Overview
The DCD helps you interconnect the elements of your infrastructure and build a network to set up a functional VDC. Virtual networks work just like normal physical networks. Transmitted data is completely isolated from other subnets and cannot be intercepted by other users.
You cannot find any switches in the DCD by design. Switching, routing, and forwarding functionality is deeply integrated into our network stack, which means we are responsible for distributing your traffic. If you wish to route from one of your private networks to the next by means of a virtual machine(VM), the VM must be configured accordingly, and the routing table adjusted.
IP settings: By default, IP addresses are assigned by our DHCP server. You can also assign IP addresses yourself. MAC addresses cannot be modified.
Firewall: To protect your network against unauthorized access or attacks from the Internet, you can activate one of the supported firewalls for each NIC: Ingress, Egress, or Bidirectional. By default, the firewall activation blocks all traffic. However, you can configure rules to specify what traffic can pass through. You can specify rules for individual source or target IPs for TCP, UDP, ICMP, ICMPv6, VRRP, GRE, AH, and ESP protocols.
Network Interface Cards
IONOS Cloud allows virtual entities to be equipped with network cards (“network interface cards”; NICs). Only by using these virtual network interface cards, it is possible to connect multiple virtual entities together and/or to the Internet.
Parameter | Size | Performance |
Throughput, internal | MTU 1,500 | Up to 6 Gbps |
Throughput, external | MTU 1,500 | Up to 2 Gbps |
The maximum external throughput may only be achieved with a corresponding upstream of the provider.
Compatibility
The use of virtual MAC addresses and/or the changing of the MAC address of a network adapter is not supported. Among others, this limitation also applies to the use of CARP (Common Address Redundancy Protocol).
Gratuitous ARP (RFC 826) is supported.
Virtual Router Redundancy Protocol (VRRP) is supported based on gratuitous ARP. For VRRP to work IP failover groups must be configured.
External Network
Depending on the location, different capacities for transmitting data to or from the Internet are available for operating the IONOS Cloud service. Due to the direct connection between the data centers at the German locations, the upstream can be used across locations.
The total capacities of the respective locations are described below:
Location | Connection | Redundancy level | AS |
---|---|---|---|
Berlin (DE) | 2 x 100 Gbps | N+1 | AS-8560 |
Frankfurt am Main (DE) | 2 x 100 Gbps | N+5 | AS-8560 |
Karlsruhe (DE) | 2 x 100 Gbps | N+2 | AS-8560 |
London (UK) | 1 x 10 Gbps 1 x 100 Gbps | N+1 | AS-8560 |
Logroño (ES) | 4 x 100 Gbps | N+1 | AS-8560 |
Paris (FR) | 2 x 100 Gbps | N+1 | AS-8560 |
Las Vegas (US) | 2 x 10 Gbps | N+2 | AS-54548 |
Newark (US) | 2 x 10 Gbps | N+1 | AS-54548 |
Lenexa (US) | 4 x 100 Gbps | N+2 | AS-54548 |
IONOS backbone AS-8560, to which IONOS Cloud is redundantly connected, has a high-quality edge capacity of 1.100 Gbps with 2.800 IPv4/IPv6 peering sessions, available in the following Internet and peering exchange points: AMS-IX, BW-IX, DE-CIX, ECIX, Equinix, FranceIX, KCIX, LINX.
Internal Network
IONOS Cloud operates redundant networks at each location. All networks are operated using the latest components from brand manufacturers with connections up to 100 Gbps.
IONOS Cloud uses high-speed networks based on InfiniBand technology both for connecting the central storage systems and for handling internal data connections between customer servers.
Core Network
IONOS Cloud operates a high availability core network at each location for the redundant connection of the product platform. All services provided by IONOS Cloud are connected to the Internet via this core network.
The core network consists exclusively of devices from brand manufacturers. The network connections are completed via an optical transmission network, which, by use of advanced technologies, can provide transmission capacities of several hundred gigabits per second. Connection to important Internet locations in Europe and America guarantees the customer an optimal connection at all times.
Data is not forwarded to third countries. At the customer’s explicit request, the customer can opt for support in a data center in a third country. In the interests of guaranteeing a suitable data protection level, this requires a separate agreement (within the meaning of article 44-50 DSGVO and §§ 78 ff. BDSG 2018).
IP Address Management
IONOS Cloud provides the customer with public IP addresses that, depending on the intended use, can be booked either permanently or for the duration for which a server exists. These IP addresses provided by IONOS Cloud are only needed if connections are to be established over the internet. Internally, VMs can be freely networked. For this, IONOS Cloud offers a DHCP server that allows assignment of IP addresses. However, one can establish one’s own addressing scheme.
See also: Reserve an IP Address
Public IPv4 Addresses
Every virtual network interface card that is connected to the internet is automatically assigned a public IPv4 address by DHCP. This IPv4 address is dynamic, meaning it can change while the server is operational or in the case of a restart.
Customers can reserve static public IPv4 addresses for a fee. These reserved IPv4 addresses can be assigned to a virtual network interface card, which is connected to the internet, as primary or additional IP addresses.
Private IPv4 Addresses
In networks that are not connected to the Internet, each virtual network interface card is automatically assigned a private IPv4 address. This is assigned by the DHCP service. These IPv4 addresses are assigned statically to the MAC addresses of the virtual network interface cards.
The use of the IP address assignment can be enabled or disabled for each network interface card. Any private IPv4 addresses pursuant to RFC 1918 can be used in private networks.
Network address range | CIDR notation | Abbreviated CIDR notation | Number of addresses | Number of networks as per network class (historical) |
10.0.0.0 to 10.255.255.255 | 10.0.0.0/8 | 10/8 | 224 = 16.777.216 | Class A: 1 private network with 16,777,216 addresses; 10.0.0.0/8 |
172.16.0.0 to 172.31.255.255 | 172.16.0.0/12 | 172.16/12 | 220 = 1.048.576 | Class B: 16 private networks with 65,536 addresses; 172.16.0.0/16 to 172.31.0.0/16 |
192.168.0.0 to 192.168.255.255 | 192.168.0.0/16 | 192.168/16 | 216 = 65.536 | Class C: 256 private networks with 256 addresses; 192.168.0.0/24 to 192.168.255.0/24 |
Public IPv6 Addresses
By default, every VDC is assigned a public /56 IPv6 CIDR block. Customers can choose to enable IPv6 in a LAN as per their needs and a maximum of 256 IPv6 enabled LANs can be created per VDC. On enabling IPv6 in a LAN, the customer can either select a /64 IPv6 CIDR block from the /56 IPv6 CIDR block assigned to the VDC or have a /64 block automatically assigned to the LAN. Public IPv6 addresses are assigned to both private and public LANs.
Every connected virtual NIC is then assigned a /80 IPv6 CIDR block and a single /128 IPv6 address either automatically, or the customer can also select both. The /80 and /128 address must both be assigned from the /64 IPv6 CIDR block assigned to the corresponding LAN. The first public IPv6 address is assigned by DHCP and in total a maximum of 50 IPv6 addresses can be assigned per NIC. IPv6 addresses are static, meaning they remain assigned in the case of a VM restart.
Last updated