Link products and services through a global router

General Global Router network configuration instructions for all Selectel products. For examples of configuration for individual products (dedicated servers, cloud databases, Managed Kubernetes) see Link products and services through a global router.

For your information

Some dedicated server configurations Chipcore Line cannot be added to the global router's network because they do not have a port to connect to the private network. You can check the availability of a port for the private network in the control panels on the server page under the tab Ports.

Create a global router.
Connect networks and subnets to the global router to each VLAN and cloud platform project, the servers from which to aggregate. For VMware-based clouds You can only add networks and subnets via technical support.
Assign IP addresses from the created subnets to the servers.
Optional: route the servers.
Optional: configure routing on the global router.

Create a global router⁠

В control panels go to Network services → Selectel Global Router.
Click Create a router. Each account is set limit to five global routers.
Enter the name of the router.
Click Create.
If the router was created with status ERROR or hovered in one of the statuses, file a ticket.

Connect networks and subnets to the global router⁠

Dedicated server
Cloud platform

Use for a dedicated or hosted server.

You can connect a new network to the router or an existing network if it is not already connected to any of the account's global routers.

В control panels go to Network services → Selectel Global Router.
Open the router page → tab Networks.
Click Create a network.
Enter a network name, this will only be used in the control panel.
Select a service Dedicated servers.
Select pool.
Select VLAN. If you want to create a network up to the internal segment (Q-in-Q), specify its tag, a number from 2 to 4094. If there is already a network up to the VLAN, be sure to specify the Q-in-Q segment of this VLAN.
Enter the subnet name — this will only be used in the control panel.
Enter the CIDR — IP address and private subnet mask. You can enter a new subnet or an existing private subnet of the server if it is not already added to any of the global routers in the account. The subnet must meet the conditions:
- belong to the RFC 1918 private address range: 10.0.0.0/8, 172.16.0.0/12 or 192.168.0.0/16;
- have a size of at least /29, as three addresses will be occupied by Selectel network equipment;
- Do not overlap with other subnets added to this router: The IP addresses of each subnet on the router must not overlap with the IP addresses of other subnets on the router;
- If Managed Kubernetes nodes will be included in the global router network, the subnet must not overlap with the ranges 10.250.0.0/16, 10.10.0.0/16 и 10.96.0.0/12. These subnets participate in the internal addressing of Managed Kubernetes, their use may cause conflicts in the global router network.
If you have specified a Q-in-Q tag, make sure to set up a Q-in-Q. When configuring, use the subnet you specified in step 9.
Enter the gateway IP or leave the first address from the subnet assigned by default. Do not assign this address to your devices to avoid disrupting the network.
Enter service IPs or leave the last addresses from the subnet assigned by default. Do not assign these addresses to your devices to avoid disrupting the network.
Click Create a network.
Optional: check the network topology on the global router. В control panels go to Network services → Selectel Global Router. Open the page of the desired router and click Network map.

For your information

If the cloud platform network is connected to a global router, you can only manage it on the global router page.

Use for a cloud server, Managed Kubernetes cluster node, or cloud database cluster.

You can connect a new network to the router or an existing network if it is not already connected to any of the account's global routers.

Connect a new network
Connect existing network

В control panels go to Network services → Selectel Global Router.
Open the router page → tab Networks.
Click Create a network.
Enter a network name, this will only be used in the control panel.
Select a service Cloud platform.
Select pool.
Select project.
Enter the subnet name — this will only be used in the control panel.
Enter the CIDR — IP address and subnet mask. The subnet must meet the conditions:
- belong to the RFC 1918 private address range: 10.0.0.0/8, 172.16.0.0/12 or 192.168.0.0/16;
- have a size of at least /29, as three addresses will be occupied by Selectel network equipment;
- Do not overlap with other subnets added to this router: The IP addresses of each subnet on the router must not overlap with the IP addresses of other subnets on the router;
- If Managed Kubernetes nodes will be included in the global router network, the subnet must not overlap with the ranges 10.250.0.0/16, 10.10.0.0/16 и 10.96.0.0/12. These subnets participate in the internal addressing of Managed Kubernetes, their use may cause conflicts in the global router network.
Enter the gateway IP or leave the first address from the subnet assigned by default. Do not assign this address to your devices to avoid disrupting the network.
Enter service IPs or leave the last addresses from the subnet assigned by default. Do not assign these addresses to your devices to avoid disrupting the network.
Click Create a network.
Optional: check the network topology on the global router. В control panels go to Network services → Selectel Global Router. Open the page of the desired router and click Network map.

