Configure static routes on dedicated servers

Static routing is a type of routing where routes are explicitly defined when configuring a network interface on a server or router.

To configure static routing, specify static routes on the server.

Examples of tasks that can be solved using static routing:

connect dedicated servers and a cloud server via a private network;
route internet traffic through a firewall;
configure connectivity with external infrastructure through a firewall.

Specify static routes on a server

Ubuntu
Debian
CentOS
Windows

Connect to the server.
Open the network interfaces configuration file with the vi text editor:
```
vi /etc/netplan/01-netcfg.yaml
```
At the end of the block with the parameters for the required network interface, add the route:
```
routes:
- to:  <ip_address>/<mask>
  via: <gateway>
```
Specify:
- <ip_address> — the subnet to which a route is needed;
- <mask> — the subnet mask to which a route is needed;
- <gateway> — the gateway for the current server's subnet, such as the gateway specified on the global router. The gateway address must be in the same subnet as the server.

If you need to specify multiple routes, add them sequentially in the same block, for example:

routes:
- to:  192.168.0.0/28
  via: 192.168.0.1
- to:  192.168.1.0/28
  via: 192.168.0.1

Exit the vi text editor saving your changes:
```
:wq
```
Check the route configuration:
```
sudo netplan try
```
Apply the changes:
```
netplan apply
```

Example of organizing static routes to connect dedicated servers and a cloud server via a private network

Configuration goal

Connect two dedicated servers in the SPB-2 pool and a cloud server in the ru-2 pool with a private network using a global router, and configure routing in the network so that the devices can see each other.

What you need for configuration

In the configuration example, we used two dedicated servers in the SPB-2 pool with access to a private network and a cloud server in the ru-2 pool.

Configuration result

Private connectivity will be configured between two dedicated servers in the SPB-2 pool and a cloud server in the ru-2 pool.

Configuration steps

Create a global router.
Connect private subnets to the global router:
- 192.168.0.0/28 for the VLAN containing the dedicated servers in the SPB-2 pool;
- 172.16.0.0/28 for the cloud platform project in the ru-2 pool.
Assign IP addresses from the private subnets you connected to the global router to the dedicated servers and the cloud server. For more details, see the Assigning IP addresses to servers subsection.
Specify routes:
- on each dedicated server in the SPB-2 pool — to the 172.16.0.0/28 subnet through gateway 192.168.0.1;
- on the cloud server in the ru-2 pool — to the 192.168.0.0/28 subnet through gateway 172.16.0.1.

Example of organizing static routes to route internet traffic through a firewall

Configuration goal

Route internet traffic to a dedicated server through a firewall.

What you need for configuration

In the configuration example, we used a dedicated server with access to a private network and a firewall.

Configuration result

After setting up the routed networks, internet traffic to the dedicated server will pass through the firewall.

Configuration steps

Specify a static route on the dedicated server to the 0.0.0.0/0 subnet via gateway 198.51.100.1.
Specify a default gateway on the firewall 203.0.113.2.
For the dedicated server behind the firewall to have internet access, create a ticket requesting that a static route be added to the Selectel router. In the ticket, specify:
- the private subnet of the dedicated server that is behind the firewall, in this example — 198.51.100.0/28;
- the public IP address of the firewall, in this example — 203.0.113.2.
Wait for a response from a Selectel employee confirming that the static route has been specified on the router.

Example of organizing static routes for connectivity with external infrastructure through a firewall

Configuration goal

Connect two dedicated servers in the MSK-1 and SPB-2 pools with external infrastructure via a private network. Using a global router, configure routing in the network so that the devices can see each other, and direct traffic from routed networks through a firewall in the SPB-3 pool.

What you need for configuration

In the configuration example, we used two dedicated servers in the MSK-1 and SPB-2 pools with access to a private network, a firewall in the SPB-3 pool, and external infrastructure.

Configuration result

Private connectivity will be configured between the external infrastructure and the servers in the MSK-1 and SPB-2 pools; traffic from routed networks will pass through the firewall in the SPB-3 pool.

Configuration steps

Create a global router.
Connect subnets to the global router:
- 192.168.11.0/24 for the VLAN containing the dedicated server in the MSK-1 pool;
- 192.168.22.0/24 for the VLAN containing the dedicated server in the SPB-2 pool;
- 192.168.33.0/24 for the VLAN containing the firewall in the SPB-3 pool.
Assign IP addresses from the private subnets you connected to the global router to the dedicated servers. For more details, see the Assigning IP addresses to servers subsection.
Assign an IP address from the private subnet that you connected to the global router to the firewall.
Specify routes on the servers:
- in the MSK-1 pool — to the subnets 192.168.22.0/24 and 192.168.33.0/24 through gateway 192.168.11.1;
- in the SPB-2 pool — to the subnets 192.168.11.0/24 and 192.168.33.0/24 through gateway 192.168.22.1;
Specify routes on the firewall — to the subnets 192.168.11.0/24 and 192.168.22.0/24 through gateway 192.168.33.1.
Configure routing on the global router — specify a static route for outgoing internet traffic. Specify:
- destination subnet — 0.0.0.0/0;
- Next hop — IP address of the firewall, in this example 192.168.33.2.