contain spaces.

            NOTE:

            You can change the security group name after a security group is created. It is recommended that you give each security group a different name.

            sg-AB

            +

            sg-AB

            Enterprise Project

            +

            Enterprise Project

            Mandatory

            +

            Mandatory

            When creating a security group, you can add the security group to an enabled enterprise project.

            An enterprise project facilitates project-level management and grouping of cloud resources and users. The name of the default project is default.

            default

            +

            default

            Template

            +

            Template

            Mandatory

            +

            Mandatory

            A template comes with default security group rules, helping you quickly create security groups. The following templates are provided:

            • Custom: This template allows you to create security groups with custom security group rules.
            • General-purpose web server (default value): The security group that you create using this template is for general-purpose web servers and includes default rules that allow all inbound ICMP traffic and allow inbound traffic on ports 22, 80, 443, and 3389.
            • All ports open: The security group that you create using this template includes default rules that allow inbound traffic on any port. Note that allowing inbound traffic on any port poses security risks.

            General-purpose web server

            +

            General-purpose web server

            Description

            +

            Description

            Optional

            +

            Optional

            Supplementary information about the security group. This parameter is optional.

            The security group description can contain a maximum of 255 characters and cannot contain angle brackets (< or >).

            N/A

            +

            N/A
            Table 1 Inbound rule parameter description

            Parameter

            +
            - - - - - - - - - - - - - - - - @@ -73,54 +72,53 @@
          9. Click OK.

            The inbound rule list is displayed.

          10. On the Outbound Rules tab, click Add Rule.

            The Add Outbound Rule dialog box is displayed.

          11. Configure required parameters.

            You can click + to add more outbound rules.

            -

            Figure 2 Add Outbound Rule
            -
            12. Table 1 Inbound rule parameter description

            Parameter

            Description

            +

            Description

            Example Value

            +

            Example Value

            Protocol & Port

            +

            Protocol & Port

            The network protocol used to match traffic in a security group rule.

            +

            The network protocol used to match traffic in a security group rule.

            Currently, the value can be All, TCP, UDP, GRE, ICMP, or more.

            TCP

            +

            TCP

            Port: The port or port range over which traffic can reach your ECS. The value can be from 1 to 65535.

            +

            Port: The port or port range over which traffic can reach your ECS. The value can be from 1 to 65535.

            22, or 22-30

            +

            22, or 22-30

            Type

            +

            Type

            Source IP address version. You can select:
            • IPv4
            • IPv6
            +
            Source IP address version. You can select:
            • IPv4
            • IPv6

            IPv4

            +

            IPv4

            Source

            +

            Source

            Source of the security group rule. The value can be an IP address or a security group to allow access from IP addresses or instances in the security group. For example:
            • IP address:
              • Single IP address: 192.168.10.10/32
              • All IP addresses: 0.0.0.0/0
              • IP address range: 192.168.1.0/24
              -
            • Security group: sg-A
            +
            Source of the security group rule. The value can be an IP address, a security group, or an IP address group to allow access from IP addresses or instances in the security group. For example:
            • IP address:
              • Single IP address: 192.168.10.10/32
              • All IP addresses: 0.0.0.0/0
              • IP address range: 192.168.1.0/24
              +
            • Security group: The source is from another security group. You can select a security group in the same region under the current account from the drop-down list. Instance A is in security group A and instance B is in security group B. If security group A has an inbound rule with Action set to Allow and Source set to security group B, access from instance B is allowed to instance A.
            • IP address group: An IP address group is a collection of one or more IP addresses. You can select an available IP address group from the drop-down list. An IP address group can help you manage IP address ranges and IP addresses with same security requirements in a more simple way.

            If the source is a security group, this rule will apply to all instances associated with the selected security group.

            0.0.0.0/0

            +

            0.0.0.0/0

            Description

            +

            Description

            Supplementary information about the security group rule. This parameter is optional.

            +

            Supplementary information about the security group rule. This parameter is optional.

            The security group rule description can contain a maximum of 255 characters and cannot contain angle brackets (< or >).

