VLANs and Firewalls

Introduction

At AppNexus every customer has a private VLAN, or Virtual Local Area Network, in each datacenter where they reserve servers.  Your VLAN is a list of sequential IP addresses to be assigned to the instances you launch in the AppNexus environment.  Your VLAN can consist of 8, 24, 56, ..., (2^N-8) IP addresses; eight addresses in each range are reserved for networking equipment so it can behave as though it was part of your individual VLAN.

IP Addresses

ACLs/Firewall

VLANs provide security by segregating each customer's traffic from AppNexus and other customers' traffic and also by regulating traffic from the Internet according to a customer-controlled Access Control List (ACL).  You can view your current ACLs in the customer portal at https://portal.appnexus.com/networking.php?index=acl.

If you run out of IP addresses in your VLAN

If you outgrow a VLAN, AppNexus will assign you a larger one.  This can take up to one workday as support staff configures the ACL for the new VLAN.  You will then need to migrate instances from the old VLAN to the new one.  This can be done without downtime; you will assign each item in your VLAN a second IP address for the duration of the migration.  Detailed instructions on VLAN migration will be provided when you make your request to Support.

Note: We assume that customer IP requests are for usable IP addresses; the eight addresses used for network gear have already been accounted for when an IP range is allocated.

Further Information

Network Architecture
How to Set Firewall Rules
Enabled Port Ranges
Direct Connection to 3rd Party Datacenters
Software VPN
VLAN Tagging and Instance Security
manage-vlan CLI tool

Troubleshooting

Connectivity Issues

As always, please create a ticket at https://portal.appnexus.com/ or contact us at support@appnexus.com if you have any questions or concerns.