Skip to main content

Connect a public cloud to other products via a transit subnet by adding it to a client Edge router and configuring static routes

Last update:

With the help of a global router, you can connect the public cloud to other Selectel products that can be connected to a global router; for more details, see the guide General information about the Selectel Global Router service.

You can configure connectivity using several scenarios; you can view other scenarios in the guide Ways to connect the public cloud to a global router.

Configuration description

Upon your request, we will create a private connection subnet in the public cloud, which will not be visible in the virtual data center network list. Using the connection subnet, we will connect your (client) Edge router to the service Edge router managed by Selectel. The gateway will be the service Edge router. On the client Edge router, you will be able to configure NAT, Firewall, and other functions; for more details, see the Edge routers guide. You will define the network addressing and addresses for the Edge routers yourself and specify them in the ticket for creating the private connection subnet.

On the service Edge router, we will configure static routes to the public cloud subnets you selected using the client Edge router as the Next Hop; these routes are advertised to the global router. When servers and other resources connected to the global router send packets to public cloud subnets for which static routes are configured, the global router will be able to address them correctly. After configuring connectivity, you will be able to advertise new subnets on the service Edge router via a ticket.

On your Edge router, you manually configure static routes to servers and other resources outside the VMware-based cloud that are connected to the global router, using the service Edge router as the Next Hop.

What is needed for configuration

You can use any infrastructure you want to connect to the public cloud via the global router for configuration. Infrastructure elements and its network parameters are provided as an example.

Infrastructure elementInfrastructure network parameters in the example
Dedicated server in a private subnet
  • server added to subnet 192.168.0.0/24
  • gateway: 192.168.0.1
Cloud server in a private subnet
  • server added to subnet 192.168.1.0/24
  • gateway: 192.168.1.1
Virtual machine in a public cloud private subnet
  • virtual machine added to subnet 192.168.2.0/24
  • gateway: 192.168.2.1
  • subnet added to the client Edge router.

Configuration result

In the example, the dedicated server, cloud server, and public cloud subnets will be combined through the global router using a public cloud connection subnet.

Configuration steps

  1. Create a global router.
  2. Connect the dedicated server and cloud platform subnets to the global router.
  3. Create a connection subnet for communication with the global router.
  4. Configure static routes on the client Edge router.
  5. Check Firewall settings on the client Edge router.
  6. Configure static routes on dedicated and cloud servers.

1. Create a global router

  1. In the Control panel, in the top menu, click Products and select Global Router.
  2. Click Create router. A limit of five global routers is set for each account.
  3. Enter the router name.
  4. Click Create.
  5. If the router was created with the status ERROR or is stuck in one of the statuses, create a ticket.

2. Connect the dedicated server and cloud platform subnets to the global router

To connect the dedicated server subnet (in the example 192.168.0.0/24) and the cloud platform subnet (in the example 192.168.1.0/24) to the global router, use the Connect networks and subnets to a global router ⁠ section of the Connecting products and services via a global router guide.

3. Create a connection subnet for communication with the global router

  1. Create a ticket with a request to create a private connection subnet in the public cloud that will connect the service Edge router to your (client) Edge router. In the ticket, specify:

    • the method for connecting the public cloud to the global router — the second method;
    • global router ID, can be viewed in the control panel in the Network servicesSelectel Global Router → router page → field below the router name;
    • virtual data center name, can be viewed in the control panel in the VMware-based cloudVirtual data centers → virtual data center card;
    • desired subnet CIDR — in the example 10.0.0.0/29;
    • desired subnet gateway; this address will be assigned to the service Edge router — in the example 10.0.0.1;
    • client Edge router name, can be viewed in the control panel in the VMware-based cloudVirtual data centers → virtual data center page → Edge routers tab;
    • desired IP address for the client Edge router from the connection subnet — in the example 10.0.0.2;
    • list of public cloud subnets that you want to connect to the global router — in the example 192.168.2.0/24.

  2. We will create the subnet and inform you in the ticket.

4. Configure static routes on the client Edge router

Static routes are configured to all subnets with which you want to connect the public cloud via the global router.

  1. From the control panel, open the Cloud Director panel: in the top menu click ProductsVMware-based cloudCloud Director section.
  2. Go to the NetworkingEdge Gateways **** section.
  3. Open the page for your Edge router.
  4. Click SERVICES.
  5. Open the RoutingStatic routes **** tab.
  6. Click +.
  7. In the Network field, enter the dedicated server subnet — in the example 192.168.0.0/24.
  8. In the Next Hop field, specify the service Edge address — in the example 10.0.0.1.
  9. Click KEEP.
  10. Repeat steps 6-9 for the cloud server subnet — in the example 192.168.1.0/24.

5. Check Firewall settings

Make sure that Firewall settings on your (client) Edge router allow the necessary traffic between the public cloud subnets and the subnets connected to the global router.

6. Configure static routes on dedicated and cloud servers

If the global router is used as the default gateway on the cloud and dedicated servers, you do not need to configure routes.

If not, on the cloud and dedicated servers connected to the global router, configure static routes:

  • as the destination subnet specify the CIDR of the new public cloud subnet — in the example 192.168.2.0/24;

  • as the gateway, specify the address from the subnet that the corresponding server is added to and which is used as the global router gateway, in the example:

    • for the dedicated server — 192.168.0.1;
    • for the cloud server — 192.168.1.1.