Check that the network has not yet been added to any of the account's global routers — in the control panels under Cloud platform → Network → tab Private networks it doesn't have a tag. Global router.
Verify that the subnet meets the conditions:
- belongs to the private address range according to RFC 1918: 10.0.0.0/8, 172.16.0.0/12 or 192.168.0.0/16;
- is at least /29, as three addresses will be occupied by Selectel network equipment;
- does not overlap with other subnets added to this router: the IP addresses of each subnet on the router must not overlap with the IP addresses of other subnets on the router;
- If Managed Kubernetes nodes will be included in the global router network, the subnet must not overlap with the ranges 10.250.0.0/16, 10.10.0.0/16 и 10.96.0.0/12. These subnets participate in the internal addressing of Managed Kubernetes, their use may cause conflicts in the global router network.
В control panels go to Cloud platform →Network.
Open the tab Private networks.
On the menu. networks select Connect to a global router.
Select the global router.
For each of the network subnets, enter the IP address that will be assigned to the router, or leave the first available address from the subnet assigned by default. Do not assign this address to your devices to avoid disrupting the network. The last two free subnet addresses will be reserved as service addresses.
Click Connect. Do not close the window until you see the message that the network is connected. After that, in the control panel:
- the network will appear in section Network services → Selectel Global Router on the page of the router you connected it to;
- в section Cloud platform → Network → on the tab Private networks the network will be tagged Global router.

assign IP addresses to the servers⁠

On each server that joins the global router network, configure a local port to work with the subnet created on the router. On the port, assign an IP address from a private subnet that you plugged into a global router for the corresponding VLAN or project.

Dedicated server
Cloud platform
VMware-based cloud

Ubuntu
Debian
CentOS
Windows

Connect to the server via SSH or through KVM console.
Open the utility configuration file netplan with the vi text editor:
```
vi /etc/netplan/01-netcfg.yaml
```
Add or change values for the network interface settings of the private network:
```
    <eth_name>:
            addresses: [<ip_address>/<mask>]
```
Specify:
- <eth_name> — name of the network interface of the private network;
- <ip_address>/<mask> — The private IP address of the server with a subnet mask, for example, 192.168.0.2/29.
Press the key ESC.
Exit the text editor vi with the changes intact:
```
:wq
```
Apply the configuration:
```
netplan apply
```
Optional: reboot the server.

Connect to the server via SSH or through KVM console.
Open the network interfaces configuration file with the vi text editor:
```
vi /etc/network/interfaces
```
Add or change values for the network interface settings of the private network:
```
auto <eth_name>
iface <eth_name> inet static
address <ip_address>/<mask>
```
Specify:
- <eth_name> — name of the network interface of the private network;
- <ip_address>/<mask> — The private IP address of the server with a subnet mask, for example, 192.168.0.2/29;
Press the key ESC.
Exit the vi text editor with your changes saved:
```
:wq
```
Restart the network:
```
service networking restart
```
Optional: reboot the server.

Connect to the server via SSH or through KVM console.
Output information about the network interfaces:
```
ip address
```
Create or open the private network interface configuration file with the vi text editor:
```
vi /etc/sysconfig/network-scripts/ifcfg-<eth_name>
```
Specify <eth_name> — name of the network interface of the private network.
Add or change the values of the network interface settings:
```
NAME="<eth_name>"
ONBOOT=yes
BOOTPROTO=none
IPADDR="<ip_address>/<mask>"
```
Specify:
- <eth_name> — name of the network interface of the private network;
- <ip_address>/<mask> — The private IP address of the server with a subnet mask, for example, 192.168.0.2/29;
Press the key ESC.
Exit the vi text editor with your changes saved:
```
:wq
```
Restart the network:
```
systemctl restart network
```
Optional: reboot the server.

Example of changing network settings in CentOS in the blog article Network configuration in CentOS 7.

Connect to the server via RDP or through KVM console.
Open it up Network and Sharing Center.
Open the network interface of the private network.
Click Properties.
From the list, select IPv4.
Click Properties.
Specify the network interface parameters:
- IP-address — The private IP address of the server, e.g, 192.168.0.2;
- Subnet mask — subnet mask.
Click OK.

Prescribe routes on the devices⁠

If you create a new server and add it to an existing global router network, you do not need to specify routes. In this case, the server will be immediately available to other devices on the network.

If you are adding an existing server to the global router network, you must static routes to all subnets with which you want connectivity.

