We’ve created a private Local Area Network (LAN), in each datacenter, upon which Linodes can join, without having to worry about the transfer counting against their monthly network quota. This feature allows for some interesting possibilities. For instance, creating sets of front-end webserver Linodes and back-end database server Linodes which communicate over this private network. Database replication, backups and rsync also come to mind. Oh, and IP Failover works for both public and private IPs.
To get in on the fun, log-in to the members’ site and head to this page. Click the button to have a private IP address assigned to your Linode. Reboot your Linode and bring up the new IP on eth1 — an example command for doing this is provided on the page. You will need to complete these steps for each Linode you want to be able to communicate over the back-end network.
This only works for Linodes within the same datacenter. The Linodes do not have to be under one account/linked.
So, how much is this feature? You guessed it: FREE!
Sweet. Wondered when this would come about, remember a mention about it a long time ago
This is really great; I was recently thinking that something like this would be a great feature to add 🙂
I couldn’t find a link to this within the Linode manager. Am I looking in the wrong place (e.g. Utilities) or is there a reason this wasn’t added to the manager yet?
@marvinp the link is…linked in the article text. You’ll know when you get there. It’s the page titled “Lassie” lol.
Heh, thanks for the heads up jharrison, I’ve corrected that. The Private IP page is now linked from the Utilities page as well.
interesting feature 🙂 just wondering though whats the story with security? is this safe enough to treat like your average “internal LAN”? or should it be firewalled as well? you say they dont have to be apart of the same account, im guessing its one big subnet for everyone? just wondering if i should consider firewalling it or not 🙂
We filter traffic based on MAC and IP addresses. You can’t sniff traffic on the back-end LAN. You won’t see other people’s traffic. The only packets you’ll receive are those that are destined for your Linode. It works no differently from our public-networking filtering.
A follow up to the last security question:
‘The only packets you’ll receive are those destined for your Linode’.
This would include port scanning packets and connections from other Linode customers in the same data center correct?
Is there a way to form a vpn using the private IPs of just the nodes within your Linode account – to get LAN speed, no bandwidth charges for local traffic AND security?
It’s an open local network, so others in your facility can connect to services running on your local IP. You’ll want to firewall or ACL appropriately.
You can form VPNs as you typically would — openvpn for example.
I know this is a very old post but Is there any possibility of having my two linodes connected if they are on a different DC now? I would really love to have that since if a DC has a problem the other DC would still be working.
I’d like to see this feature improved to be available only between your own hosts and between DCs.
I am trying to use this feature.
I use two vm in the same DC, one is for web app and other for MariaDB.
I bind the maria db server do private ip. When I try to connect to my db server from myweb I can’t connect.
I try a talnet command and the result is: No route to host
I do a nmap and only port 22 is open. I Don’t use any fw rules.
Hey Paulo. You’ll want to make sure that both Linodes have private IPs assigned to them; this is how they can both send and receive information over the private network.
This Community post does a nice job explaining how Linodes communicate with private IPs:
Otherwise, if you suspect there is an issue, I would recommend opening a ticket with our Support team so they can take a look.