Linode private IPs

Can someone confirm for me how Linode private IPs work?

My understanding is that they are basically a shared LAN within a single data center.

  • not accessible from the internet

  • not accessible from other Linode datacenters

  • are accessible from any customer Linode in the same datacenter (assuming they know or can discover the private IP address)

So if I'm specifying firewall rules (eg for a standalone database server bound to my private IP), it's not sufficiently secure to limit inbound connections to the private IP range (eg 192.168.128.0/17) in my firewall rules - I actually need to be specific in only allowing inbound connections from my own individual servers (ie one rule for each private IP I want to allow) - is that correct?

I guess the real question is - is there an easy way of saying "allow inbound connections from any of my own private IP addresses - but only mine" … or do I basically just have to list each of my private IP addresses in the firewall rules - for example:

ufw default deny incoming

ufw allow from 192.168.aaa.bbb to any port mysql

ufw allow from 192.168.ccc.ddd to any port mysql

… etc

1 Reply

Hello Hampel,

Your understanding of the private IP is correct, same with the latter firewall rules you mentioned. You need list each specific IP address you're allowing connections from on the private network, so:

ufw default deny incoming

ufw allow from 192.168.aaa.bbb to any port mysql

ufw allow from 192.168.ccc.ddd to any port mysql

… etc

Just make sure you have static IP configuration set up and you should be good to go!

Regards,

Soh

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Community Code of Conduct