Manually Setting Up a Private Network for a Cloud Server (Ubuntu 18.04)

With a private network, you can divide your existing network into several logical networks. This subdivision gives you greater flexibility when assigning your servers to individual network segments.

In a private network, the servers communicate through local IPs that are not routed on the Internet.

When you create a server and select an existing or a new private network, the new server is automatically added to the selected private network. In this case, the server is also automatically configured to use the private network. If you add an existing server to a private network, you must then manually configure the network interface to access the private network. As soon as the server has been assigned to the private network, an additional, unconfigured network interface is available on the assigned server.

To configure the private network, you need the subnet address, the corresponding subnet mask, the MAC address, and the name of the additional, unconfigured network interface. You can then use this data to configure the network interface for the private network.

Follow the steps below to configure a network interface for a private network on a IONOS Cloud Server using Ubuntu 18.04:

Requirements
  • You are in the Cloud Panel.

  • You have already created a private network.

Determining the Subnet Address and Subnet Mask of the Private Network

  • In the Network > Private Network section, activate the desired private network.

  • Make a note of the subnet address and the subnet mask. These are displayed in the Configuration area.

Determining the MAC Address and Name of the Private Network Interface

  • Log on to the server as an administrator.

  • To call the MAC address and the name of the network interface for the private network, enter the following command: root@example.com:~# ip addrExample:
    root@localhost:~# ip addr

    1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
        link/loopback 00:00:00:00:00 brd 00:00:00:00:00:00
        inet 127.0.0.1/8 scope host lo
           valid_lft forever preferred_lft forever
        inet6 ::1/128 scope host
           valid_lft forever preferred_lft forever
    2: ens192: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
        link/ether 00:50:56:01:5e:db brd ff:ff:ff:ff:ff
        inet 82.165.61.131/32 brd 82.165.61.131 scope global ens192
           valid_lft forever preferred_lft forever
        inet6 fe80::250:56ff:fe01:5edb/64 scope link
           valid_lft forever preferred_lft forever
    3: ens224: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
        link/ether 00:50:56:22:a0:4c brd ff:ff:ff:ff:ff:ff
    In this example, the name of the unconfigured network interface for the private network is ens224. The MAC address is 00:50:56:22:a0:4c.

  • Make a note of the name of the unconfigured network interface for the private network and the MAC address.

Defining IP Addresses for a Server in a Private Network

To be able to use a server in a private network, you must manually assign an IP address to the server in the private network as part of the manual configuration of the network interface. This IP address cannot be routed to public networks.

Note

Each IPv4 address consists of two parts. The first part is the address for the network where the host is located. The second part is the address for the host. The subnet mask specifies which part of the IPv4 address is used to identify the host (or server) and which part classifies the network itself.

To assign the IP address, you need the following information:

Subnet address: In this case, the subnet address specifies the private network.

Subnet mask: The subnet mask specifies which part of the IP address is used to identify the host (or server) and which part classifies the network itself.

You can use this information to define the IP address at which the server should be accessible in the private network.

Example:

If the defined subnet address or network range is 192.168.1.0 and the 255.255.255.0 subnet mask is used, this means that all computers or servers in the first three bytes match. In this example, you can use a maximum of 254 host addresses (192.168.1.1 to 192.168.1.254). If you have assigned 2 servers to a private network, you can assign the IP addresses 192.168.1.1 and 192.168.1.2 to the respective servers.

Configuring the Private Network Interface

  • Open the /etc/network/interfaces file. root@example.com:~# vi etc/network/interfaces

  • Check whether the line /etc/network/interfaces.d/* is entered.

  • Open the directory /etc/network/interfaces.d.

  • Use vi to create the configuration file for the non-configured interface. The file name of this interface has the following format:
    [NAME_OF_THE_INTERFACE].cfg Example:
    root@example.com:~# vi /etc/network/interfaces.d/ens224.cfg

  • To configure the private network, enter the following information:
    auto [NAME_OF_THE_PRIVATE_NETWORK_INTERFACE]
        iface [NAME_OF_THE_PRIVATE_NETWORK_INTERFACE] inet static
           address [IP_ADDRESS_OF_THE_SERVER_IN_THE_PRIVATE_NETWORK]
           netmask [SUBNET_MASK_OF_THE_PRIVATE_NETWORK]
           hwaddress [MAC_ADDRESS]
    Example:
    auto ens224
        iface ens224 inet static
           address 192.168.1.2
           netmask 255.255.255.0
           hwaddress 00:50:56:22:a0:4c

Note

The vi editor has an insert mode and a command mode. You can enter the insert mode by pressing the i key. In this mode, the characters you enter are immediately inserted into the text. To enter the command mode, press the ESC key. When you use command mode, your keyboard input is interpreted as a command.

  • To exit vi and save the file, type the following command and press Enter:
    :wq

  • To restart the network interface for the private network, enter the following command:
    root@example.com: ifup [NAME_OF_THE_INTERFACE] Example:
    ifup ens224

Checking the New Configuration

To verify that the network interface is configured correctly for the private network, ping the IP address of another server assigned to the private network.

Example:

root@localhost:~# ping -c 1 192.168.1.1
PING 192.168.1.1 (192.168.1.1) 56(84) bytes of data.
64 bytes from 192.168.1.1: icmp_seq=1 ttl=64 time=0.176 ms
64 bytes from 192.168.1.1: icmp_seq=2 ttl=64 time=0.151 ms
64 bytes from 192.168.1.1: icmp_seq=3 ttl=64 time=0.170 ms

--- 192.168.1.2 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2050ms
rtt min/avg/max/mdev = 0.151/0.165/0.176/0.018 ms

When the data packets are delivered to the server, the network interface has successfully been configured for the private network.