Network Interface Management

Owned by W.Erber
Last updated: Dec 09, 2022Version comment
1 min read

To add an additional network interface to an instance or to remove an interface from your instance perform the steps described below.

Please note: The steps below only provide a basic overview. The exact tasks required will vary depending on your network design. Please refer to the IBM cloud documentation for details.

Contents

When an instance is created, a default Ethernet interface is attached to the system. This default network interface is mandatory. During the creation of the instance, you can add additional network interfaces.

General Information

A VPC can be part of only one region, but multiple zones within this region.

  • Region: refers to a geographic region; can contain multiple zones.
  • Zone: represent independent fault domains.

To create additional VPCs (if required), perform the steps below.


Create VPCs and Subnets for Instance

If the necessary VPC and the associated subnets do not exist yet, create them before you create your virtual server. A virtual server can be a member of one VPC.

Step 1: go to the VPC section.

Select the Menu at the top left, and then VPC Infrastructure > Network > VPCs. This will open the list of existing VPCs or an empty list as shown in the sample below:


Step 2: start the VPC creation.

To open the VPC creation window, click on the Create button at the top right of the VPC list.


Step 3: enter the required information for the new VPC and the first subnet.

At the top of the VPC creation window, enter the following information as shown in the sample below:

  • VPC Name
  • Resource group to which the VPC belongs
  • Tags (optional)
  • Access allowed by the default security group.


In the middle of the VPC creation window enter the following information as shown in the sample below:

  • Whether a default address prefix should be created for each zone.
  • Information for the first subnet in the VPC:
    • Subnet name
    • Resource group for the subnet
    • Location of the subnet


At the bottom of the VPC creation window enter at least the following information as shown in the sample below:

  • IP range for the subnet (the size of the subnet cannot be changed later!)
  • Whether a public gateway for Internet traffic should be attached to the subnet (enables outgoing Internet access for systems on this subnet)

You can add additional subnets later.


Step 4: confirm your data and create VPC and subnet.

To complete the creation of VPC and subnet, click on the blue button Create virtual private cloud on the right pane of the window:

After this, your new VPC should be visible in the VPC list.

If required, you can now configure the ACL for the subnet (by default, it allows all traffic), or other parameters of the VPC. To get to these options, click on the name of the VPC in the list.


Adding Additional NICs to an Instance

Please note:

  • A virtual server can have up to 5 network interfaces.
  • You can attach each network interface to a different or the same subnet in the same zone. A different subnet is recommended by IBM.
  • Each network interface receives a private IP address from the subnet range.

To add a new NIC, perform the steps described below.

Step1: open the instance details view.

In the VPC infrastructure section, go to the Virtual server instances list and click on your instance to open the details view.


Step 2: open the window to create a new interface.

Go to the bottom of the instance details page and click on New Interface in the Network interfaces section as illustrated below:

This will open the new interface configuration page.


Step 3: add and confirm the information for your interface.

Select the options for your new interface:

  • Interface name (default monotonically increasing number).
  • Subnet
  • Security group
  • IP spoofing (routing capability)

Then click on Create.

The image below provides an illustration:

The new interface will be displayed in the list of network interfaces in the instance details view.


External Connectivity

Floating IP Addresses

A floating IP address is a public IP address. It enables a virtual server to access the Internet and to receive connections initiated by hosts on the Internet. You can assign one floating IP address to a virtual server. This address must initially be assigned to the primary interface (eth0).

  1. When adding a floating IP address to the virtual server for the first time, select the primary network interface in the Network interfaces section of the Instance details page (default: eth0).
  2. Click the pencil icon to edit the primary network interface.
  3. On the Edit network interface page, locate the Floating IP address field. You can select Reserve a new floating IP or you can select an existing floating IP address.
  4. Click Save to confirm.

Currently, floating IP addresses can only be IPv4 addresses.

Public IP Gateway

A public IP gateway is attached to a subnet and provides outgoing Internet access to all servers on the subnet. Connections initiated from outside are not possible.

There can only be one public IP gateway per zone, but it can be attached to multiple subnets.

The following example shows a subnet with a public IP gateway attached and one instance that also has its own floating IP address. In this case, the individual floating IP address takes precedence for communication:

Deleting a Network Interface

To delete a network interface go the the network interface section at the bottom of the instance details view and click on the circle with the - sign.



Address Assignment Information

General information

Primary subnets are assigned automatically and managed by IBM Cloud. Every server receives at least one IP address from a primary subnet: this is normally called the primary IP address.

IP addresses within primary subnets cannot be reserved. If an address in a primary subnet is not assigned to an instance, it is not available for use. Attempting to manually assign IP addresses from primary subnets can lead to IP conflicts on the network and general service disruption.

Secondary subnets (at a cost) can provide custom application IP addresses. There are static subnets (the whole subnet is assigned to one resource) and portable subnets (all resources on a VLAN can use addresses from this subnet). The following refers to portable subnets.

Address Ranges

When creating a VPC and its subnets, subnet address ranges are assigned to these subnets. There are some restriction regarding permitted address ranges in portable subnets:

Reserved subnet addresses (examples based on 10.0.0.0/24):

  • 10.0.0.0: network address
  • 10.0.0.1: default gateway
  • 10.0.0.2: reserved by IBM for future use
  • 10.0.0.3: reserved by IBM for future use
  • 10.0.0.255: broadcast address

Please note:

  • Take care to assign big enough address ranges to your subnets. They cannot be changed later.

Additional IBM-specific Information

Public subnet gateway:
If you add a public gateway to a subnet, all systems on the subnet (subject to security group and ACL settings) have outgoing Internet access if they use the default gateway of the subnet as their default gateway. This also works for a guest system with a dedicated NIC running in the emulator. If a floating IP is assigned to an instance in such a subnet, the floating IP takes precedence.

Number of VPC per virtual server:
A virtual server can only be provisioned in one VPC.

Floating IP address:
A public IP address to the primary NIC (eth0). You can assign only one floating IP address to an instance.

Subnet IP range:
The size of a subnet IP range cannot be increased after it has been created.


<Go to top>


© Stromasys, 1999-2024  - All the information is provided on the best effort basis, and might be changed anytime without notice. Information provided does not mean Stromasys commitment to any features described.