Help Center
Home Server & Cloud Infrastructure Cloud Server Setting Up a Private Network in the Cloud Server

Set up private network for cloud server (Ubuntu 22.04)

With a private network, you can divide your existing network into multiple logical networks. This division gives you greater flexibility when you want to assign your servers to individual network segments.

In a private network, the servers communicate via local IPs that are not routed on the Internet.

Cloud Server with Ubuntu 22.04 image from IONOS that you recreate

If you create a cloud server with an Ubuntu 22.04 image of IONOS and select an existing or a new private network, the new server is automatically added to the selected private network. As soon as the newly created server is assigned to the desired private network, an additional network interface is available on it, which is already automatically configured for the use of the private network.

Cloud Server with Ubuntu 22.04 ISO image and pre-existing Cloud Server with Ubuntu 22.04 image

If you add an existing server to a private network, you must then manually configure the network interface to access the private network. Once the server has been assigned to the private network, an additional, non-configured network interface is present on the assigned server. This also applies to newly created cloud servers with an Ubuntu 22.04 ISO image.

To configure the network interface for the private network:

Requirements

  • You have created a private network.

  • You have assigned the desired server to the private network in the Cloud Panel.

Check whether netplan is used for network configuration

To check whether your server already uses netplan for the network configuration, proceed as follows:

  • Change to the /etc/netplan directory.

    [root@localhost ~]# cd /etc/netplan

  • Check whether there is not already a configuration file in this directory. To do this, enter the following command:

    [root@localhost ~]# ls

Note

If the directory /etc/netplan does not exist, netplan has not been installed. In this case, do not install netplan, but follow the steps described in the following article:

Setting Up Private Network for Cloud Server (Debian/Ubuntu)

Determine network interface

  • Determine the file names of the network interfaces and the IP addresses used. To do this, enter the following command:

    [root@localhost ~]# ip addr

    Example:

    [root@localhost ~]# ip addr
    1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
        link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
        inet 127.0.0.1/8 scope host lo
           valid_lft forever preferred_lft forever
        inet6 ::1/128 scope host
           valid_lft forever preferred_lft forever
    2: ens192: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
        link/ether 00:50:56:2b:2c:68 brd ff:ff:ff:ff:ff:ff
        inet 82.165.76.161/32 brd 212.227.209.26 scope global dynamic ens192
           valid_lft 33737sec preferred_lft 33737sec
        inet6 fe80::250:56ff:fe2b:2c68/64 scope link
           valid_lft forever preferred_lft forever
    3: ens224: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
        link/ether 00:50:56:20:cf:11 brd ff:ff:ff:ff:ff:ff

    In this example, the name of the network interface is ens192. The name of the unconfigured network interface for the private network is ens224.

  • Make a note of the names of the network interfaces.

Show default DNS server

  • To display the DNS servers used, enter the following commands:

    [root@localhost ~]# curl http://169.254.169.254/latest/meta_data/dns/nameservers -Lv

    [root@localhost ~]# curl http://169.254.169.254/latest/meta_data/dns/nameservers6 -Lv

  • Then the DNS servers used are displayed at the end of the output. Example:

    [root@localhost ~]# curl http://169.254.169.254/latest/meta_data/dns/nameservers -Lv
    *   Trying 169.254.169.254...
    * TCP_NODELAY set
    * Connected to 169.254.169.254 (169.254.169.254) port 80 (#0)
    > GET /latest/meta_data/dns/nameservers HTTP/1.1
    > Host: 169.254.169.254
    > User-Agent: curl/7.61.1
    > Accept: */*

    < HTTP/1.1 200 OK
    < Date: Thu, 08 Sep 2022 12:19:36 GMT
    < Server: Apache
    < Strict-Transport-Security: max-age=63072000; includeSubDomains
    < Vary: Accept-Encoding
    < Access-Control-Allow-Origin: *
    < Access-Control-Allow-Headers: X-TOKEN, X-HASH, X-MICROTIME, X-USER, Content-Type, X-API-TOKEN, Authorization
    < Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
    < Access-Control-Expose-Headers: Error-Msg
    < Cache-control: no-cache, no-store, max-age=0
    < Access-Control-Allow-Origin: *
    < Access-Control-Allow-Headers: X-TOKEN, X-HASH, X-MICROTIME, Content-Type, X-API-TOKEN, Authorization
    < Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
    < Access-Control-Expose-Headers: Error-Msg
    < Transfer-Encoding: chunked
    < Content-Type: text/plain;charset=UTF-8

    212.227.123.16,212.227.123.17
    * Connection #0 to host 169.254.169.254 left intact

  • Note the DNS servers. In the above example, the DNS servers are displayed above the line * Connection #0 to host 169.254.169.254 left intact.

