Network Interface
KakaoCloud network interfaces are virtual network cards that allow resources within a VPC to be logically connected and communicate. Users can create, modify, and delete network interfaces, and they can connect a created network interface to an instance within the same availability zone or disconnect an already attached secondary network interface.
- Multiple IP addresses per network interface will be supported in the future.
Components
A network interface consists of the following components:
- A primary private IPv4 address within the VPC's IPv4 address range
- A secondary private IPv4 address within the VPC's IPv4 address range
- A public IP address for each private IPv4 address
- One or more security groups
- MAC address
Concepts
The following concepts are important for understanding network interfaces.
1. Primary network interface
The primary network interface refers to the network interface that is automatically created when an instance is created. Each instance must be connected to one primary network interface, and this interface cannot be disconnected from the instance.
2. Secondary network interface
Secondary network interfaces refer to the additional network interfaces attached to an instance, excluding the primary network interface. The maximum number of network interfaces that can be attached to an instance depends on the instance family and size. Secondary network interfaces can be freely added, detached, and disconnected as long as the maximum number of network interfaces allowed per instance is not exceeded.
3. Primary or secondary private IPv4 addresses for a network interface
A primary private IPv4 address is assigned to a network interface within the VPC subnet's CIDR range. Optionally, secondary private IPv4 addresses can also be assigned if needed.
4. Public IPv4 address for a network interface
A public IP address can be associated with the private IPv4 address assigned to the network interface. A network interface with a public IP can communicate externally via the Internet Gateway until the public IP is disassociated.
5. Source/destination check
The source/destination check can be enabled or disabled for each network interface. By default, this setting is enabled, but if the instance connected to this network interface is running a service such as NAT, routing, or a firewall, this function should be disabled.
6. Security group
A security group can be assigned to a network interface. All instance types except Bare Metal Server must have at least one security group. For detailed information on security groups, please refer to Security Group.
Attach network interface
When attaching a network interface, consider the following:
- Only network interfaces in the same availability zone as the instance can be selected for assignment and attachment.
- Secondary network interfaces can be detached even when the instance is running, but the primary network interface cannot be detached under any circumstances.
- The instance must be in an
ActiveorStoppedstate when attaching a network interface. - A manually assigned private IPv4 address network interface can be created and attached, but the assigned IP address must be within the CIDR range of the VPC subnet where the instance is located.
- Connecting two or more network interfaces to the same subnet on an instance can cause asymmetric routing issues, which may result in packets being blocked by the firewall. It is recommended to connect network interfaces to different subnets to avoid this.
- The number of network interfaces that can be attached to an instance depends on the instance family and size.
- The network bandwidth will not increase even if multiple network interfaces are attached, except for bonding in Bare Metal instances.
- When using multiple network interfaces, it is generally necessary to configure static routing on the instance.
The number of network interfaces by instance family and size
The maximum number of network interfaces that can be connected varies by instance family and size.
General
The maximum number of network interfaces for each size in the general-purpose instance family is as follows:
| Instance Family | Size | Maximum Network Interfaces |
|---|---|---|
| m2a | large | 3 |
| xlarge | 4 | |
| 2xlarge | 4 | |
| 4xlarge | 8 | |
| 8xlarge | 8 | |
| 12xlarge | 8 | |
| 16xlarge | 15 | |
| 24xlarge | 15 | |
| m3az | large | 3 |
| xlarge | 4 | |
| 2xlarge | 4 | |
| 4xlarge | 8 | |
| 6xlarge | 8 | |
| 8xlarge | 8 | |
| t1i | nano | 2 |
| micro | 2 | |
| small | 2 | |
| medium | 3 | |
| large | 3 | |
| xlarge | 4 | |
| 2xlarge | 4 |
Memory Optimized
The maximum number of network interfaces for each size in the memory-optimized instance family is as follows:
| Instance Family | Size | Maximum Network Interfaces |
|---|---|---|
| r2a | large | 3 |
| xlarge | 4 | |
| 2xlarge | 4 | |
| 4xlarge | 8 | |
| 8xlarge | 8 | |
| 12xlarge | 8 | |
| 16xlarge | 15 | |
| 24xlarge | 15 | |
| baremetal | 2 |
Compute Optimized
The maximum number of network interfaces for each size in the compute-optimized instance family is as follows:
| Instance Family | Size | Maximum Network Interfaces |
|---|---|---|
| c2a | large | 3 |
| xlarge | 4 | |
| 2xlarge | 4 | |
| 4xlarge | 8 | |
| 8xlarge | 8 | |
| 12xlarge | 8 | |
| 16xlarge | 15 | |
| 24xlarge | 15 |
Accelerated Computing
The maximum number of network interfaces for each size in the accelerated computing instance family is as follows:
| Instance Family | Size | Maximum Network Interfaces |
|---|---|---|
| gn1i | xlarge | 3 |
| 2xlarge | 3 | |
| 4xlarge | 3 | |
| 8xlarge | 4 | |
| 12xlarge | 8 | |
| 16xlarge | 4 | |
| gf1i | 6xlarge | 4 |
| 12xlarge | 8 | |
| 24xlarge | 15 | |
| p1i | baremetal | 2 |
| p2i | 6xlarge | 4 |
| 12xlarge | 8 | |
| 24xlarge | 15 | |
| p2a | baremetal | 2 |
Video Transcoding
The maximum number of network interfaces for each size in the video transcoding instance family is as follows:
| Instance Family | Size | Maximum Network Interfaces |
|---|---|---|
| vt1a | 4xlarge | 8 |
| 8xlarge | 8 | |
| 32xlarge | 15 |