Creating a static route
Note
VMs with public IP addresses use the default static route (0.0.0.0/0
). If you need to create a NAT instance, create it in a separate subnet.
To create a route table and add static routes to it:
-
In the management console
, go to the folder where you need to create a static route. -
In the list of services, select Virtual Private Cloud.
-
In the left-hand panel, select
Routing tables. -
Click Create.
-
Enter a name for the route table. The naming requirements are as follows:
- It must be 2 to 63 characters long.
- It may contain lowercase Latin letters, numbers, and hyphens.
- It must start with a letter and cannot end with a hyphen.
-
(Optional) Add a description of a route table.
-
Select the network to create the route table in.
-
Click Add.
-
In the window that opens, enter the destination subnet prefix in CIDR notation.
-
Specify the Next hop, which is an IP address from the allowed ranges.
-
Click Add.
-
Click Create routing table.
To use static routes, associate the route table with a subnet:
- In the left-hand panel, select
Subnets. - In the row of the subnet you need, click
. - In the menu that opens, select Link routing table.
- In the window that opens, select the created table from the list.
- Click Link.
To create a route table and add static routes to it:
-
View the description of the CLI command for creating route tables:
yc vpc route-table create --help
-
Get the IDs of cloud networks in your cloud:
yc vpc network list
Result:
+----------------------+-----------------+ | ID | NAME | +----------------------+-----------------+ | enp34hbpj8dq******** | yc-auto-subnet | | enp846vf5fus******** | routes-test | +----------------------+-----------------+
-
Create a route table in one of the networks:
yc vpc route-table create \ --name=<table_name> \ --network-id=<network_ID> \ --route destination=<destination_prefix>,next-hop=<internal_IP_address>
Where:
-
--name
: Name of the route table. -
--network-id
: ID of the network where the table will be created. -
--route
: Route settings, which include these two parameters:destination
: Destination subnet prefix in CIDR notation, e.g.,0.0.0.0/0
.next-hop
: Internal IP address of the VM from the allowed ranges the traffic will be sent through, e.g.,192.168.1.5
.
Result:
...done id: enpsi6b08q2v******** folder_id: b1gqs1teo2q2******** created_at: "2019-06-24T09:57:54Z" name: test-route-table network_id: enp846vf5fus******** static_routes: - destination_prefix: 0.0.0.0/0 next_hop_address: 192.168.1.5
-
To use static routes, associate the route table with a subnet:
-
Get a list of subnets in your cloud:
yc vpc subnet list
Result:
+----------------------+------------------+----------------------+----------------+---------------+------------------+ | ID | NAME | NETWORK ID | ROUTE TABLE ID | ZONE | RANGE | +----------------------+------------------+----------------------+----------------+---------------+------------------+ | b0cf2b0u7nhl******** | subnet-1 | enp846vf5fus******** | | ru-central1-a | [192.168.0.0/24] | +----------------------+------------------+----------------------+----------------+---------------+------------------+
-
Associate the route table with one of the subnets:
yc vpc subnet update <subnet_ID> \ --route-table-id <route_table_ID>
Result:
..done id: b0cf2b0u7nhl******** folder_id: b1gqs1teo2q2******** created_at: "2019-03-12T13:27:22Z" name: subnet-1 network_id: enp846vf5fus******** zone_id: ru-central1-a v4_cidr_blocks: - 192.168.0.0/24 route_table_id: enp1sdveovdp********
With Terraform
Terraform is distributed under the Business Source License
For more information about the provider resources, see the documentation on the Terraform
If you don't have Terraform, install it and configure the Yandex Cloud provider.
To create a route table and add static routes to it:
-
In the configuration file, define the parameters of the resources you want to create:
-
name
: Name of the route table. The name format is as follows:- It must be 2 to 63 characters long.
- It may contain lowercase Latin letters, numbers, and hyphens.
- It must start with a letter and cannot end with a hyphen.
-
network_id
: ID of the network where the table will be created. -
static_route
: Static route description:destination_prefix
: Destination subnet prefix in CIDR notation.next_hop_address
: Internal IP address of the VM from the allowed ranges the traffic will be routed through.
Here is an example of the configuration file structure:
resource "yandex_vpc_route_table" "test-route-table" { name = "<route_table_name>" network_id = "<network_ID>" static_route { destination_prefix = "<destination_prefix>" next_hop_address = "<internal_IP_address>" } }
To add, update, or delete a route table, use the
yandex_vpc_route_table
resource indicating the network in thenetwork_id
field, e.g.,network_id = yandex_vpc_network.test_route_table.id
.For more information about the
yandex_vpc_route_table
resource parameters in Terraform, see the relevant provider documentation . -
-
Make sure the configuration files are correct.
-
In the command line, go to the directory where you created the configuration file.
