Network overview
Overview
ECI networking is built around the virtual network, with subnets, network interfaces, public IPs, and the firewall arranged around it.
Components
Virtual network (192.168.0.0/16) + firewall rules
└── Subnet (192.168.0.0/24)
└── Network interface (NI)
├── Attached to a VM
└── Public IP (optional, attached to the NI)
| Component | Role |
|---|---|
| Virtual network | The private network VMs belong to. IP range is defined by a CIDR block. Firewall rules are configured per virtual network |
| Subnet | A subdivided IP range inside a virtual network |
| Network interface | A virtual NIC attached to a VM; carries an IP address. Created automatically with the VM or attached from an existing NIC |
| Public IP | A static IP for internet access. Attached to a network interface (not to the VM directly) |
| Firewall | Inbound and outbound traffic rules at the virtual-network level. Rules are evaluated top to bottom; changes take effect within one minute |
Allowed private CIDR ranges
ECI only lets you create virtual networks inside 172.16.0.0/14 (172.16.0.0 – 172.19.255.255) or 192.168.0.0/16. Pick a range that doesn't overlap with your corporate network.
Default setup flow
- Create a virtual network (set the CIDR)
- Create a subnet (carve out an IP range inside the virtual network)
- When creating a VM, pick a subnet at the network step to provision a NIC, or attach an existing NIC
- If external access is needed, allocate a public IP and configure firewall rules
Next steps
- Virtual network: creating a virtual network and designing the CIDR
- Subnet: carving out an IP range inside a virtual network
- Public IP: allocating an IP for internet access
- Firewall: rules to allow inbound traffic