Journey to the West Meets Cloud Networking: VPC, BGP, TLS Explained

This is a story about computer network protocols presented as a Journey to the West allegory.

1. Regions and Availability Zones – The four continents represent cloud regions, each containing multiple availability zones (available zones) where data centers (cabinets) and servers (slots) are located.

Each cabinet is managed by a deity (access‑layer switch), grouped under aggregation‑layer deities and core‑layer deities, forming a hierarchical, stacked network.

2. Virtual Private Cloud (VPC) and Open vSwitch – The scriptures are stored in a virtual private space (VPC). Open vSwitch acts as the magical switch that moves data between the virtual private space and the physical world, using VXLAN encapsulation identified by a VXLAN ID.

3. Load Balancing and NAT – The golden top deity (金顶大仙) acts as a load balancer, converting the public IP address into private IP addresses of the various data‑center buildings (availability zones) via NAT rules.

4. BGP and DNS – The deity Guanyin uses the BGP protocol to announce the public IP to the world, while DNS resolution (the “travel permit”) maps domain names to IP addresses, optionally using GSLB for global load balancing.

5. CDN – The distribution of scriptures to edge nodes mirrors a CDN, where static resources are cached at edge locations and served via CNAME redirection.

6. TCP Handshake and Sliding Window – The three‑way handshake establishes a reliable connection, and the sliding‑window mechanism ensures ordered, loss‑tolerant delivery of packets.

7. TLS Handshake – The TLS exchange (ClientHello, ServerHello, certificate verification, key exchange) secures the communication, analogous to the deity’s sacred relics guaranteeing safe passage.

8. HTTP Request Structure – An HTTP POST request carries the order details (JSON body) from the mobile app to the backend service.

9. Mobile Network Tunneling – The packet traverses eNodeB → MME → SGW → PGW, with MAC and IP headers rewritten at each hop, illustrated by a series of layered header diagrams.

10. HAProxy and Controller Layers – HAProxy acts as a L4 load balancer, forwarding traffic to controller instances, which then invoke business logic via RPC.

11. Dubbo, Hessian2, Netty – The controller uses Dubbo (Hessian2 serialization) over Netty for asynchronous, non‑blocking RPC calls to downstream services such as inventory and coupon services.

12. Optimistic Lock (CAS) – Inventory updates use CAS to ensure idempotent, high‑concurrency safe modifications.

Through this allegorical narrative, the article explains the end‑to‑end flow of a purchase order from a mobile app, across the public internet, through cloud networking layers, to the backend micro‑service that finally records the transaction in a distributed database.