Network FAQ

What is the packet loss rate when ECS instances in different regions communicate over the Internet?

When ECS instances in different regions communicate over the Internet, a 99th percentile of the hourly packet loss rate of less than 0.0001% can be expected.

What is the network latency for ECS instances in the same region that communicate over the internal network?

You can obtain minimal latency when ECS instances in the same zone and region communicate with each other over the internal network. The one-way latency for communication at the 99th percentile is less than 180 μs between instances in the same zone.

How is the performance of connections ensured for ECS instances for which the maximum number of connections is not specified?

What do I do if the performance of an ECS instance is unstable when I perform a UDP PPS test or TCP bandwidth test on the instance?

When you perform a network performance test on an ECS instance, various factors may affect the test result. The factors include the performance tuning methods that you use, such as non-uniform memory access (NUMA) topology adaptation, binding vCPUs to tasks, and binding vCPUs to interrupts.

For example, if a receive task such as a netserver process and a network interface controller (NIC) receive queue interrupt are bound to the same vCPU during a single-stream TCP bandwidth test, the NIC triggers an interrupt to interrupt the receive task when the NIC receives data frames. If the receive task is frequently interrupted, the test result may fail to meet your expectations. In this case, you can bind the receive task and the NIC receive queue interrupt to different vCPUs to obtain better test results by using the performance advantages of multiple vCPUs.

Does the public bandwidth of an ECS instance fluctuate?

If you use the pay-by-bandwidth billing method for network usage, the public bandwidth that you specified remains unchanged and does not fluctuate based on other factors.

If you use the pay-by-traffic billing method for network usage, the maximum inbound and outbound bandwidths are used as the upper limits rather than guaranteed performance specifications. In scenarios in which demand exceeds resource supplies, the maximum bandwidths may not be reached. If you require guaranteed bandwidths for your instance, use the pay-by-bandwidth billing method for network usage. For more information, see Network bandwidth.

Why is 200 Kbit/s of inbound traffic already consumed on a new ECS instance?

The traffic is generated by Address Resolution Protocol (ARP) broadcast packets. Each ECS instance is assigned to a large CIDR block. When the gateway receives an ARP request packet for an ECS instance, the gateway broadcasts this packet to all ECS instances within the same CIDR block. The new instance also receives the packet. If the request is not destined for the new instance, the instance does not send an ARP reply packet.

Why is the bandwidth usage of my ECS instance displayed in the CloudMonitor console different from that displayed in the ECS console?

ECS instances function as backend servers of Server Load Balancer (SLB) instances and use the Layer 7 HTTP forwarding model. In this forwarding model, SLB instances forward client requests to ECS instances, and the outbound bandwidth of the ECS instances is used to return responses to the corresponding users. The bandwidth consumed by these responses is not displayed in the ECS console. However, traffic generated by the responses counts towards the outbound traffic of the SLB instances and is displayed in the CloudMonitor console. Therefore, the bandwidth usage of your ECS instance displayed in the CloudMonitor console is different from the bandwidth usage displayed in the ECS console.

My ECS instance is in the Stopped state. Why am I still being charged for outbound traffic on a pay-as-you-go basis?

• Problem description: Your instance is in the Stopped state in the ECS console but is in the Cleaning state in the Anti-DDoS Basic console. You are charged for outbound traffic from the instance on a pay-as-you-go basis every hour.

• Cause: HTTP flood protection is enabled for the ECS instance. When HTTP flood protection is enabled for an ECS instance, the security mechanism sends probe packets to potential attack sources. Therefore, a large volume of outbound traffic is generated.

• Solution: Disable HTTP flood protection for the ECS instance. For more information, see Configure HTTP flood protection.

How do I query the IP address of an ECS instance?

• Linux ECS instance

  Run the ifconfig command to view NIC information. You can view the IP addresses, subnet masks, gateways, Domain Name System (DNS) servers, and MAC addresses in the command output.

• Windows ECS instance

  In Command Prompt, run the ipconfig /all command to view NIC information. You can view the IP addresses, subnet masks, gateways, DNS servers, and MAC addresses in the command output.

For more information, see View IP addresses.

How do I disable the public NIC of an ECS instance?

• Linux ECS instance

  1. Run the ifconfig command to view the name of the public NIC of the instance.

  2. Run the ifdown command to disable the public NIC. For example, if the name of the public NIC is eth1, enter ifdown eth1.

     Note

     You can run the ifup command to re-enable the public NIC. For example, if the name of the public NIC is eth1, enter ifup eth1.

