All Products
Search
Document Center

Virtual Private Cloud:Troubleshooting

Last Updated:Apr 11, 2024

This topic describes how to use the troubleshooting feature of Virtual Private Cloud (VPC) to troubleshoot VPC connectivity issues, unexpected fees, and quota issues. The troubleshooting feature also provides solutions. Your services and instance configurations are not affected during the analysis process.

Procedure

  1. Log on to the VPC console.

  2. In the left-side navigation pane, click Troubleshooting.
  3. On the VPC tab, select an issue type and follow the instructions at the bottom of the page to obtain references, suggestions, or perform troubleshooting.
    For more information about VPC issue types, troubleshooting methods, and references, see Issue types.

Issue types

Issue typePossible cause/Suggestion
Network ConnectivityIf you encounter network connectivity issues, you can troubleshoot based on the following information:
  • ECS instances in a VPC cannot communicate with each other

    Inbound and outbound traffic of Elastic Compute Service (ECS) instances are controlled by security group rules and the network ACLs of the vSwitch where the ECS instances reside. For more information, see Create and manage network ACLs and Add security group rules.

  • ECS instances in a VPC cannot access ECS instances in another VPC
    You can establish cross-VPC communication by using VPC peering connections or by using a Cloud Enterprise Network (CEN) instance and configuring routes. In addition, make sure that the security group rules and network ACL rules allow access from the ECS instances and vSwitches. For more information, see the following topics:
  • The network latency is high when ECS instances in a VPC access other cloud services or ECS instances

    The network latency between instances in the same zone is low. If you are experiencing a high response time, check whether the source and destination instances are deployed in different zones.

  • Unable to access the Internet
    Troubleshoot Internet access failures based on the following information:
Note
  • You can also send connectivity probes to troubleshoot issues such as ECS instances in a VPC cannot communicate with each other and ECS instances in a VPC cannot access ECS instances in another VPC.
  • Connectivity probes: You can use the reachability analyzer of Network Intelligence Service (NIS) to check the connectivity between a VPC and a network resource. For more information about the reachability analyzer, see Work with the reachability analyzer.
Connection between VPC and External NetworkIf you encounter connection issues between a VPC and an external network, you can troubleshoot based on the following information:
  • Connect different VPCs

    You can enable private communication between VPCs by using CEN, VPN gateways, VPC peering connections, or PrivateLink. For more information about the preceding solutions, see Overview of VPC connections.

  • Connect a VPC to the Internet

    You can enable ECS instances in a VPC to communicate with the Internet by assigning public IP addresses to the ECS instances, associating EIPs with the ECS instances, using a NAT gateway, or using Server Load Balancer (SLB). For more information, see Internet access overview.

  • Connect a VPC to a data center

    You can connect a data center to a VPC through a VPN gateway, an Express Connect circuit, or Smart Access Gateway (SAG). For more information, see Connect a data center to a VPC.

FeeIf you encounter issues related to service activation and billing, you can troubleshoot based on the following information:
  • Billing of flow logs

    You are charged log generation fees and service fees of Simple Log Service. Log generation fees are charged by VPC on a tiered pricing model. Service fees are charged by Simple Log Service. For more information, see Billing of flow logs.

  • Billing of VPC peering connections

    You are not charged for intra-region VPC peering connections. You are charged data transfer fees for inter-region VPC peering connections. The billing is managed by Cloud Data Transfer (CDT). For more information, see What is CDT?

  • Billing of traffic mirroring

    Total fee = Instance fee + Data transfer fee (currently not charged) For more information, see Billing.

QuotaIf you encounter issues related to insufficient VPC quotas, you can troubleshoot based on the following information: