Connect the balancer

Create a global router.
Connect networks and subnets to the global router to each VLAN and cloud platform project where the servers for balancing reside.

For VMware-based clouds You can only add networks and subnets via technical support.
Assign IP addresses from subnets to servers.
Configure routing to the balancer subnet.
Order a balancer.
Check the operation of the balancer.

Create a global router⁠

В control panels go to Network services → Selectel Global Router.
Click Create a router. Each account is set limit to five global routers.
Enter the name of the router.
Click Create.
If the router was created with status ERROR or hovered in one of the statuses, file a ticket.

Connect networks and subnets to the global router⁠

carefully

When creating a network, do not use subnet addresses on servers 10.128.0.0/16. This subnet hosts load balancers, its use can cause load balancers to fail.

Dedicated server
Cloud platform

Use for a dedicated or hosted server.

You can connect a new network to the router or an existing network if it is not already connected to any of the account's global routers.

В control panels go to Network services → Selectel Global Router.
Open the router page → tab Networks.
Click Create a network.
Enter a network name, this will only be used in the control panel.
Select a service Dedicated servers.
Select pool.
Select VLAN. If you want to create a network up to the internal segment (Q-in-Q), specify its tag, a number from 2 to 4094. If there is already a network up to the VLAN, be sure to specify the Q-in-Q segment of this VLAN.
Enter the subnet name — this will only be used in the control panel.
Enter the CIDR — IP address and private subnet mask. You can enter a new subnet or an existing private subnet of the server if it is not already added to any of the global routers in the account. The subnet must meet the conditions:
- belong to the RFC 1918 private address range: 10.0.0.0/8, 172.16.0.0/12 or 192.168.0.0/16;
- have a size of at least /29, as three addresses will be occupied by Selectel network equipment;
- Do not overlap with other subnets added to this router: The IP addresses of each subnet on the router must not overlap with the IP addresses of other subnets on the router;
- If Managed Kubernetes nodes will be included in the global router network, the subnet must not overlap with the ranges 10.250.0.0/16, 10.10.0.0/16 и 10.96.0.0/12. These subnets participate in the internal addressing of Managed Kubernetes, their use may cause conflicts in the global router network.
If you have specified a Q-in-Q tag, make sure to set up a Q-in-Q. When configuring, use the subnet you specified in step 9.
Enter the gateway IP or leave the first address from the subnet assigned by default. Do not assign this address to your devices to avoid disrupting the network.
Enter service IPs or leave the last addresses from the subnet assigned by default. Do not assign these addresses to your devices to avoid disrupting the network.
Click Create a network.
Optional: check the network topology on the global router. В control panels go to Network services → Selectel Global Router. Open the page of the desired router and click Network map.

For your information

If the cloud platform network is connected to a global router, you can only manage it on the global router page.

Use for a cloud server, Managed Kubernetes cluster node, or cloud database cluster.

You can connect a new network to the router or an existing network if it is not already connected to any of the account's global routers.

Connect a new network
Connect existing network

В control panels go to Network services → Selectel Global Router.
Open the router page → tab Networks.
Click Create a network.
Enter a network name, this will only be used in the control panel.
Select a service Cloud platform.
Select pool.
Select project.
Enter the subnet name — this will only be used in the control panel.
Enter the CIDR — IP address and subnet mask. The subnet must meet the conditions:
- belong to the RFC 1918 private address range: 10.0.0.0/8, 172.16.0.0/12 or 192.168.0.0/16;
- have a size of at least /29, as three addresses will be occupied by Selectel network equipment;
- Do not overlap with other subnets added to this router: The IP addresses of each subnet on the router must not overlap with the IP addresses of other subnets on the router;
- If Managed Kubernetes nodes will be included in the global router network, the subnet must not overlap with the ranges 10.250.0.0/16, 10.10.0.0/16 и 10.96.0.0/12. These subnets participate in the internal addressing of Managed Kubernetes, their use may cause conflicts in the global router network.
Enter the gateway IP or leave the first address from the subnet assigned by default. Do not assign this address to your devices to avoid disrupting the network.
Enter service IPs or leave the last addresses from the subnet assigned by default. Do not assign these addresses to your devices to avoid disrupting the network.
Click Create a network.
Optional: check the network topology on the global router. В control panels go to Network services → Selectel Global Router. Open the page of the desired router and click Network map.

Check that the network has not yet been added to any of the account's global routers — in the control panels under Cloud platform → Network → tab Private networks it doesn't have a tag. Global router.
Verify that the subnet meets the conditions:
- belongs to the private address range according to RFC 1918: 10.0.0.0/8, 172.16.0.0/12 or 192.168.0.0/16;
- is at least /29, as three addresses will be occupied by Selectel network equipment;
- does not overlap with other subnets added to this router: the IP addresses of each subnet on the router must not overlap with the IP addresses of other subnets on the router;
- If Managed Kubernetes nodes will be included in the global router network, the subnet must not overlap with the ranges 10.250.0.0/16, 10.10.0.0/16 и 10.96.0.0/12. These subnets participate in the internal addressing of Managed Kubernetes, their use may cause conflicts in the global router network.
В control panels go to Cloud platform → Network.
Open the tab Private networks.
On the menu. networks select Connect to a global router.
Select a global router.
For each of the network subnets, enter the IP address that will be assigned to the router, or leave the first available address from the subnet assigned by default. Do not assign this address to your devices to avoid disrupting the network. The last two free subnet addresses will be reserved as service addresses.
Click Connect. Do not close the window until you see the message that the network is connected. After that, in the control panel:
- the network will appear in section Network services → Selectel Global Router on the page of the router you connected it to;
- в section Cloud platform → Network → on the tab Private networks the network will be tagged Global router.

assign IP addresses to the servers⁠

On each server that joins the global router network, configure a local port to work with the subnet created on the router. On the port, assign an IP address from a private subnet that you plugged into a global router for the corresponding VLAN or project.

Dedicated server
Cloud platform
VMware based cloud

Ubuntu
Debian
CentOS
Windows

Connect to the server via SSH or through KVM console.
Open the utility configuration file netplan with the vi text editor:
```
vi /etc/netplan/01-netcfg.yaml
```
Add or change values for the network interface settings of the private network:
```
    <eth_name>:
            addresses: [<ip_address>/<mask>]
```
Specify:
- <eth_name> — name of the network interface of the private network;
- <ip_address>/<mask> — The private IP address of the server with a subnet mask, for example, 192.168.0.2/29.
Press the key ESC.
Exit the text editor vi with the changes intact:
```
:wq
```
Apply the configuration:
```
netplan apply
```
Optional: reboot the server.

Connect to the server via SSH or through KVM console.
Open the network interfaces configuration file with the vi text editor:
```
vi /etc/network/interfaces
```
Add or change values for the network interface settings of the private network:
```
auto <eth_name>
iface <eth_name> inet static
address <ip_address>/<mask>
```
Specify:
- <eth_name> — name of the network interface of the private network;
- <ip_address>/<mask> — The private IP address of the server with a subnet mask, for example, 192.168.0.2/29.
Press the key ESC.
Exit the vi text editor with your changes saved:
```
:wq
```
Restart the network:
```
service networking restart
```
Optional: reboot the server.

Connect to the server via SSH or through KVM console.
Display information about the network interfaces:
```
ip address
```
Create or open the private network interface configuration file with the vi text editor:
```
vi /etc/sysconfig/network-scripts/ifcfg-<eth_name>
```
Specify <eth_name> — name of the network interface of the private network.
Add or change the values of the network interface settings:
```
NAME="<eth_name>"
ONBOOT=yes
BOOTPROTO=none
IPADDR="<ip_address>/<mask>"
```
Specify:
- <eth_name> — name of the network interface of the private network;
- <ip_address>/<mask> — The private IP address of the server with a subnet mask, for example, 192.168.0.2/29.
Press the key ESC.
Exit the vi text editor with your changes saved:
```
:wq
```
Restart the network:
```
systemctl restart network
```
Optional: reboot the server.

Example of changing network settings in CentOS in the blog article Network configuration in CentOS 7.

Connect to the server via RDP or through KVM console.
Open it up Network and Sharing Center.
Open the network interface of the private network.
Click Properties.
From the list, select IPv4.
Click Properties.
Specify the network interface parameters:
- IP-address — The private IP address of the server, e.g, 192.168.0.2;
- Subnet mask — subnet mask.
Click OK.

Configure routing to the balancer subnet⁠

On each of the servers we need to pre-configure routing to the subnet in which we will place the balancer when connecting the service. By default, we place the balancers in the subnet 10.128.0.0/16but you can choose any suitable subnet of dimensionality /16.

