Networking Services of Huawei CLOUD
Everything You Need To Know
Part # 1
Building robust & reliable infrastructure on the cloud requires the integration of some vital elements of networking services.

Huawei CLOUD
In this article for networking services, we will learn how networks construct work, the architecture used to design networks, and how to keep them secure.
Overview
In continuation of articles on Huawei CLOUD, we started the journey with a brief walk-through cloud of Huawei ( Link ), What is unique about Huawei Cloud, Its global footprint, and describing Huawei Cloud Portal & Console.
Next, we have an article for selecting Networking Services of the cloud ( Link ) , brief about networking services and when to select each of them.
We will start with few services and the remaining will be covered in the next post J
Huawei CLOUD Networking Service
Huawei cloud has a very extensive list of networking services including VPC, VPN, DNS, gateways & interconnects.

Networking Service in CLOUD
Source: Huawei CLOUD Website
VPC
EIP (Elastic IP)
NAT Gateway
DNS
VPN
Connections – Cloud Connect
Connections – Direct Connect
1. VPC
Virtual Private Cloud is the most foundational service, it provisions logically isolated, configurable, and manageable space virtual networks for cloud servers for improving security and simplifying network.
Free , Simple to set-up and use & Secure and monitored network
VPC has complete control, including IP selection, creation of subnets, and configuration of route tables and network gateways

VPC - CLOUD
Source: Huawei CLOUD Website
Ingredient of VPC
• VPC and Subnet
• CIDR Block
A private CIDR block is used by the VPC. The VPC service supports the following CIDR blocks:
10.0.0.0 – 10.255.255.255 172.16.0.0 – 172.31.255.255 192.168.0.0 – 192.168.255.255

Public Vs Private IP
• Subnet
• IP address range (Subnet) which is defined in VPC and provides addressing to ECS(VMs) in AZ (Availability Zone)
• Route Table
• A route table contains routes, which are used to determine where traffic is directed.
• Access Control
• Security Group
• A security group is like a virtual firewall to provide access rules for cloud resources that have the same security protection requirements.
• Inbound and outbound rules can be added to precisely control inbound and outbound traffic at the subnet level
• Network ACL
• ACL is an optional layer of security. The network ACL helps to control traffic in and out of the subnets.

Virtual Private Cloud
Source: Huawei CLOUD Website
VPC Connectivity
VPC Peering allows two VPCs in the same region to communicate with each other using private IP addresses.
Elastic IP or NAT Gateway allows ECSs in a VPC to communicate with the Internet.
Virtual Private Network (VPN), Cloud Connect, or Direct Connect can connect a VPC to your data center.
Use cases
• Host a simple, public-facing website
• Host multi-tier web applications
• Back up and recover your data after a disaster
• Extend your corporate network into the cloud
• Securely connect cloud applications to your datacenter
2. Elastic IP
Elastic IP (EIP) is used to assign static public IP addresses and scalable bandwidths to connect the internet.
It is very flexible and can be bound to or unbound from ECSs, BMSs, virtual IP addresses, NAT gateways, or load balancers. It is used in a specific Region only, and cannot be moved to a different Region.
Public IPv4 or IPv6 address & EIP is UNIQUE

Elastic IP
Source: Huawei CLOUD Website
ECS = Elastic Compute Server, BMS = Bare Metal Server, LB = Load Balancer
3. NAT Gateway
Sometimes VMs (Servers) needs access to the internet in a Private Subnet during the maintenance window for upgrading software or patching
But it avoids the internet from initiating connections with the VMs.

NAT Gateway
Source: Huawei CLOUD Website
Some key points associated with NAT Gateway
• Only one Elastic IP address with a NAT gateway.
• Network ACL (NACL) can be used to control the traffic to and from the subnet in which the NAT gateway is located. cannot associate a security group though.
• It supports the TCP, UDP, and ICMP protocols.
Features of NAT Gateway
• High Performance
• Flexible Deployment
• Ease of Use
• Cost-Effective
4. DNS
Domain Name System is a highly available and scalable authoritative DNS service that translates domain names into IP addresses, reliably directing end-users to your applications.

DNS in CLOUD
Source: Huawei CLOUD Website
It can be used with virtual instances, Elastic Load Balancing load balancers or storage – and can also be used to route users to infrastructure outside of Cloud
Use Cases:
q Service Management
creates public and private zones for the same domain name and deploys your applications online and offline.
q Application Deployment
can map private IP addresses of servers to private domain names in specific VPCs, thereby allowing the servers to communicate by using domain names.
q General DNS Resolution
DNS enables you to map domain names to instances such as ECSs, OBS buckets, and load balancers.
Features
· Flexible Routing
· High performance
· Robust Security
It is not the end but the beginning. Sharing about more networking services of Huawei CLOUD in the next article.
You are welcome to leave a message and exchange in the comment area. Thank you!




