# Networking

AceCloud networking provides a full software-defined networking stack for your cloud infrastructure. You can create isolated virtual networks, manage traffic with security groups, expose services with floating IPs, and distribute load across instances.

## Resources

| Resource                                                             | Command              | Alias         | Description                               |
| -------------------------------------------------------------------- | -------------------- | ------------- | ----------------------------------------- |
| [VPCs](/knowledge-base/cli/networking/vpcs.md)                       | `ace vpc`            | `ace network` | Virtual private clouds with subnets       |
| [Routers](/knowledge-base/cli/networking/routers.md)                 | `ace vpc router`     | —             | Connect VPCs and attach external gateways |
| [Security Groups](/knowledge-base/cli/networking/security-groups.md) | `ace security-group` | `ace sg`      | Firewall rules for instances              |
| [Floating IPs](/knowledge-base/cli/networking/floating-ips.md)       | `ace floating-ip`    | `ace fip`     | Public IP addresses for instances         |
| [Load Balancers](/knowledge-base/cli/networking/load-balancers.md)   | `ace load-balancer`  | `ace lb`      | Application and network load balancers    |

## Typical Workflow

A standard networking setup follows this sequence:

```bash
# 1. Create a VPC with a subnet
ace vpc create --name prod-vpc \
  --subnet-name prod-subnet \
  --subnet-cidr 10.0.0.0/24

# 2. Create a router and attach the external gateway
ace vpc router create --name prod-router
ace vpc router set-gateway --router <router-id> --network <external-network-id>

# 3. Connect your subnet to the router
ace vpc router add-interface --router <router-id> --subnet <subnet-id>

# 4. Create a security group with SSH and HTTP access
ace sg create --name web-sg
ace sg rule-add --sg <sg-id> --protocol ssh
ace sg rule-add --sg <sg-id> --protocol http

# 5. Launch an instance (using the VPC and security group)
ace instance create --name web-server \
  --flavor C4i.medium \
  --image Ubuntu-24.04-LTS \
  --network <vpc-id> \
  --security-group <sg-id> \
  --key my-key

# 6. Allocate and associate a floating IP
ace fip create --network <external-network-id>
ace fip associate --ip <floating-ip> --instance <instance-id>

# 7. (Optional) Set up a load balancer
ace lb create --name web-lb --subnet <subnet-id> --type ALB
ace lb listener create --name http-listener --protocol HTTP --port 80 --lb <lb-id>
ace lb pool create --name web-pool --protocol HTTP --algorithm ROUND_ROBIN --listener <listener-id>
```

## Global Flags

All networking commands support the standard global flags:

| Flag        | Short | Description                                      |
| ----------- | ----- | ------------------------------------------------ |
| `--output`  | `-o`  | Output format: `table` (default), `json`, `yaml` |
| `--verbose` | `-v`  | Enable verbose output                            |
| `--project` |       | Override project ID                              |
| `--region`  |       | Override region                                  |


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.acecloud.ai/knowledge-base/cli/networking.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.