Networks¶
Account network configuration overview¶
Each account, by default, has only one predefined network - Base.
When ordering a service, the user specifies the network to place the virtual machine:
- IP address is chosen automatically (if a subnet was defined for the network).
- MAC address is chosen automatically.
How to get access to virtual machines:
- Access through HTML5 console/Direct console
- Access through a VPN connection
- Access through Load Balancer
- Access through Public Access
Default public IP address
By default account has only one public IP address for external traffic.
All virtual machines in an account have the same IP address for outbound traffic.
Firewall (SecurityGroups)¶
Traffic on all network interfaces of VMs are filtered by SecurityGroups
.
SecurityGroup are managed in Networking>Firewall.
When provision VM - user can select desired SecurityGroup.
If not selected all VM go to default security group which usually allows some ports:
22/tcp
to connect Linux with SSH protocol,3389/tcp
to connect Windows > with RDP protocol,ICMP
for ping,- outgoing traffic.
By default, virtual machines in an account have access to the Internet, but virtual machines can't be connected from the Internet.
All virtual machines in one account have access to each other. Certain account networks are isolated from other accounts' networks.
Default network isolation
By default a new created network in an account is isolated from the networks of other accounts.