Creating a private connection
Note
You need the cic.editor role to run this operation.
-
In the management console
, click or in the top panel and select the folder. -
Navigate to Cloud Interconnect.
-
In the left-hand panel, select
Private connections and click Create private connection. In the window that opens:-
Place your cursor in the Trunk connection ID field and select the trunk where you want to create a private connection.
Optionally, click Create to create a new trunk.
-
In the VLAN ID field, specify a
VLAN IDof your choice for the private connection in the 802.1Q trunk, e.g.,123.This value must be different from the
VLAN-IDvalues of other private connections in this trunk. -
In the Peering subnet field, specify the CIDR
of the point-to-point subnet for BGP peering, e.g.,192.168.1.0/31. For more information, see Point-to-point subnet. -
In the Peer IP field, specify the customer endpoint IP address on the point-to-point peering subnet, e.g.,
192.168.1.0. -
In the Cloud IP field, specify the Yandex Cloud endpoint IP address on the point-to-point peering subnet, e.g.,
192.168.1.1. -
In the BGP ASN, specify the customer endpoint BGP ASN in ASPlain format, e.g.,
64513. For more information, see BGP ASN. -
Optionally, in the BGP Key field, specify the encrypted BGP session key value.
-
In the IPv4 StaticRoute prefix, click Add prefix for your private connection to include the destination CIDR prefix of the static route that will be announced in the network on the side of the customer's infrastructure.
You can announce multiple static routes in a single private connection. To do this, click Add prefix again, as many times as you need.
-
Optionally, under General information, specify the following for the new connection:
-
Name. The naming requirements are as follows:
- Length: between 3 and 63 characters.
- It can only contain lowercase Latin letters, numbers, and hyphens.
- It must start with a letter and cannot end with a hyphen.
If you do not specify a name, the private connection name will be identical to its ID.
-
Any Description for the connection
-
Labels to assign to the connection
-
-
Click Create.
-
-
View the description of the CLI command to create a private connection:
yc cic private-connection create --help -
Create a private connection:
yc cic private-connection create \ --name prc-pop1 \ --description "Private connection #1 via POP-1" \ --trunk-id cf3dcodot14p******** \ --vlan-id 125 \ --ipv4-peering peering-subnet=192.168.10.0/30,peer-ip=192.168.10.1,cloud-ip=192.168.10.2,peer-bgp-asn=65202 \ --asyncNote
By default, the private connection will be created in the same folder as the trunk. To simplify maintenance, it is best not create trunks and private connections in different folders.
Expected result:
id: bd6g2l17c8sv******** name: prc-pop1 folder_id: b1gt6g8ht345******** region_id: ru-central1 trunk_connection_id: cf3dcodot14p******** vlan_id: "125" ipv4_peering: peering_subnet: 192.168.10.0/30 peer_ip: 192.168.10.1 cloud_ip: 192.168.10.2 peer_bgp_asn: "20001" peer_bgp_md5_key: '*** hidden ***' status: ACTIVE created_at: "2025-03-20T08:25:33Z"Where:
id: Private connection ID.name: Private connection name.description: Private connection description.folder_id: ID of the cloud folder the private connection was created in.region_id: Cloud region the private connection was created in.trunk_connection_id: ID of the trunk the private connection was created in.vlan_id: VLAN ID for this private connection in the 802.1Q trunk. This value is selected by the customer. It must be different from the VLAN IDs of the previously set up private connections in this trunk.ipv4_peering: Group of IP/BGP connectivity parameters for the private connection:peering_subnet: Point-to-point subnet for BGP peering. This value is selected by the customer.peer_ip: Customer endpoint IP address on the point-to-point peering subnet. This value is selected by the customer.cloud_ip: Yandex Cloud endpoint IP address on the point-to-point peering subnet. This value is selected by the customer.peer_bgp_asn: Customer endpoint BGP ASN in ASPlain format. This value is selected by the customer.peer_bgp_md5_key: Optional parameter. Encrypted BGP session key value.
status: Resource state. Target state:ACTIVE.created_at: Date and time of resource creation.async: Running the operation in asynchronous mode. This is the recommended mode for all operations that involve changes to resources.