            N/A

            +

            N/A
            Table 2 Outbound rule parameter description

            Parameter

            +
            - - - - - - - - - - - - - - - - diff --git a/docs/vpc/umn/vpc_qs_0009.html b/docs/vpc/umn/vpc_qs_0009.html index 5f4473359..34a218905 100644 --- a/docs/vpc/umn/vpc_qs_0009.html +++ b/docs/vpc/umn/vpc_qs_0009.html @@ -9,11 +9,11 @@
            Table 2 Outbound rule parameter description

            Parameter

            Description

            +

            Description

            Example Value

            +

            Example Value

            Protocol & Port

            +

            Protocol & Port

            The network protocol used to match traffic in a security group rule.

            +

            The network protocol used to match traffic in a security group rule.

            Currently, the value can be All, TCP, UDP, GRE, ICMP, or more.

            TCP

            +

            TCP

            Port: The port or port range over which traffic can leave your ECS. The value can be from 1 to 65535.

            +

            Port: The port or port range over which traffic can leave your ECS. The value can be from 1 to 65535.

            22, or 22-30

            +

            22, or 22-30

            Type

            +

            Type

            Source IP address version. You can select:
            • IPv4
            • IPv6
            +
            Source IP address version. You can select:
            • IPv4
            • IPv6

            IPv4

            +

            IPv4

            Destination

            +

            Destination

            Destination of the security group rule. The value can be an IP address or a security group to allow access to IP addresses or instances in the security group. For example:

            +

            Destination of the security group rule. The value can be an IP address or a security group to allow access to IP addresses or instances in the security group. For example:

            • IP address:
              • Single IP address: 192.168.10.10/32
              • All IP addresses: 0.0.0.0/0
              • IP address range: 192.168.1.0/24
              -
            • Security group: sg-A
            +
          12. Security group: The source is from another security group. You can select a security group in the same region under the current account from the drop-down list. Instance A is in security group A and instance B is in security group B. If security group A has an inbound rule with Action set to Allow and Source set to security group B, access from instance B is allowed to instance A.
          13. IP address group: An IP address group is a collection of one or more IP addresses. You can select an available IP address group from the drop-down list. An IP address group can help you manage IP address ranges and IP addresses with same security requirements in a more simple way.

            14. 0.0.0.0/0

            +

            0.0.0.0/0

            Description

            +

            Description

            Supplementary information about the security group rule. This parameter is optional.

            +

            Supplementary information about the security group rule. This parameter is optional.

            The security group rule description can contain a maximum of 255 characters and cannot contain angle brackets (< or >).

            N/A

            +

            N/A
            - - - @@ -89,20 +89,30 @@ - - - - + + + + + - diff --git a/docs/vpc/umn/vpc_qs_0010.html b/docs/vpc/umn/vpc_qs_0010.html index 1995f748a..104a2ed16 100644 --- a/docs/vpc/umn/vpc_qs_0010.html +++ b/docs/vpc/umn/vpc_qs_0010.html @@ -32,11 +32,20 @@ - - - + + + + - @@ -57,7 +57,7 @@ diff --git a/docs/vpc/umn/vpc_qs_0012.html b/docs/vpc/umn/vpc_qs_0012.html index 875865d43..52c5b3ef2 100644 --- a/docs/vpc/umn/vpc_qs_0012.html +++ b/docs/vpc/umn/vpc_qs_0012.html @@ -9,52 +9,51 @@
          14. In the navigation pane on the left, choose Access Control > Security Groups.

            The security group list is displayed.

          15. In the upper right corner, click Create Security Group.

            The Create Security Group page is displayed.

          16. Configure the parameters as prompted.
            Figure 1 Create Security Group
            -

            -
            17. Table 1 VPC parameter descriptions

            Category

            Parameter

            +

            Parameter

            Description

            +

            Description

            Example Value

            +

            Example Value

            Subnet

            Default Subnet

            +

            Default Subnet

            CIDR Block

            +

            IPv4 CIDR Block

            The CIDR block for the subnet. This value must be within the VPC CIDR block.

            +

            The CIDR block for the subnet. This value must be within the VPC CIDR block.

            192.168.0.0/24

            +

            192.168.0.0/24

            +

            Default Subnet

            +

            IPv6 CIDR Block

            +

            Specifies whether to set IPv6 CIDR Block to Enable.

