Network Introduction
Concepts
Virtual Router
A router is a logical component that forwards data packets between networks. It also provides Layer 3 and NAT forwarding to provide external network access for servers on project networks.
Internal Network
Internal networks are a type of network in which all the instances connected to that network can talk to each other and reach the rest of the Internet through a router, but the rest of the Internet cannot initialize a connection to those instances without a floating IP. Internal networks are ideal for running services you wish to make secure, as, by default, these services are unreachable from the Internet and thus are much harder to compromise.
TRC projects have a pre-created internal network called nw_int_projectname
Subnetwork
Provides IP addressing within the internal network, enabling organized and efficient routing.
TRC projects have a pre-created subnetwork called sn_int_projectname included within the internal network nw_int_projectname
Example
- Internal Network:
nw_int_projectname- Subnet:
sn_int_projectname- IP Range:
192.168.1.0/24 - Gateway:
192.168.1.1
- IP Range:
- Subnet:
Floating IP
OpenStack floating IP addresses are just publicly routable IPs. Users can allocate them to their instances, thus making them reachable from the outside world.
TRC only offers 2 floating ip per project. If you need more, contact the Digital Base department.
Security Groups
A security group acts like a virtual firewall for your servers in OpenStack. It controls the traffic that can enter or leave your instances.
TRC projects have a pre-created security group called sg_projectname with ports 22 and 443 open for any IP address (0.0.0.0/0.)
You can modify this security group according to your needs or create new ones and apply it to your servers.