Additional IP addresses? Internal network IP addresses?

Hello, all

Another thing to mention is the usage of a Floating IPs.

A Floating IP is an IP address that can be instantly moved from one Droplet to another Droplet in the same datacenter.

Part of a highly available infrastructure is being able to immediately point an IP address to a redundant server. This is now possible with the addition of Floating IPs.

Floating IPs are free to use. However, due to the shortage of IPv4 addresses available, if you reserve an address but don’t assign it to a Droplet, we charge $0.006 per hour for each unassigned, reserved IP. (You can relinquish unused IPs from the control panel.) To keep billing simple, you will not be charged unless you accrue $1 or more.

Hope that this helps! Regards, Alex

The day DigitalOcean offers additional IPs it will be nail in the coffin for companies like Linode! We manage over 30 servers that we would migrate here because it would cut costs in 1/2!! But IP = no go. <br> <br>Of course if Linode adds SSD options without increasing current pricing then since they already have much more to offer just from the GUI control panel alone and no IP limitations, Linode would be killer!

Is there any indication when you might offer the possibility of additional public IP addresses on a droplet? <br> <br>These are absolutely required to run mutiple SSL sites on an instance with a single SSL certificate, and to setup a website requiring mutile IP addresses to use multiple webserver programs — nginx for front page, images and static HTML, Apache for SSL private site and scripted content…

Hi, <br> <br>any update? <br> <br>Regards <br>Milosz

@ericrobertscott you can follow the progress on private networking here: http://digitalocean.uservoice.com/forums/136585-digital-ocean/suggestions/3020028-private-back-end-network-support

any update to private IP?

Note that the mentioned article on using multiple certs on a single IP is now here: https://www.digitalocean.com/community/articles/how-to-set-up-multiple-ssl-certificates-on-one-ip-with-apache-on-ubuntu-12-04

You would restrict it based on the IPs of the other servers that you want to communicate with the DB servers and only allow explicit access to the ports on which those services run on. <br> <br>Then you may want to have a bastion host that you use to login to those servers to administer them.

Thanks. What I want to accomplish is safe communication between droplets. For example one of them would be data machine (elasticsearch and/or mongo) while the other would serve http requests. I was thinking how to configure firewall so the machines will be able to communicate. Should I allow traffic from explicit ip numbers of my droplets? Normally if they were in a private network I would allow some traffic from LAN.

We are hopeful that we will have it deployed in the next couple of months. <br> <br>In regards to your specific question it depends on what you are looking to accomplish. If you want to secure your virtual servers the best route is to employ firewall rules. If you have a completely segregated private network it reduces the need for this, however you still want to employ firewall rules because that completely limits exactly which hosts can connect where and on what ports. <br> <br>With a private network you will still have public servers, if one of those is compromised that user can then attempt to login to backend servers. If however you have firewall rules that restrict access even on top of the internal network you can limit the type of communication the servers have. <br> <br>Essentially it’s more work but it is more secure because instead of assuming that all private network communications are secure, you are instead assuming all communications are by default not secure and then opening up communication ports accordingly.