Skip to main content
General information about cloud platform networks
Last update:

General information about cloud platform networks

The cloud platform networks are powered by OpenStack Neutron. For more information, see the Neutron section of the OpenStack documentation.

You can work with cloud platform networks in the control panel, using the OpenStack CLI or Terraform.

Tasks to be solved

In a cloud platform using network objects, you can:

  • configure connectivity between devices in the same pool and aggregate devices into private subnets using ports: cloud servers, load balancers, file storage, Managed Kubernetes clusters and cloud database clusters;
  • Route traffic between private subnets and configure Internet access for devices on a private subnet using cloud routers;
  • Connect static public IP addresses to devices on private subnets to configure access to them from the Internet;
  • Connect devices to public subnets for access to and from the Internet. Cloud servers, load balancers, and cloud database clusters can be ported to public subnets;
  • Distribute incoming network traffic between cloud servers using load balancers;
  • To organize network connectivity between devices in different pools (including different projects and accounts) or between different services, private subnets can be connected to a global router;
  • configure static routes for subnets.

To limit traffic, you can use:

  • cloud firewalls — Cloud firewalls are assigned to a cloud router port and allow you to filter traffic for private subnets and public IP addresses;
  • security groups — are assigned to a cloud server port, allow you to filter all port traffic;
  • allowed IP/MAC addresses — are configured on a cloud server port, allow outgoing port traffic only from specific IP/MAC address pairs.

To use security groups and authorized IP/MAC addresses , port security must be enabled on the network.

Throughput

Cloud platform network objects have outbound and inbound bandwidth restrictions.

Outgoing trafficIncoming traffic
Cloud servers in private subnets, traffic within the private network3 Gbps — in all pools except ru-1

1 Gbit/s — in pool ru-1
Not limited (depends on cloud server configuration and network conditions)
Cloud servers in private subnets, Internet traffic (public IP addresses)3 Gbps — in all pools except ru-1

1 Gbit/s — in pool ru-1
5 Gbps
Cloud servers on public subnets3 Gbps — in all pools except ru-1

1 Gbit/s — in pool ru-1
Not limited (depends on cloud server configuration and network conditions)
Internet traffic via cloud routers5 Gbps5 Gbps

For a list of regions, availability zones and pools, see the Selectel Infrastructure table.

Bandwidth for devices on private networks can be increased to 10 Gbps — create a ticket.

The speed on a port may drop dramatically, for example, to 0.1 Gbps if the associated IP address is blocked by Selectel security.To increase the speed, create a ticket.

Traffic filtering (port security)

Traffic filtering (port security) is a network function to protect against unauthorized access and attacks. Filtering allows you to:

Traffic filtering is enabled by default on private networks and public subnets that are created:

  • in the ru-8 pool after May 15, 2025;
  • in the uz-2 pool after May 22, 2025;
  • in the ru-9 pool after May 26, 2025;
  • in the ke-1 pool after May 26, 2025;
  • in the uz-1 pool after May 27, 2025;
  • in the kz-1 pool after May 28, 2025;
  • in the gis-1 pool after May 29, 2025.

In these pools, you cannot manually control filtering — turn it on or off.

In pools ru-1, ru-2, ru-3, ru-7, filtering is turned off by default in existing and new networks, you can control filtering in them.

If traffic filtering is enabled on the network, for each new port on the network:

You can view the filtering status of the network in the Control Panel: from the top menu, click ProductsCloud ServersNetworkPrivate Networks or Public Networks tab .A network with filtering enabled is marked with a .

Blocked ports

Selectel has some TCP/UDP ports blocked by default, traffic through them is blocked.

Cost

Public IP addresses and public subnets are paid for using the cloud platform payment model.

The cost can be viewed at selectel.ru.

The rest of the network resources are free of charge.