Skip to content

Routers

Service description

Routers are virtual networking devices that provide layer 3 (L3) routing and forwarding capabilities. Routers enable seamless connectivity between different networks and provide the necessary routing and NAT functionalities to ensure that instances can communicate with each other and access external resources as needed.

Features

  • Inter-network routing, to connect different networks (subnets) within a cloud, enabling instances in separate networks to communicate with each other.
  • External gateway, to allow instances to access external networks, such as the internet (this is typically achieved by associating a router with a public or external network and using floating IP addresses for instances that need external access)
  • Network Address Translation (NAT), or source NAT (SNAT) for outgoing traffic from instances to external networks, translating private IP addresses to a public IP address (they also handle destination NAT (DNAT) for incoming traffic to instances with floating IP addresses, translating the public IP address to the instance's private IP address) *Routing table, that determines how traffic is forwarded between networks (this includes routes for connected networks and static routes that can be manually configured)
  • High availability (HA), where multiple router instances are used to provide redundancy and failover capabilities, ensuring uninterrupted network connectivity.
  • Distributed Virtual Routing (DVR), which distributes the router's L3 forwarding functions to the compute nodes hosting the instances (this reduces the reliance on centralized network nodes and improves network performance and scalability) *Security, in conjunction with security groups and firewall rules to enforce network security policies and control traffic flow between networks

Key concepts

How it works

  1. When creating networks, you typically create at least two types of networks:

    • Private Networks: These are internal networks used for communication between instances within the same project or tenant. Each private network is usually associated with one or more subnets that define the IP address range and other network settings.
    • Public or External Networks: These networks provide connectivity to external networks, such as the internet.
  2. Create a router to enable communication between different networks and to provide external access for instances. The router acts as a gateway between the private and external networks.

  3. Configure the router with an external gateway, which is associated with the public or external network. This allows the router to route traffic from the private networks to the external network and vice versa.
  4. For each private network that needs to communicate with other networks or access the external network, you add an interface on the router. This interface is connected to the subnet of the private network, effectively linking the network to the router.
  5. When creating an instance, you specify the private network (or networks) to which the instance should be connected. The instance is assigned an IP address from the subnet associated with the private network.
  6. If an instance needs to be accessible from the external network, you allocate a floating IP address from the external network's pool and associate it with the instance. The router handles the NAT (Network Address Translation) to map the floating IP to the instance's private IP address.
  7. When an instance sends traffic to an external destination, the traffic is routed through the private network to the router. The router performs SNAT (Source NAT) to translate the instance's private IP address to the external gateway's IP address and forwards the traffic to the external network. For incoming traffic destined for an instance with a floating IP, the router performs DNAT (Destination NAT) to translate the floating IP to the instance's private IP address and routes the traffic to the appropriate instance.

Routers console

Command line tools

API methods

See also: