Scaleway Public Gateways are building blocks for your infrastructure on Scaleway's public cloud. They sit at the border of Private Networks and provide access to/from other networks or the Internet. As well as this, Public Gateways offer a host of managed features and services to facilitate the management of resources in your Private Network, including DHCP to dynamically assign IP addresses, and NAT to map private IP addresses in the Private Network to the public IP address of the Public Gateway.
Refer to our dedicated concepts page to find definitions of all terminology related to Public Gateways, including DHCP, NAT, SSH bastion and more.
Requirements: To perform the following steps, you must first ensure that:
curl
Configure your environment variables.
Note: This is an optional step that seeks to simplify your usage of the Public Gateways API.
Choose a Public Gateway type: Public Gateways come in different shapes and sizes, with different network capabilities and pricing. When you create your Public Gateway, you need to include the required Public Gateway type in the request. Use the following call to get a list of available Public Gateway offer types and their details:
Create a Public Gateway: run the following command to create a Public Gateway. You can customize the details in the payload (name, description, tags, etc) to your needs: use the information below to adjust the payload as necessary.
Parameter | Description | Valid values |
---|---|---|
type | The type of Public Gateway (commercial offer type) to create. Use the Gateway Types endpoint to get a list of offer types. | Any valid offer type string, e.g. VPC-GW-S |
name | A name of your choice for the Public Gateway | Any string containing only alphanumeric characters and dashes, e.g. my-new-gateway . |
tags | A list of tags to describe your Public Gateway. These can help you manage and filter your gateways. | A list of alphanumeric strings, e.g. ["my-first-tag , my-second-tag |
project_id | The Scaleway Project ID to create the Public Gateway in. | A valid Scaleway Project ID, e.g. f5fe13a0-b9c7-11ed-afa1-0242ac120002 |
Note: Further parameters are available, but for the purposes of this quickstart we have included only the essentials. See the Create a Public Gateway
endpoint documentation below for full details of all possible parameters.
Get a list of your Public Gateways: run the following command to get a list of all your Public Gateways.
Attach a Private Network to a Public Gateway: run the following command to attach a Private Network to your Public Gateway, and make all the Gateway's services such as DHCP and NAT available to the Private Network. You can customize the details in the payload to your needs: use the information below to adjust the payload as necessary.
Tip: If you haven't created a Private Network yet, see the Private Networks documentation to learn how to do so. Ensure you retain the ID of the Private Network.
This configuration will set up the Public Gateway as a NAT gateway, masquerading traffic sent to it to the
outer internet to provide internet access to resources in the Private Network, and serving
IP addresses through DHCP to said instances, in the subnet 192.168.1.0/24
.
Parameter | Description | Valid values |
---|---|---|
gateway_id | The Public Gateway ID of an existing Public Gateway | Any valid Public Gateway ID, e.g. b1b2edda-9364-422d-93f2-ad04e6a054dc |
private_network_id | The Private Network ID of an existing Private Network | Any valid Private Network ID in the same Availability Zone as the Public Gateway, e.g. 548dbcc3-8b78-486f-a79a-c3f5a17642f9 |
enable_masquerade | Defines whether the gateway should masquerade traffic for the attached Private Network (i.e. whether to enable dynamic NAT) | A boolean value, e.g. true |
dhcp | An DHCP object (see object definition in the DHCP endpoint documentation below), which defines DHCP configuration. | An object which includes the Scaleway Project ID of the Public Gateway/Private Network, and the subnet to use for the Private Network e.g. {"project_id": "'$SCW_PROJECT_ID'", "subnet": "192.168.1.0/24"} |
Note: Further parameters are available, but for the purposes of this quickstart we have included only the essentials. See the Attach a gateway to a Private Network
endpoint documentation below for full details of all possible parameters.
Delete a Public Gateway: run the following call to delete your Public Gateway. Ensure that you replace <PUBLIC-GATEWAY-ID>
in the URL with the ID of the Public Gateway you want to delete.
The expected successful response is empty.
A maximum of eight (8) Private Networks can be plugged into a single Public Gateway
Note that the Public Gateway takes some time to start up, and actions on it are
impossible unless it is in the running
state. To check the current state of a Public Gateway, use the Get a Public Gateway endpoint to get information for your gateway: the status
field of the response will tell you if it is running or in another state.
For further information about Public Gateway limitations https://www.scaleway.com/en/docs/network/public-gateways/troubleshooting/gw-limitations/
Public Gateways can be deployed in the following Availability Zones:
Name | API ID |
---|---|
Paris | fr-par-1 fr-par-2 |
Amsterdam | nl-ams-1 nl-ams-2 |
Warsaw | pl-waw-1 pl-waw-2 |
The Scaleway Public Gateways API is a zoned API, meaning that each call must specify in its path parameters the Availability Zone for the resources concerned by the call.