-
Run a check using this command:
terraform plan
If the configuration description is correct, the terminal will display a list of the resources being created and their parameters. If the configuration contains any errors, Terraform will point them out.
-
-
Deploy the cloud resources.
-
If the configuration does not contain any errors, run this command:
terraform apply
-
Confirm creating the resources: type
yes
in the terminal and press Enter.This will create all the resources you need in the specified folder. You can check the new resources and their settings using the management console
or this CLI command:yc vpc route-table list
Result:
+----------------------+-----------------------+-------------+----------------------+ | ID | NAME | DESCRIPTION | NETWORK-ID | +----------------------+-----------------------+-------------+----------------------+ | enpahlhr1vnl******** | terraform-route-table | | enp0asmd9pr9******** | +----------------------+-----------------------+-------------+----------------------+
-
To create a route table and add static routes to it, use the create REST API method for the RouteTable resource or the RouteTableService/Create gRPC API call, and provide the following in the request:
-
ID of the folder the route table will reside in, in the
folderId
parameter. -
Route table name in the
name
parameter. The name format is as follows:- It must be 2 to 63 characters long.
- It may contain lowercase Latin letters, numbers, and hyphens.
- It must start with a letter and cannot end with a hyphen.
-
ID of the network the route table will reside in, in the
networkId
parameter. -
Destination subnet prefix in CIDR notation in the
staticRoutes[].destinationPrefix
parameter. -
Internal IP address of the VM the traffic will be routed through in the
staticRoutes[].nextHopAddress
parameter. The IP address must be within the allowed range.
To use static routes, associate the route table with a subnet. Use the update REST API method for the Subnet resource or the SubnetService/Update gRPC API call and provide the following in the request:
-
Subnet ID in the
subnetId
parameter.To get the subnet ID, use the list REST API method for the Subnet resource or the SubnetService/List gRPC API call and provide the folder ID in the
folderId
request parameter.To learn how to find out the folder ID, see Getting the folder ID.
-
Route table ID in the
routeTableId
parameter. -
Name of the
routeTableId
parameter in theupdateMask
parameter.
Warning
The API method will assign default values to all the parameters of the object you are modifying unless you explicitly provide them in your request. To avoid this, list the settings you want to change in the updateMask
parameter as a single comma-separated string.
Example
Create a route table and associate it with your subnet. The example uses the following properties:
- Folder ID:
b1g681qpemb4********
- Network ID:
enp846vf5fus********
- Subnet ID:
b0cf2b0u7nhl********
- Route table name:
test-route-table
- Destination subnet prefix:
0.0.0.0/0
- Internal IP address:
192.168.1.5
-
Create a route table:
yc vpc route-table create \ --name=test-route-table \ --network-id=enp846vf5fus******** \ --route destination=0.0.0.0/0,next-hop=192.168.1.5
-
Associate the route table with your subnet:
yc vpc subnet update b0cf2b0u7nhl******** \ --route-table-id enp1sdveovdp********
-
In the configuration file, list the route table properties and specify
route_table_id
for your subnet:resource "yandex_vpc_route_table" "test_route_table" { name = "test-route-table" network_id = "enp846vf5fus********" static_route { destination_prefix = "0.0.0.0/0" next_hop_address = "192.168.1.5" } } resource "yandex_vpc_subnet" "example_subnet" { name = "example-subnet" network_id = "enp846vf5fus********" zone = ru-central1-a v4_cidr_blocks = ["10.2.0.0/16"] # Associating the route table with the subnet route_table_id = yandex_vpc_route_table.test_route_table.id }
For more information about the resources you can create with Terraform, see the provider documentation
. -
Make sure the settings are correct.
-
Using the command line, navigate to the folder that contains the up-to-date Terraform configuration files with an infrastructure plan.
-
Run the command:
terraform validate
If there are errors in the configuration files, Terraform will point to them.
-
-
Apply the changes.
-
Run the command to view planned changes:
terraform plan
If the resource configuration descriptions are correct, the terminal will display a list of the resources to modify and their parameters. This is a test step. No resources are updated.
-
If you are happy with the planned changes, apply them:
-
Run the command:
terraform apply
-
Confirm the update of resources.
-
Wait for the operation to complete.
-
-
-
To create a route table, use the create REST API method for the RouteTable resource or the RouteTableService/Create gRPC API call, and provide the following in the request body:
{ "folderId": "b1g681qpemb4********", "name": "test-route-table", "networkId": "enp846vf5fus********", "staticRoutes": [ { "destinationPrefix": "0.0.0.0/0", "nextHopAddress": "192.168.1.5" } ] }
-
To associate a route table with a subnet, use the update REST API method for the Subnet resource or the SubnetService/Update gRPC API call, and provide the following in the request body:
{ "updateMask": "routeTableId", "subnet": { "routeTableId": "enpfs106jh40********" } }