Dedicated server, cloud based on VMware
Cloud platform

Ubuntu
Debian
CentOS
Windows

Connect to the server.
Open the network configuration file:
```
vi /etc/netplan/01-netcfg.yaml
```
At the end of the data block of the desired network interface, add a route:
```
routes:
  - to: <ip_address>/<mask>
    via: <gateway>
```
Specify:
- <ip_address>/<mask> — balancer subnet. You can specify the subnet 10.128.0.0/16in which we place the balancers by default, or any suitable subnet of dimensionality /16;
- <gateway> — The IP address from the subnet of the server that you assigned as the gateway to the global router at connecting networks and subnets.
Save the file.
Check the settings:
```
sudo netplan try
```
Apply the changes:
```
netplan apply
```

Connect to the server.
Open the network configuration file:
```
vi  /etc/network/interfaces
```
At the end of the data block of the corresponding network interface, add the desired route:
```
up route add -net <ip_address> netmask <mask> gw <gateway>
down route del -net <ip_address> netmask <mask> gw <gateway>
```
Specify:
- <ip_address> — balancer subnet. You can specify the subnet 10.128.0.0/16in which we place the balancers by default, or any suitable subnet of dimensionality /16;
- <mask> — 255.255.0.0;
- <gateway> — The IP address from the subnet of the server that you assigned as the gateway to the global router at connecting networks and subnets.
Save the file.
Restart the network:
```
sudo /etc/init.d/networking restart
```

Connect to the server.
Create and complete a file to configure static routes:
```
echo "<ip_address>/<mask> via <gateway>" >> /etc/sysconfig/network-scripts/route-<eth_name>
```
Specify:
- <ip_address>/<mask> — balancer subnet. You can specify the subnet 10.128.0.0/16in which we place the balancers by default, or any suitable subnet of dimensionality /16;
- <gateway> — The IP address from the subnet of the server that you assigned as the gateway to the global router at connecting networks and subnets;
- <eth_name> — the name of the corresponding LAN interface.
Restart the network:
```
systemctl restart network
```

Connect to the server via RDP or through KVM console.
Add the required routes one at a time:
```
route -p ADD <ip_address> MASK <mask> <gateway> METRIC <x>
```
Specify:
- <ip_address> — balancer subnet. You can specify the subnet 10.128.0.0/16in which we place the balancers by default, or any suitable subnet of dimensionality /16;
- <mask> — 255.255.0.0;
- <gateway> — The IP address from the subnet of the server you assigned as the gateway to the global router at connecting networks and subnets;
- <x> — parameter defining the priority of the specified gateway, 1 is the highest priority.

Order a balancer⁠

If your servers use the HTTPS protocol, add your TLS(SSL) certificate to the secret manager. You can also issue a Let's Encrypt® certificate.
В control panels go to Network services → Fault-tolerant load balancer.
Click Connect the balancer.
Select the tariff according to the desired channel width — 20, 50, 100 or 1 000 Mbps. If you need a different channel width, select Other and specify the required value in Mbps.
Specify the global router to which you are connected networks and subnets — its name, ID, or a list of subnets added to the router. You can view the router data in control panels under Network services → Global router → router page.
Specify the balancer subnet you specified when you routing setup on the servers.
Select a balancing algorithm:
- Round Robin is a round robin algorithm in which requests are passed to each server in turn;
- Weighted Round Robin is a weighted round robin algorithm in which each server is assigned a weighting factor corresponding to its performance and capacity. Servers with a higher weighting factor receive more requests;
- Source IP hash is an algorithm that, depending on the HTTP header or IP address, selects a preferred server to receive the request;
- Least Connections — an algorithm that sends the request to the least loaded server.
If you want to use Sticky Sessions, check the checkbox Sticky Sessions.
Select the protocol of the target servers: TCP, HTTP, HTTPS.
If you selected the TCP protocol, specify the parameters for using the protocol — all private IP addresses assigned within the global router's networks, with the ports specified.
If you selected the HTTP protocol, specify all combinations of URLs received from the Internet and the IP addresses to which they should be redirected, including the port. For example, http://domain.com/page — http://X.X.X.X:X.
If you selected the HTTPS protocol, specify:
- all combinations of URLs received from the Internet and the IP addresses to which they should be redirected, specifying the port. For example, https://domain.com/page — http://X.X.X.X:X;
- The ID of the certificate you added in step 1. The ID can be viewed in control panels: section Cloud platform → The manager of secrets → tab Certificates → in the menu of the certificate, select Copy UUID;
- ID projects where the certificate is located.
Optional: if you need to specify any additional data, enter it in the field Additional comment. For example, elaborate on the use case scenario, specify in which poolahs infrastructure is placed, leave an admin contact to get in touch and clarify details.
Click Connect the balancer.
We'll create and ship ticket to activate the service. Connection takes up to seven working days. When the balancer is ready, we will send you a secure public IP address in a ticket to which you should direct incoming traffic for balancing.

Check the operation of the balancer⁠

To test the balancer's performance, send test requests to the IP address you received at the ordering a balancer.

Connect the balancer

Create a global router⁠​

Connect networks and subnets to the global router⁠​

assign IP addresses to the servers⁠​

Configure routing to the balancer subnet⁠​

Order a balancer⁠​

Check the operation of the balancer⁠​