VM Networking Basics

This page explains how networking works for Virtual Machines (VMs) in CloudRaya, including IP addressing, network attachment, and basic traffic flow.

It focuses on how a VM uses networking, not how to build networking infrastructure.

How VM Networking Works in CloudRaya

In CloudRaya, every Virtual Machine is connected to the network through several components:

• Cloud Zone
• Virtual Private Cloud (VPC)
• Subnet
• Network Interface (NIC)

When a VM is created:

• It is automatically attached to a default VPC
• A network interface (NIC) is created for the VM
• A private IP address is assigned automatically
• A public IP address may be attached (optional)

Default Network Behavior

By default, CloudRaya simplifies VM networking:

• A default VPC is created automatically if none exists
• The VM is attached to the default VPC
• A default ACL (Access Control List) is applied
• Common ports are allowed by default, such as:
  • SSH (22)
  • RDP (3389)
  • HTTP (80)
  • HTTPS (443)

This allows a newly created VM to be accessible without manual network configuration.

Private IP vs Public IP

Private IP Address

• Assigned automatically to every VM
• Used for:
  • Internal communication within the VPC
  • VM-to-VM traffic
• Does not change when the VM is stopped or started
• Not accessible directly from the internet

Public IP Address

• Optional
• Attached to the VM’s network interface
• Used to:
  • Access the VM from the internet (SSH, RDP, web services)
• Remains the same during stop/start
• Can be detached or released depending on configuration

📄 See: Public IP Address

How Traffic Flows to a VM

At a high level:

1. Internet traffic reaches the VM via its public IP
2. Traffic is filtered by ACL rules
3. Allowed traffic is forwarded to the VM’s private IP
4. Outbound traffic follows the reverse path

VMs do not connect directly to the internet without passing through CloudRaya’s networking layer.

Network Security at the VM Level

VM network traffic is controlled using ACL (Access Control List) rules.

Key points:

• ACL rules define allowed or denied ports and protocols
• Rules apply to:
  • Ingress (incoming traffic)
  • Egress (outgoing traffic)
• A default ACL is applied automatically
• If a service is not reachable, ACL rules should be checked first

This page does not cover ACL rule configuration in detail.

📄 See: Access Control List (ACL)

VM-to-VM Communication

VM connectivity depends on network placement:

• Same VPC
  • VMs can communicate using private IPs
  • Subject to ACL rules
• Different VPCs
  • No communication by default
• Different Cloud Zones
  • Fully isolated by design

This isolation improves security and fault containment.

Where to Configure Network Settings

This page explains concepts only.
For configuration and advanced setup, see:

• IP Settings → Manage public and private IPs
• Networking Services → VPC, Subnet, ACL, Load Balancer, VPN

Common Networking Scenarios

• VM cannot be accessed from the internet

  → Check public IP attachment and ACL rules

• VM can be accessed internally but not externally

  → Check ingress ACL rules

• VM cannot communicate with another VM

  → Verify both VMs are in the same VPC and ACL allows traffic

Next Steps

Once you understand VM networking basics, you can continue with:

📄 Networking Services

📄 Access a Virtual Machine (SSH / RDP)

📄 Networking Best Practices