Virtual Private Cloud

Secure your cloud resources with ease on a resilient regional network

Secure your application resources

Benefit from a reliable and secure layer-2 network to isolate your resources from the Internet. Avoid unnecessary exposition

Maximize infrastructure reliability without compromising security.

Each VPC is regional and ensures high availability for your architecture, providing redundancy and resilience to keep your applications running smoothly.

Seamlessly and easily deploy complex architectures.

Integrate easily your existing resources: Instances, managed Databases, Elastic Metal, Kubernetes Kaspule, Load Balancer, Public Gateway … Thanks to VPC build multi-layer infrastructure without time-consuming configuration.

Available zones:
Paris:PAR 1PAR 2PAR 3
Amsterdam:AMS 1AMS 2
Warsaw:WAW 1WAW 2

Technical specs

  • Private by designAll regions have a VPC created by design on every account

  • ResilienceSpread your resources on the same network on different AZs

  • Private LANLayer 2 Ethernet network

  • High bandwidthUp to 4 Gbp/s between Instances

  • Multi-Private NetworksUp to 8 Private Networks per Instance

  • Scalability512 Instances per private network

  • Managed DHCPIps are automatically assigned to resources

  • QinQCarry your own VLANs over your private networks

Popular use cases

Distribute your resources in different AZs within the same region and let them communicate securely along the same private network.

Isolate your resources from the internet, creating a solid separation between your front-end and back-end, to ensure better security and resilience.

Use Elastic Metal with Database on the same private Network located in 2 different AZs.

Take control of your network

Start using now

Get started with tutorials

  • Create and manage VPCs
  • Activate DHCP on a legacy Private Network
  • Create a Private NetworkLearn more
  • How to use Private Networks with your InstancesLearn more
Tutorials

Frequently asked questions

VPC is a product allowing you to build your own Virtual Private Cloud on top of Scaleway’s shared public cloud. This keeps your Scaleway resources secure and isolated, away from the public Internet.

One default VPC for every available region is automatically created in each Scaleway Project.

Private Networks is a managed cloud service allowing you to create layer 2 ethernet-switched domains. These domains can also be called a virtual LAN (VLAN). They are virtual, but completely private, local networks that securely connect your Instances together without necessarily exposing them publicly.

One default VPC (Virtual Private Cloud) for every available region is automatically created in each Scaleway Project. A VPC offers layer 3 network isolation.

Within each VPC, you can create multiple Private Networks and attach Scaleway resources to them, as long as the resources are in an AZ within the network’s region. Attached resources can then communicate between themselves in an isolated and secure layer 2 network, away from the public Internet.

Private Networks is currently compatible with all our Instances, our Elastic Metal offer, Managed Database, Kubernetes Kapsule, Public Gateway and Load Balancer.

Yes, you can configure multiple Private Networks on the same Instance. A virtual network interface is created for each private network to which the Instance is attached. You can bring up each of them as indicated in our product documentation.

You can configure:

  • Up to 8 Private Networks per Instance
  • Up to 215 Private Networks per Organization
  • Up to 512 Instances per Private Network

No, instances are hot plugged to Private Networks. This means private network interfaces will appear on your Instances without needing to reboot.

Yes, you can configure IPv6 within Private Networks. To use it, the netmask should always be /64 and we recommend using a fc00::/7 unique local address (ULA) range. ULA IPv6 address generators are widely available for generating a personalized range.

No, they do not require a public IPv4 address.

Technically, any Ethernet payload should work over Private Networks. However, only IPv4 and IPv6 are officially supported. If you have real use cases for other protocols, let us know.