            +

            After the IPv6 function is enabled, the system automatically assigns an IPv6 CIDR block to the created subnet. Currently, the IPv6 CIDR block cannot be customized. IPv6 cannot be disabled after the subnet is created.

            +

            -

            Default Subnet

            Associated Route Table

            The default route table to which the subnet will be associated. You can change the route table to a custom route table on the Subnets page.

            +

            The default route table to which the subnet will be associated. You can change the route table to a custom route table on the Subnets page.

            Default

            Subnet

            CIDR Block

            +

            IPv4 CIDR Block

            The CIDR block for the subnet. This value must be within the VPC CIDR block.

            +

            The CIDR block for the subnet. This value must be within the VPC CIDR block.

            192.168.0.0/24

            +

            192.168.0.0/24

            +

            IPv6 CIDR Block

            +

            Specifies whether to set IPv6 CIDR Block to Enable.

            +

            +

            If you select this option, the system automatically assigns an IPv6 CIDR block to the created subnet. Currently, the IPv6 CIDR block cannot be customized. IPv6 cannot be disabled after the subnet is created.

            +

            -

            Associated Route Table

            diff --git a/docs/vpc/umn/vpc_qs_0011.html b/docs/vpc/umn/vpc_qs_0011.html index 02abef8a7..23d44fc4d 100644 --- a/docs/vpc/umn/vpc_qs_0011.html +++ b/docs/vpc/umn/vpc_qs_0011.html @@ -26,7 +26,7 @@

            EIP Type

            • Dynamic BGP: Dynamic BGP provides automatic failover and chooses the optimal path when a network connection fails.
            • Mail BGP: EIPs with port 25, 465, or 587 enabled are used for email services.
            +
            • Dynamic BGP: Dynamic BGP provides automatic failover and chooses the optimal path when a network connection fails.
            • Mail BGP: EIPs with port 25, 465, or 587 enabled are used for email services.

            The selected EIP type cannot be changed after the EIP is assigned.

            Dynamic BGP

            @@ -35,7 +35,7 @@

            Billed By

            Two options are available:

            -
            • Dedicated: The bandwidth can be used by only one EIP.
            • Shared: The bandwidth can be shared by multiple EIPs.
            +
            • Dedicated: The bandwidth can be used by only one EIP.
            • Shared: The bandwidth can be shared by multiple EIPs.

            Dedicated

            Enterprise Project

            The enterprise project that the EIP belongs to.

            -

            An enterprise project facilitates project-level management and grouping of cloud resources and users. The name of the default project is default.

            +

            An enterprise project facilitates project-level management and grouping of cloud resources and users. The name of the default project is default.

            default

            Table 1 Parameter description

            Parameter

            +
            - - - - - - - - - - - - - - diff --git a/docs/vpc/umn/vpc_qs_0013.html b/docs/vpc/umn/vpc_qs_0013.html index 3a652107e..3ac78c472 100644 --- a/docs/vpc/umn/vpc_qs_0013.html +++ b/docs/vpc/umn/vpc_qs_0013.html @@ -17,54 +17,53 @@
          17. Locate the row that contains the target security group, and click Manage Rule in the Operation column.

            The page for configuring security group rules is displayed.

          18. On the Inbound Rules tab, click Add Rule.

            The Add Inbound Rule dialog box is displayed.

          19. Configure required parameters.

            You can click + to add more inbound rules.

            -

            Figure 1 Add Inbound Rule
            -
            20. Table 1 Parameter description

            Parameter

            Description

            +

            Description

            Example Value

            +

            Example Value

            Name

            +

            Name

            Mandatory

            +

            Mandatory

            Enter the security group name.

            The security group name can contain a maximum of 64 characters, which may consist of letters, digits, underscores (_), hyphens (-), and periods (.). The name cannot contain spaces.

            NOTE:

            You can change the security group name after a security group is created. It is recommended that you give each security group a different name.

            sg-AB

            +

            sg-AB

            Enterprise Project

            +

            Enterprise Project

            Mandatory

            +

            Mandatory

            When creating a security group, you can add the security group to an enabled enterprise project.

