General information about cloud platform networks
The cloud platform networks are powered by OpenStack Neutron. For more information, see the Neutron section of the OpenStack documentation.
You can work with cloud platform networks in the control panel, using the OpenStack CLI or Terraform.
Tasks to be solved
In a cloud platform using network objects, you can:
- configure connectivity between devices in the same pool and aggregate devices into private subnets using ports: cloud servers, load balancers, file storage, Managed Kubernetes clusters and cloud database clusters;
- Route traffic between private subnets and configure Internet access for devices on a private subnet using cloud routers;
- Connect static public IP addresses to devices on private subnets to configure access to them from the Internet;
- Connect devices to public subnets for access to and from the Internet. Cloud servers, load balancers, and cloud database clusters can be ported to public subnets;
- Distribute incoming network traffic between cloud servers using load balancers;
- To organize network connectivity between devices in different pools (including different projects and accounts) or between different services, private subnets can be connected to a global router;
- configure static routes for subnets.
To limit traffic, you can use:
- cloud firewalls — Cloud firewalls are assigned to a cloud router port and allow you to filter traffic for private subnets and public IP addresses;
- security groups — are assigned to a cloud server port, allow you to filter all port traffic;
- allowed IP/MAC addresses — are configured on a cloud server port, allow outgoing port traffic only from specific IP/MAC address pairs.
To use security groups and authorized IP/MAC addresses , port security must be enabled on the network.
Throughput
Cloud platform network objects have outbound and inbound bandwidth restrictions.
St. Petersburg
Moscow
Novosibirsk
Tashkent
Almaty
Nairobi
For a list of regions, availability zones and pools, see the Servercore Infrastructure table.
Bandwidth for devices on private networks can be increased to 10 Gbps — create a ticket.
The speed on a port may drop dramatically, for example, to 0.1 Gbps if the associated IP address is blocked by Servercore security.To increase the speed, create a ticket.
Traffic filtering (port security)
Traffic filtering (port security) is a network function to protect against unauthorized access and attacks. Filtering allows you to:
- Use security groups on cloud server ports;
- add authorized IP\MAC addresses for outgoing traffic from cloud server ports;
- Restrict access to the load balancer.
You can view the filtering status of the network in the Control Panel: from the top menu, click Products → Cloud Servers → Network → Private Networks or Public Networks tab .A network with filtering enabled is marked with a .
Traffic filtering is enabled by default on all new private networks and public subnets and cannot be turned off. If filtering is enabled on a network, it is enabled for each new port on that network:
- The default security group that allows all traffic through the port is assigned.You can assign a different security group;
- This blocks MAC/IP spoofing, VPNs, VRRP, and overlay networks.If you are using a solution based on these, you must add allowed IP/MAC addresses on the port that can be used to send traffic.
Filtering is turned off on private networks and public subnets that have been created:
- in the ru-1 pool until June 2, 2025;
- in the ru-2 pool until June 3, 2025;
- in the ru-3 pool until June 4, 2025;
- in the ru-7 pool until June 5, 2025;
- in the ru-8 pool until May 15, 2025;
- in the ru-9 pool until May 26, 2025;
- in the pool through May 29, 2025;
- in the kz-1 pool until May 28, 2025;
- in the uz-1 pool through May 27, 2025;
- in the uz-2 pool through May 22, 2025;
- in the ke-1 pool until May 26, 2025.
You cannot enable filtering on these networks. If you need to use security groups, add allowed IP\MAC addresses, or restrict access to a load balancer, create a new private network or public subnet and configure addresses from it on your devices.
Blocked ports
Servercore has some TCP/UDP ports blocked by default, traffic through them is blocked.
Cost
Public IP addresses and public subnets are paid for using the cloud platform payment model.
The cost can be viewed at servercore.com.
The rest of the network resources are free of charge.