Secure your application resources
Benefit from a reliable and secure regional layer-2 network to isolate your resources from the Internet. Use Network ACLs rules to filter you private traffic for tailored business needs.
Virtual Private Cloud
Create a secure, isolated cloud environments with a Virtual Private Cloud (VPC) and regional Private Networks to control traffic, resources, and access for your applications and data
Maximize infrastructure reliability without compromising security
Each VPC is regional and ensures high availability for your architecture, providing redundancy and resilience to keep your applications running smoothly.
Seamlessly and easily deploy complex architectures
Build multi-layer infrastructure and integrate easily your existing cloud resources thanks to built-in routing, DHCP and private DNS services.
Technical specs
- check
Private LAN
Regional Layer 2 Ethernet network
- check
Resilience
Spread your resources on the same network on different AZs within a region
- check
Multi-Private Networks
Up to 8 Private Networks per Instance
- check
Unlimited traffic
Your resources can communicate within your VPC at no extra cost
- check
Managed DHCP
Private IP addresses are automatically assigned to resources
- check
Scalability
Up to 4096 resources per Private Network
- check
Routing
vRouter for route management between Private Networks
- check
QinQ
Available with Instances (not with Elastic Metal)
- check
Network ACL
Define fine-tuned rules to filter the traffic between subnets
Popular use cases
Distribute your resources in different AZs within the same region and let them communicate securely along the same private network.
Use private networks, routing, and network ACLs to isolate your resources from the internet and establish a clear separation between your front-end and back-end, ensuring enhanced security and resilience.
Use Elastic Metal with Database on the same private Network located in 2 different AZs.
Get started with tutorials
Create and manage VPCsLearn more
Activate DHCP on a legacy Private NetworkLearn more
Create a Private NetworkLearn more
Frequently asked questions
What is a VPC?
VPC is a product allowing you to build your own Virtual Private Cloud on top of Scaleway’s shared public cloud. This keeps your Scaleway resources secure and isolated, away from the public Internet.
What are Private Networks?
A Private Network is a managed cloud service allowing you to create regional layer 2 ethernet-switched domains. These domains can also be called a virtual LAN (VLAN). They are virtual, but completely private, local networks that securely connect your Instances (or other resources) together without necessarily exposing them publicly.
What is the difference between VPC and a Private Network?
A VPC offers layer 3 network isolation.
Within each VPC, you can create multiple Private Networks and attach Scaleway resources to them, as long as the resources are in an AZ within the network’s region. Attached resources can then communicate between themselves in an isolated and secure layer 2 network, away from the public Internet.
Can two different Private Networks communicate with each other?
VPC routing allows you to automize the routing of traffic between resources in different Private Networks within the same VPC. You may also define your own custom routes. See our dedicated documentation.
With which other Scaleway products is Private Networks compatible?
Private Networks is currently compatible with all our Instances, our Elastic Metal offer, Apple silicon, Managed Database, Kubernetes Kapsule, Public Gateway, Load Balancer, Serverless Functions and Serverless Containers.
Can I plug multiple Private Networks on the same Instances?
Yes, you can configure multiple Private Networks on the same Instance. A virtual network interface is created for each private network to which the Instance is attached. You can bring up each of them as indicated in our product documentation.
You can configure:
- Up to 8 Private Networks per Instance
- Up to 215 Private Networks per Organization
- Up to 4096 resources per Private Network
Do I have to restart Instances after adding Private Networks?
No, instances are hot plugged to Private Networks. This means private network interfaces will appear on your Instances without needing to reboot.
Does Private Networks support IPv6?
Yes, you can configure IPv6 within Private Networks. To use it, the netmask should always be /64 and we recommend using a fc00::/7 unique local address (ULA) range. ULA IPv6 address generators are widely available for generating a personalized range.
Do Instances in a Private Network require a public IPv4 address?
No, they do not require a public IPv4 address.
Do non-IP protocols work over Private Networks?
Technically, any Ethernet payload should work over Private Networks. However, only IPv4 and IPv6 are officially supported. If you have real use cases for other protocols, let us know.
Where can I find the SLA (Service Level Agreement) for this product?
You can find the SLA for this product here.