• Windows ECS instance

  1. In Command Prompt, run the ipconfig command to view information about the public NIC.

  2. Open the Control Panel. In the Network and Internet section, click View network status and tasks. In the left-side navigation pane of the Network and Sharing Center window, click Change adapter settings to disable the public NIC.

How do I configure an IPv6 address for an ECS instance?

For information about how to configure an IPv6 address for an ECS instance, see IPv6 communication.

Why does a message similar to "Sorry, your access has been blocked because the requested URL may pose a security threat to the website" appear when I attempt to access a website built on an ECS instance?

• Problem description: When you attempt to access a website built on an ECS instance, a message similar to "Sorry, your access has been blocked because the requested URL may pose a security threat to the website" appears.

• Cause: Web Application Firewall (WAF) identified your access request to the URL as an attack and blocked your access.

• Solution: Add the source public IP address that you want to use to access the website to the WAF whitelist. For more information, see Avoid Anti-DDoS Basic false positives by using a whitelist.

After I configure a secondary private IP address for a Windows ECS instance, the instance cannot access the Internet. Why?

• Problem description: After you configure a secondary private IP address for a Windows ECS instance, the instance cannot access the Internet.

• Cause: In Windows 2008 and later, the longest prefix match algorithm is used to select next hop IP addresses based on the destination IP addresses of outbound traffic. This may result in network connection failures.

• Solution: Run the Netsh command with skipassource set to true to configure a secondary private IP address for the Windows ECS instance.

  Netsh command:

  Netsh int ipv4 add address <Interface> <IP Addr> [<Netmask>] [skipassource=true]

  The following table describes the parameters in the Netsh command.

  Parameter	Description	Example value

  Parameter	Description	Example value
  <Interface>	The network interface with which you want to associate the secondary private IP address.	'Ethernet'
  <IP Addr>	The secondary private IP address.	192.168.0.100
  <Netmask>	The mask of the secondary private IP address.	255.255.255.0

  Sample command:

  Netsh int ipv4 add address 'Ethernet' 192.168.0.100 255.255.255.0 skipassource=true

How do I request reverse lookup for an ECS instance?

Reverse lookup is used in mail services to reject mails from IP addresses mapped to unregistered domain names. Most spammers use dynamic IP addresses or IP addresses mapped to unregistered domain names to send unwanted mail and avoid being tracked. When reverse lookup is enabled on a mail server, the server rejects mails sent from dynamic IP addresses or unregistered domain names to reduce the amount of spams received.

You can submit a ticket to request reverse lookup for your ECS instance. To ensure that your ticket is promptly processed, we recommend that you specify the region, public IP address, and registered domain name of your ECS instance in the ticket.

dig -x 121.196.255.** +trace +nodnssec

1.255.196.121.in-addr.arpa. 3600 IN PTR ops.alidns.com.

Can an IP address point to multiple reverse lookup domain names?

No, each IP address can point only to one reverse lookup domain name. For example, you cannot configure the IP address 121.196.255.** to point to multiple domain names, such as mail.abc.com, mail.ospf.com, and mail.zebra.com.

Can I change the public IP address of an ECS instance after the instance is created?

You can change the public IP address of an ECS instance within 6 hours after the instance is created. For more information, see Change the public IP address of an instance.

Why am I unable to find the option to change the public IP address of an ECS instance in the ECS console?

• You can change the static public IP address of an ECS instance in the ECS console within 6 hours after the instance is created.

• After 6 hours, you cannot change the public IP address, and the Change Public IP Address option is not displayed in the ECS console.

For more information, see Static public IP address.

Can I change the private IP address of an ECS instance?

• You can change the private IP addresses of ECS instances in VPCs. For more information, see Primary private IP address.

• You cannot change the private IP addresses of ECS instances in the classic network.

If no public IPv4 address was assigned to an ECS instance when the instance was being created, how do I assign a public IPv4 address to the instance?

• Apply for an EIP and associate the EIP with the instance. For more information, see Apply for EIPs.

• Modify the public bandwidth configurations of the instance to automatically assign a public IPv4 address to the instance. For information about how to modify the public bandwidth configurations of subscription ECS instances, see Overview of instance configuration changes. For information about how to modify the public bandwidth configurations of pay-as-you-go ECS instances, see Modify the bandwidth configurations of pay-as-you-go instances.

Do all ECS instances support the classic network and VPC network types?

No, not all ECS instances support the classic network and VPC network types. If you purchase your first ECS instance after 17:00 on June 14, 2017 (UTC+8), you cannot select classic network as the network type.

Can I change the network type of an ECS instance?

ECS instances can be migrated only from the classic network to a VPC. For more information, see Migrate ECS instances from the classic network to a VPC.

How can I view the resource quota?

For more information about how to view the limits and quotas of resources, see Limits.