Network Objects

All cloud servers can be connected to a private network without direct access to the Internet. It is possible to configure different Internet access options using routers, floating IP addresses, and shared public IP addresses.

Glossary

Network objects are regionally-specific resources. They can be used for combining virtual machines in all availability zones of the selected region.

Network objects of the Cloud Platform are described in the following table:

Term Definition
Private Network (VLAN) Network segments isolated from each other at level L2
Subnet (IP address) The range of private IP addresses limited by CIDR size assigned by the client.
Different IP addresses (subnets) can be assigned to the same private network.
Subnets are used to distribute IP addresses when creating new ports
Port Assigned MAC+IP binding designed to connect to the virtual network card of the cloud server.
One of the subnet ports can be connected to the router
Router A device that can route traffic between different subnets and the Internet. All subnets connected to the same router can communicate using the IP address of the router as the default route.
All subnets connected to the same router can access the Internet using the shared external IP address assigned to the router.
The router performs the function of NAT:
- access from a private network to the Internet (outgoing traffic);
- forwarding packets for a floating IP address to the server to which it was assigned
Shared external IP on the router IP address that is assigned to the router port when connecting it to an external network
External network Service subnet providing public IP addresses for router ports and floating IPs
Floating IP address Public IP address from the External network, which can be associated with an address of a private server or load balancer. Floating IP address traffic is processed by the router and all packets are transmitted to the associated private address
Public subnet The range of public IP addresses limited by the size of a prefix (mask) provided to the client.
IP addresses from this subnet are not processed by the router. They are connected directly to the cloud server
VRRP subnet A VRRP subnet is a cross region cloud object. It is a composition of two identical public subnets with four available addresses in each of the two selected regions of the Cloud Platform.
Unlike regular public subnets, VRRP subnets use an additional infrastructure router for routing traffic. This allows the cloud to redirect traffic to a backup subnet of a different region if necessary

Creating a Private Network

To create a private network:

  1. Go to the Network section of the desired project.
  2. Select the required region.
  3. Click Create network.
  4. Enter the network name in the window that opens.
  5. Enter subnet CIDR (you can add multiple IP addresses available in this subnet).
  6. Click Create.

A new subnet will appear in the list.

There are no restrictions on the traffic volume inside the private network. This allows you to transfer any amount of data between your services without additional fees. The number of private networks in use is unlimited. The bandwidth is 1 Gbit/s.

All networks can be created from the server card. More information can be found in the article Creating a Cloud Server (Virtual Machine).

Merging Servers into a Private Network

All cloud servers can be merged into a private network.

Follow these steps to connect a cloud server to the desired private network:

  1. Go to the project card.
  2. Expand the server menu on the Servers tab.
  3. Open the Ports tab.
  4. Click Add port.
  5. Select a subnet from the desired network and click Add port.

The private network only works within the project and is not available for other projects in the user’s account or other accounts by default.

Follow these steps to make the private network of one project available to another project:

  1. Open the project page and copy the UUID of the target project.
  2. Go to the project card and open the Network tab.
  3. Expand the menu of the network that you want to share on another project.
  4. Go to the Projects tab.
  5. Enter the copied project UUID to add the required project.

Connecting a Private Network to the Router

You can connect a private network to a virtual router to organize NAT-access to the Internet and assign external IP addresses to selected cloud servers.

To create a router:

  1. Go to the Network tab in the project card and open the Routers section.
  2. Select the required region.
  3. Click Create router.
  4. Specify the region and enter the name of the router in the window that opens.
  5. Click Create.

The created router can be connected to the external network gateway on the Attaching tab in the router card. You can assign a port to the router on the Ports tab in the router card. Click Add port and select the desired subnet to assign a port.

Connecting a Server to the Internet

Internet access is provided via public subnets or a floating IP address, which is a full external IP address and is available until it is deleted. Bandwidth both over the Internet and locally is 1 Gbit/s.

Via Public Subnets

To connect the server to a public subnet:

  1. Go to the Network tab in the project card and open the Public networks section.
  2. Select the required region.
  3. Click Add subnet.
  4. Review the cost of the service and confirm the payment in the window that opens.

To access the cloud server to the Internet through a public network, open the server card, go to the Ports tab, and add a port for the subnet from the network called “Public”.

Via Floating IP

To use a floating IP:

  1. Go to the Network tab in the project card and open the Floating IPs section.
  2. Select the required region.
  3. Click Add IP address.
  4. Review the cost of the service and confirm the payment in the window that opens.

After payment, a NAT router appears in the Routers section. The NAT network appears in the Private networks section.

To access a cloud server on the Internet with a floating IP address, add a port for the NAT network in the server card, and connect the floating IP to this port.

VRRP Subnets

One VRRP subnet can connect 2 regions. There can be several VRRP subnets in one project if more than 2 regions are available in this project.

To use the VRRP subnet:

  1. On the project page, expand the Cross regions resources block.
  2. Edit the quotas by clicking the appropriate button.
  3. Go to the Network tab in the project card and open the VRRP subnets section.
  4. Click Create VRRP subnet.
  5. Choose regions to add a VRRP subnet.
  6. Click Add VRRP subnet.

A VRRP subnet will be created.

In each region, the first effective subnet address is used as a gateway. The second address is reserved for official needs. The remaining four addresses can be assigned to virtual machines. More information can be found in our blog in the articles Router Redundancy with VRRP and Guest Post: Our Experience with Selectel’s VRRP.