Public cloud networks
All virtual machines can be connected to private-network and public-network (Internet). Internet connectivity can be configured via Edge routers or Direct Connected subnets.
Public network
Virtual machines can be connected to the public network (Internet) using one of the schemes:
- via local Edge router (default). The virtual machines in the virtual data center communicate with a private network that connects to the Edge router, and the Edge router connects to the Internet. Firewall and NAT must be configured on the Edge router;
- via Direct Connected subnet, which links virtual machines and connects them to the public network without using a router. You must configure a Firewall on each virtual machine.
Connecting via Edge router
An Edge router is a software router through which virtual machines access the public network. Virtual machines communicate with the Edge router using a private network.
When you create a virtual data center, a Compact-sized Edge router with pre-configured-private default_net and basic Firewall and NAT rules is automatically created, see the Edge routers instructions for details.
You can create a new Edge router and add a private network to it. After that, you need to configure Firewall and NAT rules for SSH/RDP access. Optionally, you can configure VPN and load balancer.
Connecting via Direct Connected subnet
A Direct Connected subnet is a public subnet that is created at the virtual data center level and to which virtual machines directly connect and obtain IP addresses from this network without using an additional router (Edge router) and without the need to configure Firewall and NAT. If the VMware Tools utility (open-vm-tools package) is installed inside the virtual machine and network interface, the IP address is added automatically when the virtual machine is built.
A Direct Connected subnet can contain from 5 to 253 IPv4 addresses. The limit on Direct Connected subnets is five per organization. To increase the limit, create a ticket.
See the Manage Direct Connected Subnets instructions for more information on working with Direct Connected subnets.
Private network
The network may be available within a virtual data center or a group of them and may be of one of the types:
- Routed — A private network that connects virtual machines in a virtual data center to an Edge router. Accessible from the Internet if NAT rules are configured. When you create a virtual data center, a pre-configured default_net of type Routed is automatically created;
- Isolated — A private network connecting virtual machines that is only accessible within the virtual data center and is not accessible from the Internet. This network can be shared between virtual datacenters within an organization, see the Create a shared network between virtual datacenters instructions for details.
Preconfigured private network default_net
The preconfigured default_net private network is created automatically after the virtual data center and default Edge router (Compact size) are created. It can be used to connect the virtual machine to the Internet.
Default_net network characteristics:
- static address pool:
10.0.0.0.101—10.0.0.132; - DNS: Primary DNS
188.93.16.19and Secondary DNS188.93.17.19; - the network has access to the Internet: it is connected to an Edge router with NAT and Firewall rules configured;
- A DHCP server with address pool
10.0.0.0.2—10.0.0.100is raised on the Edge router of the network.
Blocked Ports
To secure Selectel's infrastructure from malicious network activity, we blocked some ports, including 25 (mailing lists).
If the port does not fall within these restrictions, check its availability on the OS side using the Nmap utility.