            An enterprise project facilitates project-level management and grouping of cloud resources and users. The name of the default project is default.

            default

            +

            default

            Template

            +

            Template

            Mandatory

            +

            Mandatory

            A template comes with default security group rules, helping you quickly create security groups. The following templates are provided:

            • Custom: This template allows you to create security groups with custom security group rules.
            • General-purpose web server (default value): The security group that you create using this template is for general-purpose web servers and includes default rules that allow all inbound ICMP traffic and allow inbound traffic on ports 22, 80, 443, and 3389.
            • All ports open: The security group that you create using this template includes default rules that allow inbound traffic on any port. Note that allowing inbound traffic on any port poses security risks.

            General-purpose web server

            +

            General-purpose web server

            Description

            +

            Description

            Optional

            +

            Optional

            Supplementary information about the security group. This parameter is optional.

            The security group description can contain a maximum of 255 characters and cannot contain angle brackets (< or >).

            N/A

            +

            N/A
            Table 1 Inbound rule parameter description

            Parameter

            +
            - - - - - - - - - - - - - - - - @@ -73,54 +72,53 @@
          20. Click OK.

            The inbound rule list is displayed.

          21. On the Outbound Rules tab, click Add Rule.

            The Add Outbound Rule dialog box is displayed.

          22. Configure required parameters.

            You can click + to add more outbound rules.

            -

            Figure 2 Add Outbound Rule
            -
            23. Table 1 Inbound rule parameter description

            Parameter

            Description

            +

            Description

            Example Value

            +

            Example Value

            Protocol & Port

            +

            Protocol & Port

            The network protocol used to match traffic in a security group rule.

            +

            The network protocol used to match traffic in a security group rule.

            Currently, the value can be All, TCP, UDP, GRE, ICMP, or more.

            TCP

            +

            TCP

            Port: The port or port range over which traffic can reach your ECS. The value can be from 1 to 65535.

            +

            Port: The port or port range over which traffic can reach your ECS. The value can be from 1 to 65535.

            22, or 22-30

            +

            22, or 22-30

            Type

            +

            Type

            Source IP address version. You can select:
            • IPv4
            • IPv6
            +
            Source IP address version. You can select:
            • IPv4
            • IPv6

            IPv4

            +

            IPv4

            Source

            +

            Source

            Source of the security group rule. The value can be an IP address or a security group to allow access from IP addresses or instances in the security group. For example:
            • IP address:
              • Single IP address: 192.168.10.10/32
              • All IP addresses: 0.0.0.0/0
              • IP address range: 192.168.1.0/24
              -
            • Security group: sg-A
            +
            Source of the security group rule. The value can be an IP address, a security group, or an IP address group to allow access from IP addresses or instances in the security group. For example:
            • IP address:
              • Single IP address: 192.168.10.10/32
              • All IP addresses: 0.0.0.0/0
              • IP address range: 192.168.1.0/24
              +
            • Security group: The source is from another security group. You can select a security group in the same region under the current account from the drop-down list. Instance A is in security group A and instance B is in security group B. If security group A has an inbound rule with Action set to Allow and Source set to security group B, access from instance B is allowed to instance A.
            • IP address group: An IP address group is a collection of one or more IP addresses. You can select an available IP address group from the drop-down list. An IP address group can help you manage IP address ranges and IP addresses with same security requirements in a more simple way.

            If the source is a security group, this rule will apply to all instances associated with the selected security group.

            0.0.0.0/0

            +

            0.0.0.0/0

            Description

            +

            Description

            Supplementary information about the security group rule. This parameter is optional.

            +

            Supplementary information about the security group rule. This parameter is optional.

            The security group rule description can contain a maximum of 255 characters and cannot contain angle brackets (< or >).

            N/A

            +

            N/A
            Table 2 Outbound rule parameter description

            Parameter

            +
            - - - - - - - - - - - - - - - - diff --git a/docs/vpc/umn/vpc_route01_0001.html b/docs/vpc/umn/vpc_route01_0001.html index 6e5fb248f..ef82f9f26 100644 --- a/docs/vpc/umn/vpc_route01_0001.html +++ b/docs/vpc/umn/vpc_route01_0001.html @@ -4,12 +4,14 @@

            Route Tables

            A route table contains a set of routes that are used to determine where network traffic from your subnets in a VPC is directed. Each subnet must be associated with a route table. A subnet can only be associated with one route table, but you can associate multiple subnets with the same route table.

