Outnet

Outnet is an optional dedicated cloud-level network, that enables outbound connectivity to external networks. Outnet allows storage resources to interact with remote services, such as cloud storage, without requiring direct exposure to the public internet.

Unlike public networking setups that support both inbound and outbound traffic, Outnet is designed for outbound communication only. External sources can’t use a VPSA or Object Storage’s Outnet address to access them directly.

Outnet’s underpinning principles and benefits:

  • Network Address Translation (NAT)

    VPSA resources use a private internal IP range. When connecting to external endpoints, Outnet performs Network Address Translation (NAT), translating internal VPSA IPs to a routable external address.

  • Routing and firewall rules

    Outnet ensures that only approved outbound connections are allowed.

  • Security and access control

    Outnet restricts traffic to prevent unauthorized access.

Data flow through Outnet

The most common use case for Outnet is to enable the B2OS VPSA service to back up to Object Storage in a different location, whether public or private.

The diagram below shows the data flow in an example configuration, where the VPSA is located at a local site and the Object Storage is located at a public site.

outnet

  1. A VPSA service initiates an outbound request to an external IP, for example, Backup to Object Storage (B2OS).

  2. The request is routed through the Outnet gateway, where NAT translates the private IP to an external one.

  3. The request reaches the external service.

  4. The external service sends a response back, which is allowed only if it is part of an active session initiated by the VPSA.

  5. The response is NAT-translated back to the VPSA’s private IP, ensuring data returns to the correct source.

Outnet Implementation

Outnet is a cloud-level network, and its implementation requires the involvement of Zadara Support.

After Outnet is configured for a cloud, all VPSAs and Object Storages hosted in the cloud will be allocated an Outnet network IP. Outnet doesn’t affect the normal operation of the VPSA or Object Storage.

Prerequisites

To enable an Outnet configuration, customers must provide the following details:

  • RFC1918 Network Subnet

    It is possible to allocate a subset of IPs from a given subnet.

    Each VC will be allocated an IP from this pool.

    We recommend aligning to the FE/BE network subnet size (default /22).

    • A unique VLAN, that will be defined on Zadara’s data switches

    • A gateway IP in the same network subnet range provided above

Although Outnet is designed as an internet-facing network, you can also use it to create a backup network between sites that don’t have internet connectivity.

Viewing the Outnet configuration

To view the Outnet IP allocated for a VPSA or Object Storage:

  1. In the navigation tree, select VPSAs or Object Storage, according to the storage type of the service whose Outnet parameters you want to view.

  2. In the VPSAs page, or Object Storage page’s Instances tab, select the VPSA or Object Storage to view.

  3. In the Dashboard tab, scroll down to the Networking Configuration tile.

    If Outnet is configured, each Virtual Controller has an Outnet entry displaying its IP and VLAN ID.

Note

If Outnet is configured after VPSAs or Object Storage instances are created:

  • The Pending Configuration badge appears on the Outnet entry of each VC, in the Networking Configuration tile of the affected VPSAs and Object Storages.

  • The next time the VPSA or Object Storage is upgraded, the individual VCs will acquire their Outnet address.

outnet-pending-configuration