Managing networks

You can create networks, view network details, edit, and delete them. Moreover, you can configure inbound firewall rules on your nodes to prevent access from untrusted sources to the cluster. To enable traffic filtering, you need to configure allow and deny lists for a network. By default, the lists are empty and all incoming traffic is allowed. You can create access rules in them to configure access for incoming traffic. Access rules in the allow list have higher priority than those in the deny list. If you also have access rules for traffic types, access lists configured for them will have higher priority than those of networks.

Limitations

  • An infrastructure network cannot be renamed if it is used by a compute virtual network.
  • You can only delete networks that are not assigned to any network adapters.

To create a network

  1. On the Infrastructure > Networks screen, click Create network.
  2. In the New network window, specify a network name. Network names may contain only Latin letters, numbers, and underscores, and must be 3 to 32 characters long.

  3. In the Access rules section, do the following:

    • To accept traffic from particular IP addresses, specify these IP addresses in the Allow list section.
    • To block traffic from particular IP addresses, specify these IP addresses in the Deny list section.

    You can enter single IP addresses, IP address ranges, and subnet ranges in CIDR notation.

  4. Click Create.

To view network details

Click the cogwheel icon next to the network name. In the network summary window, the following information is available:

  • The General section includes the network CIDR and subnet mask.
  • The Connected interfaces section shows the nodes’ network interfaces with their IP addresses.

To rename a network

  1. On the Infrastructure > Networks screen, click the cogwheel icon next to the network name.
  2. In the network summary window, click Edit.
  3. In the Edit window, enter a new name, and then click Save.

To filter incoming traffic for a network

  1. On the Infrastructure > Networks screen, click the cogwheel icon next to the network name.
  2. In the network summary window, click Edit.

  3. In the Edit network window, specify IP addresses in the Allow list or Deny list section, to allow or drop traffic from these IP addresses. You can enter single IP addresses, IP address ranges, and subnet ranges in CIDR notation.

  4. Click Save.

The updated access rules will be applied on all nodes connected to this network.

To view access rules for a network

  1. On the Infrastructure > Networks screen, find a network with the shield icon next to its name.
  2. Hover over the icon to see what access rules are configured for this network.

To delete a network

  1. On the Infrastructure > Networks screen, click the cogwheel icon next to the network name.
  2. In the network summary window, click Delete.
  3. In the Delete network window, confirm your action by clicking Delete.
Related Topics Link IconSee also