Public cloud networks
All virtual machines can be connected to a private network and a public network (the Internet).Internet connectivity can be configured via Edge routers or Direct Connected subnets.
Public network
Virtual machines can be connected to the public network (Internet) using one of the schemes:
- through the local Edge router (default). The virtual machines in the virtual data center communicate with a private network that connects to the Edge router, and the Edge router connects to the Internet. Firewall and NAT must be configured on the Edge router;
- through a Direct Connected subnet which links virtual machines and connects them to the public network without the use of a router. You must configure a Firewall on each virtual machine.
Connecting via Edge router
An Edge router is a software router through which virtual machines access the public network. Virtual machines communicate with the Edge router using a private network.
When you create a virtual data center, a Compact size Edge router is automatically created with a default_net preconfigured private network and basic Firewall and NAT rules, more details in the Edge router instructions.
You can create a new Edge router and add a private network to it. After that, you need to configure Firewall and NAT rules for SSH/RDP access. Additionally, you can configure VPN and load balancing.
Connecting via Direct Connected subnet
A Direct Connected subnet is a public subnet that is created at the virtual data center level to which virtual machines directly connect and obtain IP addresses from this network without using an additional router (Edge router) and without having to configure Firewall and NAT. If VMware Tools ( open-vm-tools package ) is installed inside the virtual machine and network interface, the IP address is added automatically when the virtual machine is built.
A Direct Connected subnet can contain from 5 to 253 IPv4 addresses. The limit for Direct Connected subnets is five per organization. To increase the limit, create a ticket.
For more information about working with Direct Connected subnets, see Managing Direct Connected Subnets.
Private network
The network may be available within a virtual data center or a group of them and may be of one of the types:
- Routed — A private network that connects virtual machines in the virtual data center to the Edge router. It is accessible from the Internet if NAT rules are configured. When you create a virtual data center, a preconfigured default_net of type Routed is automatically created;
- Isolated — a private network connecting virtual machines that is only accessible within the virtual data center and is not accessible from the Internet. This network can be shared between virtual datacenters within an organization, see Create a shared network between virtual datacenters for more information.
Preconfigured private network default_net
The preconfigured default_net private network is created automatically after creating the virtual data center and the default Edge router (Compact size). It can be used to connect the virtual machine to the Internet.
Default_net network characteristics:
- static address pool:
10.0.0.101—10.0.0.132; - DNS: Primary DNS
188.93.16.19and Secondary DN S188.93.17.19; - the network has access to the Internet: it is connected to an Edge router with NAT and Firewall rules configured;
- A DHCP server with address pool
10.0.0.0.2—10.0.0.0.100 isinstalled on the Edge router of the network.
Blocked ports
To secure Selectel's infrastructure from malicious network activity, we blocked some ports, including port 25 (mailing).
If the port does not fall within these restrictions, check its availability on the OS side using the Nmap utility.