How secure is private networking?

October 1, 2017 2.6k views
Networking Security CoreOS

If I have a docker swarm cluster communicating over the private networking feature of Digital Ocean, is that traffic able to be seen by all of the droplets in the region? For example, can a droplet owned by another digital ocean user attempt to join my swarm cluster? In general, how "private" is the private traffic.

Also, can a droplet from one region talk to a droplet in another region if both droplets are owned by the same account?

2 Answers
sdayman October 1, 2017
Accepted Answer

"Private" really just means internal to that datacenter. So it's not all that private.

And no, it's only that datacenter. Private Networks don't extend across datacenters.

Read the tutorial below and skim the comments. There's a lot of discussion there.

  • Wow! So you're telling me that the free WiFi at Starbucks has better security than DigitalOcean private networking. Each account should at least be on its own private subnet.

    I hope everyone is encrypting the database connections for their web apps. :)

by Rafael Rosa
Beginning in June of 2018, communication over DigitalOcean Private Network IPs will be isolated within the account or team where they were created. For most users, this security enhancement requires no action. All Droplets that were provisioned with Private Networking will continue to be able...
Have another answer? Share your knowledge.