Show gateway for IPv4 and IPv6

  • To display the default gateway of the active interface, enter the following commands:

    IPv4:

    [root@localhost ~]# ip route show | grep 'default'

    IPv6:

    [root@localhost ~]# ip -6 route show | grep 'default'

  • Note the IP addresses of the gateways. These are listed directly after the default via part. Examples:

    IPv4 gateway

    root@localhost:~# ip route show | grep 'default'
    default via 10.255.255.1 dev ens192 proto static onlink
    default via 10.255.255.1 dev ens192 proto dhcp src 217.160.141.60 metric 100

    IPv6 gateway

    root@localhost:~# ip -6 route show | grep 'default'
    default via fe80::1 dev ens192 proto ra metric 100 expires 3sec pref high
    default via fe80::1 dev ens192 proto static metric 1024 pref medium

Static configuration of IPv4 and IPv6 addresses and private network.

  • Check if there is not already a configuration file in the directory below. Enter the following command:

    [root@localhost ~]# ls /etc/netplan

  • If the file 00-Public_network.yaml is located in this directory, open it with the Edito vi. If this file does not exist, you can create it with the same command. To do this, enter the following command:

    [root@localhost ~]# sudo vi etc/netplan/00-Public_network.yaml

    If the file 01-netcfg.yaml is in this directory, rename it. To do this, enter the following command and replace the placeholders.

    [root@localhost ~]# mv OLD_CONFIGURATIONDATA.yaml 00-Public_network.yaml

Notes

  • The vi editor has an insert mode and a command mode. You can enter the insert mode by pressing the [i] key. In this mode, the entered characters are immediately inserted into the text. To enter the command mode, press [ESC] afterwards. When you use command mode, your keyboard input is interpreted as a command.

  • To exit vi and save the file, type the command :wq, and then press Enter.

  • Add the following information:

    network:
      ethernets:
        NETWORK INTERFACE:
          addresses:
            - MAIN-IPv4-ADDRESS/32
            - ADDITIONAL IPv4-ADDRESS 1/32
            - MAIN-IPv6-ADDRESS/64
            - ADDITIONAL IPv6-ADDRESS 1/64 
          gateway6: GATEWAY FOR IPv6
          nameservers:
            addresses:
              - IP-ADDRESS OF NAMESERVER 1
              - IP-ADDRESS OF NAMESERVER 2 
          routes:
            - on-link: true
              to: default
              via: STANDARD-GATEWAY OF THE ACTIVE INTERFACE
        NAME_OF_PRIVATE_NETWORK_INTERFACES:
          addresses:
          - IP-ADDRESS_OF_SERVERS_ON_PRIVATE_NETWORK/32
          dhcp4: false
      version: 2


    Example:

    network:
      ethernets:
        ens192:
          addresses:
          - 82.165.76.161/32
          - 217.160.212.178/32
          - 2001:8d8:1801:853c::1/64
          - 2001:8d8:1801:853c::2/64
          gateway6: fe80::1
          nameservers:
            addresses:
            - 212.227.123.16
          routes:
          - on-link: true
            to: default
            via: 10.255.255.1
        ens224:
          addresses:
           - 192.168.2.7/24
          dhcp4: false
      version: 2

  • Replace the placeholder NETWORKINTERFACE with the interface device ens192. Then enter the main IPv4 address and the additional IPv4 addresses as well as the main IPv6 address and the additional IPv6 addresses. To do this, replace the placeholders.

Attention

  • Indentation is part of the syntax of the YAML format. Therefore, make sure that they are followed correctly. Otherwise, the configuration cannot be adopted correctly and the server may no longer be accessible.

  • Always use the space bar for the indentations.

  • Replace the placeholder GATEWAY FOR IPv6 with the determined IPv6 gateway.

  • Replace the placeholder IP-ADDRESS OF NAMESERVER 1 and IP-ADDRESS OF NAMESERVER 2 with the determined name servers.

  • Replace the placeholder STANDARD-GATEWAY OF THE ACTIVE INTERFACE with the determined IPv4 gateway.

  • Replace the placeholder NAME_OF_PRIVATE_NETWORK_INTERFACES with the name of the private network interface.

  • Replace the placeholder IP-ADDRESS_OF_SERVERS_ON_PRIVATE_NETWORK.

  • To check the configuration file, enter the following command:

    root@localhost:~# netplan --debug apply

Attention

The changes you have made in the configuration file remain and must be changed manually if they are not correct. Otherwise, the operating system will try to load them after a restart.

  • Restart the server to apply the changes. To do this, enter the following command:

    systemctl reboot

Content