We recommend that you connect two Elastic Compute Service (ECS) instances deployed in the same region by using an internal network, instead of the Internet. ECS instances can also be connected to ApsaraDB RDS instances, Server Load Balancer (SLB) instances, and Object Storage Service (OSS) buckets over the internal network.
The solution for an internal network varies according to the network types, Alibaba Cloud accounts, regions, and security groups of the ECS instances. The following table can help you find the solution that suits your needs.
Network type | Account | Region | Security group | Solution |
The ECS instances are in the same Virtual Private Cloud (VPC). | They belong to the same account or different accounts. | They are deployed in the same region. | They are in the same security group. | They are connected through an internal network by default. Note You can also implement network isolation within the security group. For more information, see Network isolation within a basic security group. |
They are in different security groups. | ||||
The ECS instances are in different VPCs. | They belong to the same account or different accounts. | They are deployed in the same region. | They are in different security groups. | |
They are deployed in different regions. | ||||
The ECS instances are in the classic network. | They belong to the same account. | They are deployed in the same region. | They are in the same security group. | They are connected through an internal network by default. |
They belong to different accounts. | They are deployed in the same region. | They are in different security groups. | ||
One of the ECS instances is in the classic network and the other is in a VPC. | / | / | / |