Secure your application resources
Benefit from a reliable and secure layer-2 network to isolate your resources from the Internet. Avoid unnecessary exposure.
Virtual Private Cloud
Secure your cloud resources with ease on a resilient regional network
Maximize infrastructure reliability without compromising security.
Each VPC is regional and ensures high availability for your architecture, providing redundancy and resilience to keep your applications running smoothly.
Seamlessly and easily deploy complex architectures.
Integrate easily your existing resources: Instances, managed Databases, Elastic Metal, Kubernetes Kaspule, Load Balancer, Public Gateway … Thanks to VPC build multi-layer infrastructure without time-consuming configuration.
Technical specs
- check
Private by design
All regions have a VPC created by design on every account
- check
Resilience
Spread your resources on the same network on different AZs
- check
Private LAN
Layer 2 Ethernet network
- check
High bandwidth
Up to 4 Gbp/s between Instances
- check
Multi-Private Networks
Up to 8 Private Networks per Instance
- check
Scalability
512 Instances per private network
- check
Managed DHCP
Ips are automatically assigned to resources
- check
QinQ
Carry your own VLANs over your private networks
- check
Routing
vRouter for routes management between PN
Popular use cases
Distribute your resources in different AZs within the same region and let them communicate securely along the same private network.
Isolate your resources from the internet, creating a solid separation between your front-end and back-end, to ensure better security and resilience.
Use Elastic Metal with Database on the same private Network located in 2 different AZs.
Take control of your network
Get started with tutorials
Create and manage VPCsLearn more
Activate DHCP on a legacy Private NetworkLearn more
Create a Private NetworkLearn more
Frequently asked questions
What is a VPC?
VPC is a product allowing you to build your own Virtual Private Cloud on top of Scaleway’s shared public cloud. This keeps your Scaleway resources secure and isolated, away from the public Internet.
One default VPC for every available region is automatically created in each Scaleway Project.
What is Private Networks?
Private Networks is a managed cloud service allowing you to create layer 2 ethernet-switched domains. These domains can also be called a virtual LAN (VLAN). They are virtual, but completely private, local networks that securely connect your Instances together without necessarily exposing them publicly.
What is the difference between VPC and a Private Network?
One default VPC (Virtual Private Cloud) for every available region is automatically created in each Scaleway Project. A VPC offers layer 3 network isolation.
Within each VPC, you can create multiple Private Networks and attach Scaleway resources to them, as long as the resources are in an AZ within the network’s region. Attached resources can then communicate between themselves in an isolated and secure layer 2 network, away from the public Internet.
With which other Scaleway products is Private Networks compatible?
Private Networks is currently compatible with all our Instances, our Elastic Metal offer, Managed Database, Kubernetes Kapsule, Public Gateway and Load Balancer.
Can I plug multiple Private Networks on the same Instances?
Yes, you can configure multiple Private Networks on the same Instance. A virtual network interface is created for each private network to which the Instance is attached. You can bring up each of them as indicated in our product documentation.
You can configure:
- Up to 8 Private Networks per Instance
- Up to 215 Private Networks per Organization
- Up to 512 Instances per Private Network
Do I have to restart Instances after adding Private Networks?
No, instances are hot plugged to Private Networks. This means private network interfaces will appear on your Instances without needing to reboot.
Does Private Networks support IPv6?
Yes, you can configure IPv6 within Private Networks. To use it, the netmask should always be /64 and we recommend using a fc00::/7 unique local address (ULA) range. ULA IPv6 address generators are widely available for generating a personalized range.
Do Instances in a Private Network require a public IPv4 address?
No, they do not require a public IPv4 address.
Do non-IP protocols work over Private Networks?
Technically, any Ethernet payload should work over Private Networks. However, only IPv4 and IPv6 are officially supported. If you have real use cases for other protocols, let us know.
Can two different Private Networks communicate with each other?
VPC routing allows you to automize the routing of traffic between resources in different Private Networks within the same VPC. This feature is available to existing and new VPCs, other features such as personalised itineraries will follow in the future. See our dedicated documentation.