For more help using Scaleway Public Gateways, check out the following resources:
Public Gateways are building blocks for your infrastructure on Scaleway's shared public cloud. They provide a set of managed network services and features for Scaleway's Private Networks such as DHCP, NAT and routing.
List Public Gateways in a given Scaleway Organization or Project. By default, results are displayed in ascending order of creation date.
created_at_asc
, created_at_desc
, name_asc
, name_desc
, type_asc
, type_desc
, status_asc
and status_desc
. The default value is created_at_asc
.unknown
, stopped
, allocating
, configuring
, running
, stopping
, failed
, deleting
, deleted
and locked
. The default value is unknown
.Create a new Public Gateway in the specified Scaleway Project, defining its name, type and other configuration details such as whether to enable SSH bastion.
unknown
, stopped
, allocating
, configuring
, running
, stopping
, failed
, deleting
, deleted
and locked
. The default value is unknown
.Get details of a Public Gateway, specified by its gateway ID. The response object contains full details of the gateway, including its name, type, status and more.
unknown
, stopped
, allocating
, configuring
, running
, stopping
, failed
, deleting
, deleted
and locked
. The default value is unknown
.Update the parameters of an existing Public Gateway, for example, its name, tags, SSH bastion configuration, and DNS servers.
unknown
, stopped
, allocating
, configuring
, running
, stopping
, failed
, deleting
, deleted
and locked
. The default value is unknown
.Delete an existing Public Gateway, specified by its gateway ID. This action is irreversible.
Refresh the SSH keys of a given Public Gateway, specified by its gateway ID. This adds any new SSH keys in the gateway's Scaleway Project to the gateway itself.
unknown
, stopped
, allocating
, configuring
, running
, stopping
, failed
, deleting
, deleted
and locked
. The default value is unknown
.Upgrade a given Public Gateway to the newest software version. This applies the latest bugfixes and features to your Public Gateway, but its service will be interrupted during the update.
unknown
, stopped
, allocating
, configuring
, running
, stopping
, failed
, deleting
, deleted
and locked
. The default value is unknown
.A Gateway Network represents the connection of a Private Network to a Public Gateway. It holds configuration options relative to this specific connection, such as the DHCP configuration.
List the connections between Public Gateways and Private Networks (a connection = a GatewayNetwork). You can choose to filter by gateway-id
to list all Private Networks attached to the specified Public Gateway, or by private_network_id
to list all Public Gateways attached to the specified Private Network. Other query parameters are also available. The result is an array of GatewayNetwork objects, each giving details of the connection between a given Public Gateway and a given Private Network.
created_at_asc
, created_at_desc
, status_asc
and status_desc
. The default value is created_at_asc
.Attach a specific Public Gateway to a specific Private Network (create a GatewayNetwork). You can configure parameters for the connection including DHCP settings, whether to enable masquerade (dynamic NAT), and more.
dhcp_id
, dhcp
and address
may be set.dhcp_id
, dhcp
and address
may be set.dhcp_id
, dhcp
and address
may be set.unknown
, created
, attaching
, configuring
, ready
, detaching
and deleted
. The default value is unknown
.Get details of a given connection between a Public Gateway and a Private Network (this connection = a GatewayNetwork), specified by its gateway_network_id
. The response object contains details of the connection including the IDs of the Public Gateway and Private Network, the dates the connection was created/updated and its configuration settings.
unknown
, created
, attaching
, configuring
, ready
, detaching
and deleted
. The default value is unknown
.Update the configuration parameters of a connection between a given Public Gateway and Private Network (the connection = a GatewayNetwork). Updatable parameters include DHCP settings and whether to enable traffic masquerade (dynamic NAT).
dhcp_id
and address
may be set.unknown
, created
, attaching
, configuring
, ready
, detaching
and deleted
. The default value is unknown
.Detach a given Public Gateway from a given Private Network, i.e. delete a GatewayNetwork specified by a gateway_network_id.
These objects define a DHCP configuration, i.e. how IP addresses should be assigned to devices on a Private Network attached to a Public Gateway. Definable parameters include the subnet for the DHCP server, the validity period for DHCP entries, whether to use dynamic pooling, and more. A DHCP configuration object has a DHCP ID, which can then be used as part of a call to create or update a Gateway Network. This lets you attach an existing DHCP configuration to a Public Gateway attached to a Private Network. Similarly, you can use a DHCP ID as a query parameter to list Gateway Networks which use this DHCP configuration object.
List DHCP configurations, optionally filtering by Organization, Project, Public Gateway IP address or more. The response is an array of DHCP configuration objects, each identified by a DHCP ID and containing configuration settings for the assignment of IP addresses to devices on a Private Network attached to a Public Gateway. Note that the response does not contain the IDs of any Private Network / Public Gateway the configuration is attached to. Use the List Public Gateway connections to Private Networks
method for that purpose, filtering on DHCP ID.
created_at_asc
, created_at_desc
, subnet_asc
and subnet_desc
. The default value is created_at_asc
.Create a new DHCP configuration object, containing settings for the assignment of IP addresses to devices on a Private Network attached to a Public Gateway. The response object includes the ID of the DHCP configuration object. You can use this ID as part of a call to Create a Public Gateway connection to a Private Network
or Update a Public Gateway connection to a Private Network
to directly apply this DHCP configuration.