            Figure 1 Route tables
            • Default route table: When you create a VPC, the system automatically generates a default route table for the VPC. If you create a subnet in the VPC, the subnet automatically associates with the default route table. The default route table ensures that subnets in a VPC can communicate with each other.
              • You can add routes to, delete routes from, and modify routes in the default route table, but cannot delete the table.
              • When you create a VPC endpoint, VPN or Direct Connect connection, the default route table automatically delivers a route that cannot be deleted or modified.
              -
            • Custom route table: If you do not want to use the default route table, you can create a custom route table and associate it with the subnet. Custom route tables can be deleted if they are no longer required.

              The custom route table associated with a subnet affects only the outbound traffic. The default route table controls the inbound traffic.

              +
            • Custom route table: If you do not want to use the default route table, you can create a custom route table and associate it with the subnet. Custom route tables can be deleted if they are no longer required.

              The custom route table associated with a subnet affects only the outbound traffic. The default route table of a subnet controls the inbound traffic.

            Route

            You can add routes to default and custom route tables and configure the destination, next hop type, and next hop in the routes to determine where network traffic is directed. Routes are classified into system routes and custom routes.

            -
            • System routes: These routes are automatically added by the system and cannot be modified or deleted.
              After a route table is created, the system automatically adds the following system routes to the route table, so that instances in a VPC can communicate with each other.
              • Routes whose destination is 100.64.0.0/10 or 198.19.128.0/20.
              • Routes whose destination is a subnet CIDR block.

                In addition to the preceding system routes, the system automatically adds a route whose destination is 127.0.0.0/8. This is the local loopback address.

                +
                • System routes: These routes are automatically added by the system and cannot be modified or deleted.
                  After a route table is created, the system automatically adds the following system routes to the route table, so that instances in a VPC can communicate with each other.
                  • Routes whose destination is 100.64.0.0/10 or 198.19.128.0/20.
                  • Routes whose destination is a subnet CIDR block.
                    If you enable IPv6 when creating a subnet, the system automatically assigns an IPv6 CIDR block to the subnet. Then, you can view IPv6 routes in its route table. Example destinations of subnet CIDR blocks are as follows:
                    • IPv4: 192.168.2.0/24
                    • IPv6: 2407:c080:802:be7::/64
                    +
                    +

                    In addition to the preceding system routes, the system automatically adds a route whose destination is 127.0.0.0/8. This is the local loopback address.

                  diff --git a/docs/vpc/umn/vpc_route01_0010.html b/docs/vpc/umn/vpc_route01_0010.html index 86ad4d3cc..48ff1e75d 100644 --- a/docs/vpc/umn/vpc_route01_0010.html +++ b/docs/vpc/umn/vpc_route01_0010.html @@ -6,7 +6,7 @@

                  Notes and Constraints

                  • The default route table cannot be deleted.
                  • A custom route table with a subnet associated cannot be deleted directly.

                    If you want to delete such a route table, you can associate the subnet with another route table first by referring to Changing the Route Table Associated with a Subnet.

                  -

                  Procedure

                  1. Log in to the management console.
                  1. Click in the upper left corner and select the desired region and project.
                  2. Click in the upper left corner and choose Network > Virtual Private Cloud. The Virtual Private Cloud page is displayed.
                  3. In the navigation pane on the left, choose Virtual Private Cloud > Route Tables.
                  4. Locate the row that contains the route table you want to delete and click Delete in the Operation column.

                    A confirmation dialog box is displayed.

                    +

                    Procedure

                    1. Log in to the management console.
                    1. Click in the upper left corner and select the desired region and project.
                    2. Click in the upper left corner and choose Network > Virtual Private Cloud. The Virtual Private Cloud page is displayed.
                    3. In the navigation pane on the left, choose Virtual Private Cloud > Route Tables.
                    4. Locate the row that contains the route table you want to delete and click Delete in the Operation column.

                      A confirmation dialog box is displayed.

