Virtual DC - NAT network with internet access
To effectively use VDC, we need to create a network configuration that meets our expectations. One of the more popular configurations is a network that allows servers within it to connect to the internet using NAT. This way, servers will have internet access, but there will be no access to these servers from the internet.
An example configuration of such a network looks as follows:
VDC (NAT):
Subnet (Public)
- Internet access gateway
- Internet route table #1:
- 0.0.0.0/0 - Internet access gateway
- Private network gateway (NAT)
- IP address
Subnet (Private)
- NAT route table #2:
- 0.0.0.0/0 - Private network gateway
- NAT route table #2:
In our Customer Panel, the ready configuration will look as follows:
Creating VDC network with internet access using NAT
To achieve such a configuration, we need to perform the following steps.
From the menu on the left, select Resources, then from the submenu select Virtual DC, and then click the Add new VDC button.
In the form, select the location in which you want to create your network, and then give it a name. In our example, it will be VDC (NAT).
After creating the network, click on its name or the Details button to enter the network configurator.
Then add a subnet by clicking on the Add subnet button.
In the form, give our subnet a name. In our example, it will be Subnet (Public). Then enter the private addressing (i.e., the range of private IP addresses that will be assigned to our servers) and select the Subnet with public addressing option from the menu.
With the subnet ready, we need to add a gateway to it. To do this, click on the Gateway button.
Give a name to the gateway. In our example, it will be Private network. Then select the NAT option from the Type menu.
Next, we need to connect an IP address to our NAT gateway. To do this, click on the IP Address button.
Select an IP address from the list of available IP addresses. If the IP address list is empty, close the window, select Resources from the menu on the left, then select IP Addresses and add a new IP address to the location where you are creating the VDC. Instructions for adding an additional IP address can be found here.
Then, in the same way, we create a second gateway, which in our example we will name Internet access, and its Type will be set to Direct gateway.
To provide communication between the NAT network and the Internet, we need to create a routing table. To do this, click on the Add routing table button.
In the form, give our table a name. In our example, it will be Internet route table #1.
Next, we add a routing rule to our routing table. To do this, click on the Route rule button.
In the form, assign the rule to the gateway. In our example, this is the gateway named Internet access. We also need to provide a Destination, in this case we enter 0.0.0.0/0.
Then, in the same way, we create a second routing table, which in our example we name NAT route table #2 and for this routing table, we create a new rule,
which in our example is called Private network, and the value of the Destination field is set to 0.0.0.0/0. This way we will have two routing tables, which
will look like the picture below.
To make our network work, we need to connect the routing table to the subnet, to do this, click on the button indicated below.
In the form, we select the previously configured routing table. In our example, it was the Internet route table #1.
To have a complete network configuration, we need to add a second subnet to it, which in our example we will name Subnet (Private).
Then we provide private addressing (i.e., the range of private IP addresses that will be assigned to our servers) and from the Subnet with public addressing menu, select the No option.
The last step is to connect the NAT route table #2 routing table to our Subnet (Private) subnet. The final configuration of our subnets
will look like the image below.
In this way, we have obtained the ready-made configuration, which we presented in the first image.
The last step will be to add servers to the network.
To do this, in the server configurator, select the VDC (NAT) > Subnet (Private) subnet - the server will be automatically connected to our network and
will have a private IP address of our VDC network. If necessary, such a server can always be connected to a public IP address -
this operation can be performed from the detailed server view.