Example of static routes organization⁠

It is necessary to configure private communication between two dedicated servers in SPB-2 pool and a cloud server in ru-2 pool. To do this you need to:

Create a global router with two private subnets — 192.168.0.0/29 to the VLAN that contains the dedicated servers in the SPB-2 pool, and 172.16.0.0/29 before the cloud platform project in the ru-2 pool.
Assign addresses from subnets to servers.
Prescribe routes:
- on each server in the SPB-2 pool to a subnet. 172.16.0.0/29 through the gateway 192.168.0.1;
- on the server in the ru-2 pool to the subnet. 192.168.0.0/29 through the gateway 172.16.0.1.

Пример организации статических маршрутов

Prescribe static routes⁠

Dedicated server, cloud based on VMware
Cloud platform

Ubuntu
Debian
CentOS
Windows

Connect to the server.
Open the network configuration file:
```
vi /etc/netplan/01-netcfg.yaml
```
At the end of the data block of the desired network interface, add a route:
```
routes:
  - to: <ip_address>/<mask>
    via: <gateway>
```
Specify:
- <ip_address>/<mask> — subnet to which you want to route, specifying the mask, for example, 192.168.0.0/29;
- <gateway> — gateway for the current server subnet, which is specified on the global router.
If you need to prescribe multiple routes, add them sequentially in the same block, for example:
```
routes:
- to: 192.168.0.0/29
    via: 172.16.0.1
- to: 192.168.1.0/29
    via: 172.16.0.1
```
Save the file.
Check the settings:
```
sudo netplan try
```
Apply the changes:
```
netplan apply
```

Connect to the server.
Open the network configuration file:
```
vi  /etc/network/interfaces
```
At the end of the data block of the corresponding network interface, add the desired route:
```
up route add -net <ip_address> netmask <mask> gw <gateway>
down route del -net <ip_address> netmask <mask> gw <gateway>
```
Specify:
- <ip_address> — subnet to which you want to route, for example, 192.168.0.0;
- <mask> — the subnet mask to which you want to route, for example, 255.255.255.0;
- <gateway> — gateway for the current server subnet, which is specified on the global router.
If you need to prescribe multiple routes, add them sequentially in the same block.
Save the file.
Restart the network:
```
sudo /etc/init.d/networking restart
```

Connect to the server.
Create and complete a file to configure static routes:
```
echo "<ip_address>/<mask> via <gateway>" >> /etc/sysconfig/network-scripts/route-<eth_name>
```
Specify:
- <ip_address>/<mask> — subnet to which you want to route, specifying the mask, for example, 192.168.1.0/29;
- <gateway> — gateway for the current server subnet, which is specified on the global router;
- <eth_name> — the name of the corresponding LAN interface.
If you need to add multiple routes, specify them in one command. Specify each route on a new line, for example:
```
echo "192.168.0.0/29 via 172.16.0.1
192.168.1.0/29 via 172.16.0.1" >> /etc/sysconfig/network-scripts/route-eno2
```
Restart the network:
```
systemctl restart network
```

Connect to the server via RDP or through KVM console.
Add the required routes one at a time:
```
route -p ADD <ip_address> MASK <mask> <gateway> METRIC <x>
```
Specify:
- <ip_address> — subnet to which you want to route, for example, 192.168.0.0;
- <mask> — subnet mask of the subnet to which you want to route, for example, 255.255.255.0;
- <gateway> — gateway for the current server subnet, which is specified on the global router;
- <x> — parameter defining the priority of the specified gateway, 1 is the highest priority.

Configure routing on the global router⁠

You need to prescribe static routes or configure dynamic BGP routing on the global router if you:

organize Internet access on the global router network through one of the connected devices;
or you plan to use a network larger than /29 and your server as a router.

Prescribe static routes
Configure dynamic routing over BGP

В control panels go to Network services→ Selectel Global Router.
Open the router page → tab Static routes.
Click Create a route.
Enter a route name — any name, it will only appear in the control panel.
Enter the CIDR of the destination subnet, which is the private subnet to which you want to direct traffic. The destination subnet must not overlap with subnets on the global router. To direct Internet traffic to one of the devices on the global router network, specify 0.0.0.0/0.
Enter the IP address Next hop — the IP address of the server through which traffic will be routed to the destination subnet. The IP address must belong to one of the subnets on the global router.
Click Create.

Link products and services through a global router

Create a global router⁠​

Connect networks and subnets to the global router⁠​

assign IP addresses to the servers⁠​

Prescribe routes on the devices⁠​

Example of static routes organization⁠​

Prescribe static routes⁠​

Configure routing on the global router⁠​