                    5. Click Yes.
                  diff --git a/docs/vpc/umn/vpc_route_0004.html b/docs/vpc/umn/vpc_route_0004.html index 8cd4481aa..45ee4ed8e 100644 --- a/docs/vpc/umn/vpc_route_0004.html +++ b/docs/vpc/umn/vpc_route_0004.html @@ -13,7 +13,7 @@

                ping www.google.com

                The ECS can access the Internet if the following information is displayed:
                [root@localhost ~]# ping www.google.com
-PING www.XXX.com (xxx.xxx.xxx.xxx) 56(84) bytes of data.
+PING www.google.com (xxx.xxx.xxx.xxx) 56(84) bytes of data.
 64 bytes from xxx.xxx.xxx.xxx: icmp_seq=1 ttl=51 time=9.34 ms
 64 bytes from xxx.xxx.xxx.xxx: icmp_seq=2 ttl=51 time=9.11 ms
 64 bytes from xxx.xxx.xxx.xxx: icmp_seq=3 ttl=51 time=8.99 ms
                diff --git a/docs/vpc/umn/vpc_vip_0002.html b/docs/vpc/umn/vpc_vip_0002.html index 101356333..89eca2b2f 100644 --- a/docs/vpc/umn/vpc_vip_0002.html +++ b/docs/vpc/umn/vpc_vip_0002.html @@ -4,7 +4,8 @@

                Scenarios

                If an ECS requires a virtual IP address or if a virtual IP address needs to be reserved, you can assign a virtual IP address from the subnet.

                Procedure

                1. Log in to the management console.
                2. Click in the upper left corner and select the desired region and project.
                3. Click in the upper left corner and choose Network > Virtual Private Cloud.

                  The Virtual Private Cloud page is displayed.

                  -
                4. In the navigation pane on the left, choose Virtual Private Cloud > Subnets.
                5. In the subnet list, click the name of the subnet where a virtual IP address is to be assigned.
                6. Click the IP Addresses tab and click Assign Virtual IP Address.
                7. Select a virtual IP address assignment mode.
                  • Automatic: The system assigns an IP address automatically.
                  • Manual: You can specify an IP address.
                  +
                8. In the navigation pane on the left, choose Virtual Private Cloud > Subnets.
                9. In the subnet list, click the name of the subnet where a virtual IP address is to be assigned.
                10. Click the IP Addresses tab and click Assign Virtual IP Address.
                11. Select an IP address type. This parameter is available only in regions supporting IPv6.
                  • IPv4
                  • IPv6
                  +
                12. Select a virtual IP address assignment mode.
                  • Automatic: The system assigns an IP address automatically.
                  • Manual: You can specify an IP address.
                13. Select Manual and enter a virtual IP address.
                14. Click OK.

                You can then query the assigned virtual IP address in the IP address list.

                diff --git a/docs/vpc/umn/vpc_vpc_0004.html b/docs/vpc/umn/vpc_vpc_0004.html index da0532fce..21290da4f 100644 --- a/docs/vpc/umn/vpc_vpc_0004.html +++ b/docs/vpc/umn/vpc_vpc_0004.html @@ -34,7 +34,7 @@
            Table 2 Outbound rule parameter description

            Parameter

            Description

            +

            Description

            Example Value

            +

            Example Value

            Protocol & Port

            +

            Protocol & Port

            The network protocol used to match traffic in a security group rule.

            +

            The network protocol used to match traffic in a security group rule.

            Currently, the value can be All, TCP, UDP, GRE, ICMP, or more.

            TCP

            +

            TCP

            Port: The port or port range over which traffic can leave your ECS. The value can be from 1 to 65535.

            +

            Port: The port or port range over which traffic can leave your ECS. The value can be from 1 to 65535.

            22, or 22-30

            +

            22, or 22-30

            Type

            +

            Type

            Source IP address version. You can select:
            • IPv4
            • IPv6
            +
            Source IP address version. You can select:
            • IPv4
            • IPv6

            IPv4

            +

            IPv4

            Destination

            +

            Destination

            Destination of the security group rule. The value can be an IP address or a security group to allow access to IP addresses or instances in the security group. For example:

            +

            Destination of the security group rule. The value can be an IP address or a security group to allow access to IP addresses or instances in the security group. For example:

            • IP address:
              • Single IP address: 192.168.10.10/32
              • All IP addresses: 0.0.0.0/0
              • IP address range: 192.168.1.0/24
              -
            • Security group: sg-A
            +
          23. Security group: The source is from another security group. You can select a security group in the same region under the current account from the drop-down list. Instance A is in security group A and instance B is in security group B. If security group A has an inbound rule with Action set to Allow and Source set to security group B, access from instance B is allowed to instance A.
          24. IP address group: An IP address group is a collection of one or more IP addresses. You can select an available IP address group from the drop-down list. An IP address group can help you manage IP address ranges and IP addresses with same security requirements in a more simple way.

