If a CIDR block conflict occurs, you cannot create an office network or create the required number of cloud computers. This affects user experience of Elastic Desktop Service. This topic describes how to plan a CIDR block. You can refer to the instructions that are provided in this topic when you plan a CIDR block.
An office network described in this topic was formerly known as a workspace. A basic office network corresponds to a basic workspace, and an advanced office network corresponds to a standard workspace.
Scenarios
Plan a CIDR block when you create an Active Directory (AD) office network
When you create an AD office network, you must attach the AD office network and your AD to a Cloud Enterprise Network (CEN) instance. In this case, you must plan a CIDR block in advance to prevent network conflicts between the virtual private cloud (VPC) of the office network and the CIDR block of the CEN instance.
Plan a CIDR block when you connect to a cloud computer over Alibaba Cloud VPC
If you want to access a cloud computer over Alibaba Cloud VPC, you must use Express Connect Circuit, Smart Access Gateway (SAG), or VPN Gateway to connect the on-premises network to the cloud. In this case, you must plan a CIDR block in advance to prevent CIDR block conflicts.
Plan a CIDR block when you connect to a cloud computer over an internal network
For example, if your business requires communication between an Elastic Compute Service (ECS) instance and a cloud computer, you must create a CEN instance to enable the mutual access of resources. In this case, plan the following CIDR blocks in advance: the VPC CIDR block of the ECS instance, the CIDR block of the office network in which the cloud computer resides, and the CIDR block of the transit router.
Plan the CIDR block of an office network
The VPC of an office network is used to isolate cloud computers that reside in the office network and must be manually created. You cannot modify an office network VPC after you create the VPC.
You can use one of the following private CIDR blocks as the CIDR block of your office network VPC:
CIDR block | Valid subnet mask |
10.0.0.0 | 12 - 24 |
172.16.0.0 | 12 - 24 |
192.168.0.0 | 16 - 24 |
Examples
For example, you want to access a cloud computer over Alibaba Cloud VPC and use Express Connect Circuit to connect your on-premises data center network to your office network VPC to enable communication between the on-premises data center and the office network.
In this case, you can use the CIDR blocks that are described in the following table.
Item | CIDR block |
Office network VPC | 192.168.0.0/16 |
On-premises data center network | 172.30.0.0/24 |
Peer IP addresses that are configured on the virtual border router (VBR) |
|
Create the required number of cloud computers
Cloud computers that reside in the same office network share the same VPC. When you create a cloud computer in the office network in the Elastic Desktop Service console, the system automatically assigns an IP address from the configured CIDR block to the cloud computer.
Before you configure an office network VPC, take note of the following rules to ensure that you can create the required number of cloud computers in the office network VPC:
If you set the subnet mask of an office network VPC to a large value, the number of IP addresses that can be provided by the office network is small. In this case, you can create only a small number of cloud computers in the office network.
You cannot use any of the following CIDR blocks as the CIDR block of an office network VPC: 100.64.0.0/10, 127.0.0.0/8, 169.254.0.0/16, and 198.18.0.0/15.
NoteThe CIDR blocks that you can use as the CIDR blocks of office network VPCs may vary. The CIDR blocks that are displayed in the Elastic Desktop Service console shall prevail.
The number of IP addresses that are displayed in the Elastic Desktop Service console is the maximum number of available private IP addresses. Cloud computers may reside in different zones. To create the required number of cloud computers, make sure that the number of available private IP addresses is twice the number of the cloud computers that you want to create. In this case, you must adjust the subnet mask of your office network VPC.
Examples
The following example shows how to plan a CIDR block and then create the required number of cloud computers. In actual business, the configurations that are displayed in the Elastic Desktop Service console shall prevail.
For example, you want to create 190 cloud computers. To plan an IPv4 CIDR block, perform the following steps:
Select an office network VPC.
In this example, the CIDR block 10.0.0.0 is selected.
Configure the subnet mask based on your business requirements.
In this example, the subnet mask is set to 24. In this case, the number of available private IP addresses that are displayed in the Elastic Desktop Service console is 196.
The value 196 indicates the maximum number of available private IP addresses. In this case, reset the subnet mask to a smaller value to ensure that the number of available IP addresses is twice the number of the cloud computers that you want to create.
In this example, the subnet mask is reset to 23. The number of available IP addresses that are displayed in the Elastic Desktop Service console is 420. In this case, the number of available private IP addresses meets the requirement and you can create 190 cloud computers.
Therefore, if you use the IPv4 CIDR block 10.0.0.0/23 as the CIDR block of your office network VPC, you can create the required number of cloud computers in the office network.