Private Networking Quickstart

To follow along, you will need a DigitalOcean account. If you don’t already have one, you can register on the sign up page.

Enable Private Networking during Droplet Creation

The easiest way to enable private networking on a Droplet is during creation.

To enable private networking when you create a Droplet:

  1. From the Droplet create page, in the Additional Options section, check Private Networking.
  2. When you’ve selected all of your options, click the Create button at the bottom of the page.

Once the Droplet is created, its private IP address is displayed in the header. You can also click the Droplet’s name, then visit its Networking link to view more private network information.

Enable Private Networking on Existing Droplets

To enable private networking on an existing Droplet:

  1. Shut down the Droplet with sudo shutdown -h now.

  2. On the Droplets page, click the name of the Droplet, then select Networking from the side navigation.

  3. In the Private network section, click the Enable button.

  4. Turn the Droplet back on by clicking the On/Off switch in the control panel.

  5. Manually configure the private network on the Droplet itself.

    • On Ubuntu 18.04, first find the MAC address for the private network Ethernet interface with lshw -class network. Under the line that says virtio1, copy the serial value. Next, edit /etc/netplan/50-cloud-init.yaml with sudo or as the root user. Add a block for your Droplet’s private network as shown below. Substitute the private IP address of your Droplet, followed by the netmask value /16. Replace the macaddress value with the serial value. Be certain that the indentation of these new configuration options lines up with those of the existing eth0 interface. In this case the eth1 line should be indented by eight spaces.

        
          
              eth1:
                  addresses:
                  - 198.51.100.0/16
                  match:
                      macaddress: ex:am:pl:e3:65:13
                  set-name: eth1
              
        
      
    • On Ubuntu 16.04, ensure you’ve disabled consistent device naming, then edit the /etc/network/interfaces.d/50-cloud-init.cfg file with sudo or as the root user and add the following block to the bottom of the file, subtituting your Droplet’s private network address:

        
          
      auto eth1
      iface eth1 inet static
              address 198.51.100.0/16
              
        
      
    • On Debian or Ubuntu 14.04 or older, edit the /etc/network/interfaces file with sudo or as the root user and add the following block to the bottom of the file, substituting your Droplet’s private network address:

        
          
      auto eth1
      iface eth1 inet static
              address 198.51.100.0/16
              
        
      

Standard support for Ubuntu 14.04 LTS ended in April 2019. Because this distribution has reached end of life, we recommend migrating to a newer release so your Droplets remain supported and secure.

  • On CentOS or Fedora, first find the MAC address for the Ethernet interface with sudo ifconfig -a and copy the ether value (or the HWaddr value on CentOS 6). Then, create a new file at /etc/sysconfig/network-scripts/ifcfg-eth1 with sudo or as the root user and add the following block, substituting your Droplet’s private network address for the IPADDR and the ether value for the HWADDR:

    
    
    
    
    
      
        
    DEVICE="eth1"
    HWADDR=info_from_ifconfig
    IPADDR=198.51.100.0
    BOOTPROTO=none
    ONBOOT="yes"
    NETMASK=255.255.0.0
    NM_CONTROLLED="yes"
    IPV6INIT="no"
    DEFROUTE="no"
            
      
    
  • On FreeBSD, open /etc/rc.conf as the root or sudo user. Directly above the line which reads # DigitalOcean Dynamic Configuration lines and the immediate line below it, are removed each boot, add the following line, substituting your Droplet’s private network address. The file should look like this:

    
    
    
    
    
      
        
    ifconfig_vtnet1="inet 198.51.100.0 netmask 255.255.0.0"
    
    # DigitalOcean Dynamic Configuration lines and the immediate line below it,
    # are removed each boot.
            
      
    
  1. Reboot your Droplet with reboot for the changes to take effect.