            25. 0.0.0.0/0

            +

            0.0.0.0/0

            Description

            +

            Description

            Supplementary information about the security group rule. This parameter is optional.

            +

            Supplementary information about the security group rule. This parameter is optional.

            The security group rule description can contain a maximum of 255 characters and cannot contain angle brackets (< or >).

            N/A

            +

            N/A

            Procedure

            Search for VPCs by tag key and value on the page showing the VPC list.
            1. Log in to the management console.
            2. Click in the upper left corner and select the desired region and project.
            3. Click in the upper left corner and choose Network > Virtual Private Cloud.

              The Virtual Private Cloud page is displayed.

              -
            4. In the search box above the subnet list, click the search box.

              Click the tag key and then the value as required. The system filters resources based on the tag you select.

              +
            5. In the search box above the VPC list, click anywhere in the search box.

              Click the tag key and then the value as required. The system filters resources based on the tag you select.

              Click anywhere in the search box to add the next tag key and value.

              You can add multiple tag keys and values to refine your search results. If you add more than one tag to search for VPCs, the VPCs containing all specified tags will be displayed.

            diff --git a/docs/vpc/umn/vpc_vpc_0005.html b/docs/vpc/umn/vpc_vpc_0005.html index 1def64060..254576706 100644 --- a/docs/vpc/umn/vpc_vpc_0005.html +++ b/docs/vpc/umn/vpc_vpc_0005.html @@ -34,15 +34,16 @@

            Procedure

            Search for subnets by tag key and value on the page showing the subnet list.
            1. Log in to the management console.
            2. Click in the upper left corner and select the desired region and project.
            3. Click in the upper left corner and choose Network > Virtual Private Cloud.

              The Virtual Private Cloud page is displayed.

              -
            4. In the navigation pane on the left, choose Virtual Private Cloud > Subnets.

              The Subnets page is displayed.

              -
            5. Click + to add another tag key and value.

              You can add multiple tag keys and values to refine your search results. If you add more than one tag to search for subnets, the subnets containing all specified tags will be displayed.

              -
            6. In the search box above the subnet list, click the search box.

              Click the tag key and then the value as required. The system filters resources based on the tag you select.

              +
            7. In the navigation pane on the left, choose Virtual Private Cloud > Subnets.

              The Subnets page is displayed.

              +
            8. In the search box above the subnet list, click the search box.

              Click the tag key and then the value as required. The system filters resources based on the tag you select.

              +

              Click anywhere in the search box to add the next tag key and value.

              +

              You can add multiple tag keys and values to refine your search results. If you add more than one tag to search for VPCs, the VPCs containing all specified tags will be displayed.

            Add, delete, edit, and view tags on the Tags tab of a subnet.
            1. Log in to the management console.
            2. Click in the upper left corner and select the desired region and project.
            3. Click in the upper left corner and choose Network > Virtual Private Cloud.

              The Virtual Private Cloud page is displayed.

              -
            4. In the navigation pane on the left, choose Virtual Private Cloud > Subnets.

              The Subnets page is displayed.

              -
            5. In the subnet list, locate the target subnet and click its name.
            6. On the subnet details page, click the Tags tab and perform desired operations on tags.
              • View tags.

                On the Tags tab, you can view details about tags added to the current subnet, including the number of tags and the key and value of each tag.

                -
              • Add a tag.

                Click Add Tag in the upper left corner. In the displayed Add Tag dialog box, enter the tag key and value, and click OK.

                +
              • In the navigation pane on the left, choose Virtual Private Cloud > Subnets.

                The Subnets page is displayed.

                +
              • In the subnet list, locate the target subnet and click its name.
              • On the subnet details page, click the Tags tab and perform desired operations on tags.
                • View tags.

                  On the Tags tab, you can view details about tags added to the current subnet, including the number of tags and the key and value of each tag.

