News

Back
2024
May
31
2024

Convenient Overview of Private Networks

Not every server should be accessible directly from the Internet. Segmentation into several networks may make particular sense in terms of security, e.g. to shield database servers or to filter traffic on a central firewall. Our cloud control panel allows you to maintain an overview, even when there are numerous private networks, thus minimizing the risk of configuration errors.

Private networks for every requirement

The first step to using a private network has been kept intentionally simple at cloudscale: it takes just a few clicks during launch to connect virtual servers to an existing or a new private network. The connection to the private network can either be set up in addition to the direct connection to the Internet or can replace the latter. The private network is exclusively available to you from layer 2, which allows you, for example, to freely configure the IP addresses on the involved servers. Jumbo frames are supported for enhanced efficiency in the private network, but it goes without saying that you can customize the default MTU of 9000 bytes if required.

In a private network, a DHCP service is available as standard, allocating IP addresses from a randomly selected /24 within 172.16.0.0/12 to requesting servers. In addition, there are many other configuration options available. These allow you, for example, to create private networks without a DHCP service or to define any other IP range (at least /24) for the DHCP service. DHCP functionality can also be deactivated for individual servers or the IP address can be allocated in a fixed manner in the private network instead of the DHCP service selecting it at random. Together with the IP address, the DHCP service can also provide servers with a gateway and/or a list of DNS resolvers, thus making local configuration of this information redundant.

Consistently clear layout

The "Networks" area in our cloud control panel ensures that you always maintain an overview, even when there are several private networks. We have expanded this progressively over recent months so that all the relevant details of your private networks are clearly summarized and can, in part, be customized directly.

Under "Settings", in addition to the freely selectable network name, you will also find those details that relate directly to the layer 2 network, in particular the MTU. While this setting determines the packet size that is actually possible in the private network, if the DHCP service is activated, it is also communicated to the servers in the DHCP response.

The "Subnets" tab summarizes the information associated with the DHCP service. This includes the IP address area selected for the network in CIDR notation and the range from which the DHCP service selects the addresses, provided that you do not indicate specific addresses. The "Gateway" and "DNS Servers" values do not affect the behavior of the DHCP service directly, but are part of the DHCP response to configure your servers.


Finally, under "Ports", you will see all the devices involved in your private network, including their MAC address and the IP address that the DHCP may have reserved for the device. It also goes without saying that you can use other IPv4 or IPv6 addresses on your virtual servers. In addition to your virtual servers, the two DHCP servers that manage your subnet are listed as well.

Any load balancers are also included in the list. Due to it being designed for high availability, a load balancer consists of two individual servers, which is why it appears with two ports in your private network. The IP addresses visible here are the same as the ones that can be seen in your backend's logs, unless you are using the proxy(v2) protocol for the load balancer pool in question, which transmits the actual source IP of the client together with the simple TCP packets to your backend. If the VIP address of the load balancer is also located in the private network, it will be listed under the ports, too.


Security considerations mean that it often makes sense only to connect those systems that actually need to communicate with each other. And if your setup develops further over time, "Networks" in our cloud control panel will always allow you to see which networks are available and where which devices are involved. This helps you reduce the risk of errors and makes your life even easier with the centrally managed DHCP options.

Networks made easy.
Your cloudscale team

Back to overview