Configure internet access from a third-party operator

The connection is organized via a private L3 network through a global router. To set up the connection, you create a global router network and connect the devices that require operator internet access to the global router. A cross-connect subnet with the operator router is added to the global router network, and NAT is configured on the operator router to provide access from the private network to the internet.

When accessing the internet via Direct Connect, you cannot assign public IP addresses from the operator's pool to your servers. To do this, choose another way to connect to the internet.

Check that you have connected the Direct Connect – physical port service.
Check or create a global router network.
Connect the Direct Connect subnet to the global router.
Check the settings on the operator side.
Configure routing to the Direct Connect subnet in the global router network.
Configure internet routing on the global router.

1. Verify that the Direct Connect – physical port service is connected

Make sure that in the ticket for ordering the service, you have received the VLAN number to which the operator port will be added.
Make sure this VLAN has appeared in the control panel: in the top menu, click Products → Dedicated Servers → Network → VLAN tab.

2. Check or create a global router network

Ensure that your account has a global router network and that it includes all devices that require internet access via the operator. You can view the created global routers and their networks in the control panel under Network Services → Selectel Global Router.

If you do not have a global router network yet or want to create a new one, follow the instructions in Create private connectivity via a global router.

3. Connect the Direct Connect subnet to the global router

In the control panel, from the top menu, click Products and select Selectel Global Router.
Open the router page → Networks tab.
Click Create network.
Enter a network name. It will only be used in the control panel.
Select the Servers and Hardware service.
Select the network location — the region and pool you specified when ordering the Direct Connect – physical port service.
Select or enter the VLAN to which the operator port is added. You can view the VLAN number in the ticket you received when ordering the Direct Connect – physical port service.
If a trunk port is configured on the operator side, specify a Q-in-Q tag — a number from 2 to 4094.
Enter a subnet name. It will only be used in the control panel.
Enter the CIDR — the private subnet IP address and mask. You can choose any addressing that does not overlap with other subnets on the global router.
Enter the gateway IP address or leave the first address from the subnet, which is assigned by default. Do not assign this address to your devices to avoid disrupting network operation.
Enter the service IPs or leave the last addresses from the subnet, which are assigned by default. Do not assign these addresses to your devices to avoid disrupting network operation.
Click Create network.
Optional: check the network topology on the global router. In the control panel, from the top menu, click Products → Selectel Global Router → router page → click Network map.
If you have specified a Q-in-Q tag, make sure you have enabled Q-in-Q on the switch port for the VLAN you specified in step 7.

4. Check settings on the operator side

Contact the operator and ensure they have performed the following settings on their side:

assigned an IP address to the router from the Direct Connect subnet that you connected to the global router. The address must not match the gateway address or the service addresses you selected during connection. You can view the gateway and service addresses in the control panel: in the top menu, click Products → Selectel Global Router → router page → open the card of the network the subnet belongs to → Gateway field.
configured NAT on the router from the Direct Connect subnet IP address to a public IP address from their address pool.

5. Configure routing to the Direct Connect subnet in the global router network

On all devices in the global router network, configure static routes to the Direct Connect subnet that you connected to the global router.

Set the next-hop to the IP address from the device subnet that is assigned to the global router as a gateway. You can view the gateway address in the Control Panel: in the top menu, click Products → Global Router → global router page → open the card of the network to which the subnet belongs → field Gateway.

Dedicated server , VMware-based cloud
Cloud platform

Ubuntu
Debian
CentOS
Windows

Connect to the server.
Open the network configuration file with the vi text editor:
```
vi /etc/netplan/01-netcfg.yaml
```
At the end of the data block for the required network interface, add a route:
```
routes:
  - to: <ip_address>/<mask>
    via: <gateway>
```
Specify:
- <ip_address>/<mask> — the IP address of the Direct Connect subnet that you connected to the global router, including the mask;
- <gateway> — the gateway for the current server subnet, which is specified on the global router.
Press the ESC key.
Exit the vi text editor and save your changes:
```
:wq
```
Check the settings:
```
sudo netplan try
```
Apply the changes:
```
netplan apply
```

6. Configure internet routing on the global router

Set up an internet route to the default network 0.0.0.0/0. You can add a static route or configure dynamic routing via BGP.

Add static routes
Configure dynamic routing via BGP

In the control panel, go to Network Services → Selectel Global Router.
Open the router page → Static Routes tab.
Click Create route.
Enter a route name — any name; it will only be displayed in the control panel.
Enter the destination subnet CIDR — 0.0.0.0/0.
Enter the Next hop IP address — the IP address from the Direct Connect subnet assigned to the operator router.
Click Create.