What is network topology-Network Intelligence Service(NIS)-阿里云帮助中心

Overview

Cloud networks span multiple regions, use different networking products, and have layered routing configurations. Network Intelligence Service (NIS) consolidates this into a single platform so you can monitor and manage your entire cloud network from a global view.

Network topology is a feature of NIS. It gives you an interactive graph of your cloud resources and their relationships. With network topology, you can:

Understand your network architecture. See how cloud resources relate to each other and how your deployed network is structured across regions and accounts.
Validate routing configurations. Analyze the route topology of entities based on access scenarios to check whether network reachability meets your expectations.
Manage and troubleshoot resources. Access Operations and Maintenance (O&M) tools directly from the topology view, inspect entity properties, and diagnose issues without switching consoles.

How network topology works

Components of a network topology

A network topology consists of three building blocks: entities, entity sets, and connections.

Category	Description
Entity	Entities in a network topology represent different types of resource instance objects. For more information about the entity resource types that network topology supports, see Entity resource types. Click an entity to display the following elements in the entity toolbar: Entity product page Instance diagnosis Path analysis Network traffic analysis View vSwitch subnet topology Routing focus View associated routes View CEN topology Hover over any entity icon to see its resource instance ID and instance name.
Entity set	When multiple resources of the same type share a common parent, network topology groups them into an entity set. The grouping rules are: Entities of the same type that belong to the same vSwitch are aggregated by default if there is more than one. vSwitch subnet topologies that belong to the same zone are aggregated by default if there is more than one. Entities of the same type that are interconnected with the same Virtual Private Cloud (VPC) are aggregated by default if there is more than one.
Connection	Connections are dashed lines linking entities in the topology graph. There are two types: Resource relationship In a resource topology graph, gray dashed lines represent resource associations between entities. Connections that have resource objects — such as VPC peering connections, Express Connect circuit connections, and Transit Router (TR) attach connections (intra-region or cross-region) — are annotated directly on the graph. Routing relationship In a route topology graph, hover over an entity to reveal orange dashed lines showing the routing path. The lines appear dynamically, and the flow direction indicates the routing direction of that entity.

Topology types

Network topology provides two views: resource topology and route topology.

Resource topology maps the structural relationships between your network resources. Use it to understand how resources are associated — which VPCs, load balancers, and interconnections are linked together. Supported entry points: VPC, Cloud Enterprise Network (CEN), and Classic Load Balancer (CLB).

Route topology visualizes routing and forwarding paths based on real-time routing configurations. Use it to trace how traffic is routed between entities and verify that routing rules match your intent. Supported entry point: VPC.

Type

Description

Supported products

Resource topology

A resource topology displays the associated network topology from a resource perspective. It shows the relationships between different entity objects in the network.

VPC
Cloud Enterprise Network (CEN)
Classic Load Balancer (CLB)

Route topology

A route topology visualizes the routing and forwarding relationships between resource entities in the topology based on real-time routing configurations.

VPC

Entity resource types

Network topology supports the following resource types:

VPC resources: Virtual Router (VRT), vSwitch, Classic Load Balancer (CLB), Application Load Balancer (ALB), VPC peering connection, Internet NAT gateway, VPC NAT gateway
Internet resources: Elastic IP Address (EIP)
Interconnection resources: Virtual Border Router (VBR), Transit Router (TR), VPN Gateway, physical port
Alibaba Cloud services: Elastic Compute Service (ECS)
Devices and sites: IDC access point, VPN customer gateway, SSL-VPN client

For details on entity sets, entity toolbar actions, and reference links for each resource type, see the table below.

Note

In the following table, a hyphen (-) indicates that the item is not applicable.

Resource type	Entity type	Entity set	Entity toolbar	References
VPC resources	Virtual Router (VRT)	-	-	-
	vSwitch	In a VPC topology, vSwitch entities and their subnet topologies in the same zone can be aggregated and expanded as a set.	Path analysis View vSwitch subnet topology	Use path analysis View the subnet topology of a vSwitch
	Classic Load Balancer (CLB)	In a VPC topology, multiple CLB entities under the same vSwitch can be aggregated and expanded as a set.	Instance diagnosis	Use instance diagnosis
	VPC peering connection	In a VPC topology, multiple VPC peering connections (the connection and the peer VPC entity) can be aggregated and expanded as a set with the peer VPC.	-	-
	Internet NAT gateway	In a VPC topology, multiple Internet NAT gateway entities under the same vSwitch can be aggregated and expanded as a set.	Instance diagnosis Network traffic analysis	Use instance diagnosis Use Internet traffic analysis
	VPC NAT gateway	In a VPC topology, multiple VPC NAT gateway entities under the same vSwitch can be aggregated and expanded as a set.	-	-
	Application Load Balancer (ALB)	In a VPC topology, multiple Application Load Balancer (ALB) entities within the same vSwitch can be aggregated and expanded as a set. Because ALB supports multi-zone deployment, ALB instances in different zones may be the same entity object in the same VPC resource topology.	Instance diagnosis	Use instance diagnosis
Internet resources	Elastic IP Address (EIP)	In a VPC topology, an EIP attached to a network resource is displayed as an attached entity object. Unassigned EIPs are not rendered in the network topology.	Instance diagnosis Path analysis Network traffic analysis	Use instance diagnosis Use path analysis Use Internet traffic analysis
Interconnection resources	Virtual Border Router (VBR)	In a VPC topology, multiple VBRs under the same VPC can be aggregated and expanded as a set.	-	-
	Transit Router (TR)	In a VPC topology, multiple TRs under the same VPC can be aggregated and expanded as a set. The associated attachment types are also merged.	View CEN topology	Use CEN topology
	VPN Gateway	In a VPC topology, multiple VPN gateways under the same vSwitch can be aggregated and expanded as a set.	-	-
	Physical port	An Express Connect circuit connects a data center to an Alibaba Cloud access point. Multiple Express Connect circuits connected to a VPC can be aggregated and expanded as a set.	-	-
Alibaba Cloud services	Elastic Compute Service (ECS)	In a VPC topology, multiple ECS instances under the same vSwitch can be aggregated and expanded as a set.	-	-
Devices and sites	IDC access point	In a VPC topology, an IDC access point is the geographic location where a connection over an Express Connect circuit accesses Alibaba Cloud. It is displayed with the Express Connect circuit. Multiple IDC access points for a VPC can be aggregated and expanded as a set.	-	-
	VPN customer gateway	Refers to the peer customer gateway of an IPsec-VPN connection. Multiple customer gateways connected to the same VPN Gateway can be aggregated and expanded.	-	-
	SSL-VPN client	Refers to the client of an SSL-VPN connection. Multiple clients connected to the same VPN Gateway can be aggregated and expanded.	-	-

Limits

Network topology only shows resources within your own account. Resources in other accounts are not displayed.
Network topology reflects your real-time network configurations. Historical or deleted configurations are not retained.
Route topology analyzes routing and forwarding rules for primary network interface controllers (NICs) only.