Public cloud networks
All virtual machines can be connected to private network and public (Internet). Internet connection can be configured via Edge routers or Direct Connected subnets.
Public network
Virtual machines can be connected to the public network (Internet) using one of the schemes:
- through the local Edge router (default). The virtual machines in the virtual data center communicate with a private network that connects to the Edge router, and the Edge router connects to the Internet. Firewall and NAT must be configured on the Edge router;
- through the Direct Connected subnet A Firewall must be configured on each virtual machine, which links virtual machines and connects them to the public network without the use of a router. You must configure a Firewall on each virtual machine.
Connecting via Edge router
An Edge router is a software router through which virtual machines access the public network. Virtual machines communicate with the Edge router using a private network.
When you create a virtual data center, a Compact size Edge router is automatically created with a the default_net preconfigured private network and basic Firewall and NAT rules, more details in the manual Edge routers.
You can create a new Edge router and add a private network to it. After that, it is necessary firewall and NAT rules for SSH/RDP access. Optionally, you can set up a VPN and load balancing.
Connecting via Direct Connected subnet
A Direct Connected subnet is a public subnet that is created at the virtual data center level and to which virtual machines directly connect and obtain IP addresses from this network without using an additional router (Edge router) and without the need to configure Firewall and NAT. If a utility is installed inside the virtual machine and network interface VMware Tools (packet open-vm-tools), the IP address will be added automatically when the virtual machine is built.
A Direct Connected subnet can contain from 5 to 253 IPv4 addresses. The limit on Direct Connected subnets is five per organization. To increase the limit, file a ticket.
For more information on working with Direct Connected subnets, please refer to the manual Manage Direct Connected subnets.
Private network
The network may be available within a virtual data center or a group of them and may be of one of the types:
- Routed — A private network that connects virtual machines in the virtual data center to the Edge router. It is accessible from the Internet if NAT rules are configured. When you create a virtual data center, the following is automatically created default_net like Routed;
- Isolated — a private network connecting virtual machines that is only accessible within the virtual data center and is not accessible from the Internet. This network can be shared between virtual datacenters within an organization, see the instructions for more details Create a common network between virtual data centers.
Preconfigured private network default_net
The preconfigured default_net private network is created automatically after creating the virtual data center and the default Edge router (Compact size). It can be used to connect the virtual machine to the Internet.
Default_net network characteristics:
- static address pool:
10.0.0.101—10.0.0.132; - DNS: Primary DNS
188.93.16.19and Secondary DNS188.93.17.19; - the network has access to the Internet: it is connected to an Edge router with NAT and Firewall rules configured;
- A DHCP server with a pool of addresses is installed on the Edge router of the network
10.0.0.2—10.0.0.100.
Blocked ports
To secure Selectel's infrastructure from malicious network activity, we will blocked some ports including 25 (mailings).
If the port does not fall under the above restrictions, check its availability on the OS side using the Nmap utility.