Get a DHCP configuration object, identified by its DHCP ID. The response object contains configuration settings for the assignment of IP addresses to devices on a Private Network attached to a Public Gateway. Note that the response does not contain the IDs of any Private Network / Public Gateway the configuration is attached to. Use the List Public Gateway connections to Private Networks
method for that purpose, filtering on DHCP ID.
Update a DHCP configuration object, identified by its DHCP ID.
Delete a DHCP configuration object, identified by its DHCP ID. Note that you cannot delete a DHCP configuration object that is currently being used by a Gateway Network.
DHCP entries belong to a specified Gateway Network (Public Gateway / Private Network connection). A DHCP entry can hold either a dynamic DHCP lease (an IP address dynamically assigned by the Public Gateway to a device) or a static, user-created DHCP reservation.
List DHCP entries, whether dynamically assigned and/or statically reserved. DHCP entries can be filtered by the Gateway Network they are on, their MAC address, IP address, type or hostname.
created_at_asc
, created_at_desc
, ip_address_asc
, ip_address_desc
, hostname_asc
and hostname_desc
. The default value is created_at_asc
.Create a static DHCP reservation, specifying the Gateway Network for the reservation, the MAC address of the target device and the IP address to assign this device. The response is a DHCP entry object, confirming the ID and configuration details of the static DHCP reservation.
unknown
, reservation
and lease
. The default value is unknown
.Set the list of DHCP reservations attached to a Gateway Network. Reservations are identified by their MAC address, and will sync the current DHCP entry list to the given list, creating, updating or deleting DHCP entries accordingly.
Get a DHCP entry, specified by its DHCP entry ID.
unknown
, reservation
and lease
. The default value is unknown
.Update the IP address for a DHCP entry, specified by its DHCP entry ID. You can update an existing DHCP entry of any type (reservation
(static), lease
(dynamic) or unknown
), but in manually updating the IP address the entry will necessarily be of type reservation
after the update.
unknown
, reservation
and lease
. The default value is unknown
.Delete a static DHCP reservation, identified by its DHCP entry ID. Note that you cannot delete DHCP entries of type lease
, these are deleted automatically when their time-to-live expires.
PAT (Port Address Translation) rules, aka static NAT rules, belong to a specified Public Gateway. They define the forwarding of a public port to a specific device on a Private Network, enabling enables ingress traffic from the public Internet to reach the correct device in the Private Network.
List PAT rules. You can filter by gateway ID to list all PAT rules for a particular gateway, or filter for PAT rules targeting a specific IP address or using a specific protocol.
created_at_asc
, created_at_desc
, public_port_asc
and public_port_desc
. The default value is created_at_asc
.Create a new PAT rule on a specified Public Gateway, defining the protocol to use, public port to listen on, and private port / IP address to map to.
unknown
, both
, tcp
and udp
. The default value is unknown
.Set a definitive list of PAT rules attached to a Public Gateway. Each rule is identified by its public port and protocol. This will sync the current PAT rule list on the gateway with the new list, creating, updating or deleting PAT rules accordingly.
Get a PAT rule, specified by its PAT rule ID. The response object gives full details of the PAT rule, including the Public Gateway it belongs to and the configuration settings in terms of public / private ports, private IP and protocol.
unknown
, both
, tcp
and udp
. The default value is unknown
.Update a PAT rule, specified by its PAT rule ID. Configuration settings including private/public port, private IP address and protocol can all be updated.
unknown
, both
, tcp
and udp
. The default value is unknown
.Delete a PAT rule, identified by its PAT rule ID. This action is irreversible.
Public, flexible IP addresses for Public Gateways, allowing the gateway to reach the public internet, as well as forward (masquerade) traffic from member devices of attached Private Networks.
List Public Gateway flexible IP addresses. A number of filter options are available for limiting results in the response.
created_at_asc
, created_at_desc
, ip_asc
, ip_desc
, reverse_asc
and reverse_desc
. The default value is created_at_asc
.Create (reserve) a new flexible IP address that can be used for a Public Gateway in a specified Scaleway Project.
Get details of a Public Gateway flexible IP address, identified by its IP ID. The response object contains information including which (if any) Public Gateway using this IP address, the reverse and various other metadata.
Update details of an existing flexible IP address, including its tags, reverse and the Public Gateway it is assigned to.
Delete a flexible IP address from your account. This action is irreversible.
Public Gateways come in various shapes, sizes and prices, which are described by gateway types. They represent the different commercial offer types for Public Gateways available at Scaleway.
List the different Public Gateway commercial offer types available at Scaleway. The response is an array of objects describing the name and technical details of each available gateway type.