                  +
                • Add a tag.

                  Click Add Tag in the upper left corner. In the displayed Add Tag dialog box, enter the tag key and value, and click OK.

                • Edit a tag.

                  Locate the row that contains the tag you want to edit, and click Edit in the Operation column. Enter the new tag key and value, and click OK.

                • Delete a tag.

                  Locate the row that contains the tag you want to delete, and click Delete in the Operation column. In the displayed dialog box, click Yes.

                diff --git a/docs/vpc/umn/vpc_vpc_0010.html b/docs/vpc/umn/vpc_vpc_0010.html index e66b144e9..bb70f9b84 100644 --- a/docs/vpc/umn/vpc_vpc_0010.html +++ b/docs/vpc/umn/vpc_vpc_0010.html @@ -4,7 +4,7 @@

                Scenarios

                Information about all subnets under your account can be exported as an Excel file to a local directory. This file records the name, ID, VPC, CIDR block, and associated route table of each subnet.

                Procedure

                1. Log in to the management console.
                2. Click in the upper left corner and select the desired region and project.
                3. Click in the upper left corner and choose Network > Virtual Private Cloud.

                  The Virtual Private Cloud page is displayed.

                  -
                4. In the navigation pane on the left, choose Virtual Private Cloud > Subnets.

                  The Subnets page is displayed.

                  +
                5. In the navigation pane on the left, choose Virtual Private Cloud > Subnets.

                  The Subnets page is displayed.

                6. In the upper right corner of the subnet list, click .

                  The system will automatically export information about all subnets under your account in the current region as an Excel file to a local directory.

                diff --git a/docs/vpc/umn/vpc_vpc_0011.html b/docs/vpc/umn/vpc_vpc_0011.html index ae122c1a2..ccef6276c 100644 --- a/docs/vpc/umn/vpc_vpc_0011.html +++ b/docs/vpc/umn/vpc_vpc_0011.html @@ -7,7 +7,7 @@

            Procedure

            1. Log in to the management console.
            2. Click in the upper left corner and select the desired region and project.
            3. Click in the upper left corner and choose Network > Virtual Private Cloud.

              The Virtual Private Cloud page is displayed.

              -
            4. In the navigation pane on the left, choose Virtual Private Cloud > Subnets.

              The Subnets page is displayed.

              +
            5. In the navigation pane on the left, choose Virtual Private Cloud > Subnets.

              The Subnets page is displayed.

            6. Locate the target subnet and click its name.

              The subnet details page is displayed.

            7. On the Summary page, view the resources in the subnet.
              1. In the VPC Resources area, view the quantities of resources, such as ECSs, BMSs, network interfaces, and load balancers, in the subnet. Click the resource quantity with a hyperlink to view the resources in the subnet.
              2. In the Networking Components area on the right of the page, view the NAT gateway, route table, and subnet.
              Figure 1 Viewing resources in a subnet
              diff --git a/docs/vpc/umn/vpc_vpc_0012.html b/docs/vpc/umn/vpc_vpc_0012.html index c92ec70ab..52285c322 100644 --- a/docs/vpc/umn/vpc_vpc_0012.html +++ b/docs/vpc/umn/vpc_vpc_0012.html @@ -8,7 +8,7 @@

              Notes and Constraints

              • A subnet cannot be deleted if its IP addresses are used by cloud resources.
              • A subnet can be deleted if its IP addresses are used by itself.

              Procedure

              1. Log in to the management console.
              2. Click in the upper left corner and select the desired region and project.
              3. Click in the upper left corner and choose Network > Virtual Private Cloud.

                The Virtual Private Cloud page is displayed.

                -
              4. In the navigation pane on the left, choose Virtual Private Cloud > Subnets.

                The Subnets page is displayed.

                +
              5. In the navigation pane on the left, choose Virtual Private Cloud > Subnets.

                The Subnets page is displayed.

              6. Locate the target subnet and click its name.

                The subnet details page is displayed.

              7. Click the IP Addresses tab to view the IP addresses in the subnet.
                1. In the virtual IP address list, you can view the virtual IP addresses assigned from the subnet.
                2. In the private IP address list in the lower part of the page, you can view the private IP addresses used by the subnet (gateway, system interface, and DHCP).