Public subnets

Last update: April 16 2025

Public subnets

A public subnet is a range of public static IP addresses limited by a prefix (mask) size. All devices on the public subnet have a public IP address and access to and from the Internet. You can configure public subnet access for a cloud server, cloud load balancer, and cloud database cluster — see the instructions for details Set up access to and from the Internet.

IP addresses from the public subnet are not processed cloud router with 1:1 NAT, but connect directly to devices: cloud server, cloud load balancer, cloud database cluster. Because of the lack of NAT, this type of device connection to the Internet is more resilient and faster, but less secure than connecting via a public IP address.

Devices on a public subnet communicate with each other through public interfaces.

A public subnet can only be used within a single projects and one pool.

Within public subnets there are limits on the amount of traffic — bandwidth. You can see it in the table Throughput.

You can work with public subnets in the control panels or Terraform.

Size of public subnets⁠

Public subnets ranging in size from /29 (five free IPv4 addresses) to /24 (253 free IPv4 addresses) are available. Three service IP addresses are reserved in each public subnet:

• The first IP address is the network address;
• the second IP address is the gateway address;
• the last IP address is a broadcast address.

The remaining IP addresses can be assigned to devices.

Example for a subnetwork 192.0.2.0/29 — five addresses are available:

• 192.0.2.0 is the network address;
• 192.0.2.1 is the gateway address;
• 192.0.2.2 is usable;
• 192.0.2.3 is usable;
• 192.0.2.4 is usable;
• 192.0.2.5 is usable;
• 192.0.2.6 is usable;
• 192.0.2.7 is the broadcast address.

If you run out of free IP addresses on the public subnet, you can create a new public subnet.

Automatic public subnet settings⁠

Public subnets specify default settings: default gateway and DNS servers. The settings are automatically applied to devices on the subnet.

Default gateway⁠

When you create a public subnet, a second IP address is reserved for the default gateway. The default gateway on a public subnet cannot be changed.

DNS servers⁠

When you create a public subnet, Selectel DNS servers are automatically assigned to the devices on the subnet. You can change the DNS servers by subnetting or modify after creation.

Static routes⁠

By default, subnets do not have static routes specified. For public subnets, you can configure static routes.

Create a public subnet⁠

Control panel

1. In control panel from the top menu, press Products and select Cloud servers.
2. Go to the section Network → tab Public networks.
3. Click Create a subnet.
4. Select pool In which a public subnet will be created.
5. Select subnet size — the range of IP addresses available on the subnet.
6. Optional: To change the DNS servers, tap . Enter one to three values. Press .
7. Click Create.

Configure public subnet access in different projects⁠

By default, a public subnet can only be used within a single projects and one pool. You can configure public subnet sharing in different projects within the same account. The subnet will also be available only within the same pool.

The public subnet will have a tag Кросспроектная. You will only be able to manage the subnet in the project in which the subnet resides.

Control panel

1. In control panels from the top menu, press Products and select Cloud servers.
2. Go to the section Network → tab Public networks.
3. Copy the ID of the destination project with which you want to share the subnet. Open the projects menu (name of the current project) and in the line of the desired project click on .
4. Make sure you are in the project in which the subnet is located.
5. Open the network card → tab Projects.
6. Click Add project.
7. Paste the destination project ID you copied in step 3.
8. Click .

Change DNS servers on the public subnet⁠

When you create a public subnet on devices in the subnet, the following are automatically assigned to the subnet Selectel recursive DNS servers. DNS servers can be changed by creating a public subnet or for an existing public subnet.

Control panel

1. in control panels from the top menu, press Products and select Cloud servers.
2. Go to the section Network → tab Public networks.
3. Open the public subnet card → tab Subnetworks.
4. In the subnet row, in the column DNS servers click .
5. Enter one to three values.
6. Click .

OpenStack CLI

1. Open the OpenStack CLI.

2. If you need to completely replace the list of DNS servers, delete the IP addresses of the specified DNS servers and add new ones:

   openstack subnet set \
     --no-dns-nameservers \
     --dns-nameserver <dns_server> \
     <subnet>

   Specify:

   • <dns_server> — IP address of the DNS server. You can add several DNS servers — each is added using the option --dns-nameserver <dns_server>;
   • <subnet> — ID or public subnet name, can be viewed with the command openstack subnet list.

   Example of changing the default DNS servers to 192.0.2.3 and 192.0.2.4:

   openstack subnet set \
     --no-dns-nameservers \
     --dns-nameserver 192.0.2.3 \
     --dns-nameserver 192.0.2.4 \
     <subnet>

3. If you need to complete the list of DNS servers, add the IP addresses of the new DNS servers:

   openstack subnet set \
     --dns-nameserver <dns_server> \
     <subnet>

   Specify:

   • <dns_server> — IP address of the DNS server. You can add several DNS servers — each is added using the option --dns-nameserver <dns_server>;
   • <subnet> — ID or public subnet name, can be viewed with the command openstack subnet list.

Delete a public subnet⁠

Control panel

1. in control panels from the top menu, press Products and select Cloud servers.
2. Go to the section Network → tab Public networks.
3. On the menu on the public subnet, select Delete subnet.
4. Enter the subnet address to confirm the deletion.
5. Click Delete.