Private networks are now available within the Exoscale cloud infrastructure. Each instance can provision an additional unmanaged network interface that is bound to a private network segment shared only with your other instances in the same zone.
Previously, you were supplied with a single public IP address. With the new private networks feature, you can now go to your instance settings and add a secondary interface. It is up to you to choose a network and IP addresses to use between instances. More details on how to set up private networks for your instances can be found in our documentation. If you want to learn more about IP addressing, you can start with this explanation.
Our private network release also means we have expanded our API. For more information on the respective API calls, follow the links on the private networks documentation page. Compared to the private network functionality of several other cloud providers, Exoscale’s private networks are exclusive to your own instances. We use VXLAN to transport the actual VLAN traffic, thereby achieving Layer 2 isolation.
Private networks are most useful when applications expect to be routed through a secondary interface or when using IP addresses that span over a non-contiguous network is cumbersome. Here are some examples of use cases where private networks are useful:
- enabling applications which need IP multicast functionality
- architecture requiring a dedicated private network interface for communication with other instances
- VPN services and IPsec gateways
Our article on Building an IPsec Gateway With OpenBSD explains how to encrypt traffic from a workstation to a private network.