Networks
Virtual networks in Xelon HQ provide the connectivity layer for your infrastructure. Create isolated LAN networks for internal communication or WAN networks for external access. Manage IP addresses, share networks between organizations, and configure VLAN trunks.
Networks are the default view when you navigate to Virtual Datacenter > Networking. They appear under the All Networks tab. Other networking features (Firewalls, Load Balancers, WAF, DNS) are available as additional tabs on the same page.
Network Types
| Type | Description | Use Case |
|---|---|---|
| LAN | Private network isolated within your organization. Traffic stays internal. | Internal communication between VMs, databases, application tiers. |
| WAN | Network with external connectivity and public IP addresses. | Public-facing services, internet access for VMs. |
Creating a LAN Network
Navigate to Virtual Datacenter > Networking and select the All Networks tab. Click Create Network. Select a cloud, then choose Dedicated LAN / DMZ Network as the type and configure:
| Field | Description |
|---|---|
| Displayname | A descriptive name for the network. |
| Network | The network address (e.g., 10.0.0.0). |
| Size | The subnet size as a prefix length (e.g., /24). |
| Gateway | The gateway IP address within the network. |
| DNS Server 1 / DNS Server 2 | DNS server addresses for name resolution. |
| Network Speed | The speed tier for the network. Speed upgrades have additional costs. |
Creating a WAN Network
Select Dedicated WAN Network as the network type. WAN networks are provisioned with a public IP range. Configure the following:
| Field | Description |
|---|---|
| Displayname | A descriptive name for the network. |
| Subnet size | Select a subnet size from the available options. |
| Network Speed | The speed tier for the network. |
IP Address Management
Each network provides an IP address pool. You can manage IP allocations from the network details page:
- Add and reserve IP: For LAN networks, click Add and reserve IP to allocate a new IP address and reserve it in one step. Provide the IP address and a description for the reservation.
- Reserve IP: For unassigned IPs in the list, click Reserve IP to mark an IP as reserved and prevent automatic assignment.
- Release IP: Click the [reserved] label next to a reserved IP to remove the reservation, making it available for automatic assignment.
- Delete IPs: Select one or more IPs from the list and click Delete Selected Ips to remove them.
Reserve IP addresses you want held out of automatic allocation — for example, the address of a device provisioned outside Xelon HQ, or an address kept aside for future use — so they are never assigned to a new resource. Note that an IP currently in use by a device cannot be reserved; the reservation persists until you manually release it.
Static & Dedicated IP Addresses
Xelon HQ supports static and dedicated IP addresses for resources that require a persistent, predictable public address. How IPs are allocated depends on the resource type:
| Resource | IP Allocation | Static by Default? |
|---|---|---|
| Virtual Machine | Assigned from the WAN network's pre-provisioned IP pool when a WAN NIC is attached. You can also set a specific IP during NIC configuration. | Yes — the IP remains assigned for the lifetime of the VM. |
| Kubernetes Cluster | Each cluster is provisioned with a dedicated /29 WAN subnet. The cluster's API endpoint, load balancers, and virtual IPs are assigned from this range. | Yes — the entire subnet is dedicated to the cluster. |
| Load Balancer | Assigned a dedicated public IP from the WAN network pool. For Kubernetes load balancers, the IP is deterministically assigned from the cluster's /29 subnet. | Yes — the IP remains assigned for the lifetime of the load balancer. |
| Firewall | Assigned a dedicated public IP from the WAN network pool. | Yes — the IP remains assigned for the lifetime of the firewall. |
Reserving IPs
Use IP reservations to prevent specific IP addresses from being automatically assigned. Common use cases include:
- Blocking an IP from allocation — Reserve an IP to ensure it is not assigned to any new resource (e.g., an IP that must remain unused or is reserved for future use).
- External devices — When a device is provisioned outside of Xelon HQ and does not support IP assignment through the platform, reserve its IP to prevent conflicts.
To reserve an IP:
- Navigate to Virtual Datacenter > Networking and open the network.
- Find the IP you want to reserve (or add a new one for LAN networks).
- Click Reserve IP and add a description.
Reserved IPs are excluded from automatic allocation and will not be assigned to new resources. The reservation persists until you manually release it.
Sharing Networks Between Organizations
ResellerAccounts with the manage network permission can share their networks with other organizations (tenants) in their hierarchy using the network sharing feature. This is governed by network ownership and the manage-network permission, not by reseller account status. It allows multiple tenants to communicate over a shared network while maintaining organization-level isolation for other resources.
To share a network, navigate to the network details page, click Share, and select the target organizations.
Network Locking
Lock a network to prevent its accidental deletion. When locked, the network cannot be deleted in the panel; to remove it you must contact Xelon support. This is recommended for production networks.
Locking does not block edits to the network's settings — it only prevents deletion. The Lock network toggle is available only to the Xelon admin tenant, so contact support to lock or unlock a network.
VLAN Trunk Networks
VLAN trunk networks allow you to import port groups from your underlying infrastructure. This is useful when integrating Xelon HQ with existing on-premises network segments.
To import a trunk port group, navigate to Virtual Datacenter > Networking, select the All Networks tab, click Import Trunk Network, select a cloud and tenant, then choose from the available port groups.
VLAN trunk networks require the appropriate infrastructure configuration. Contact your administrator if no port groups are available for import.
Attaching VMs to Networks
Virtual machines connect to networks through network interfaces. You can attach a VM to a network during VM creation or by editing the VM and adding a network interface. Each VM can be connected to multiple networks simultaneously.
Deleting a Network
To delete a network, first detach all connected resources (VMs, firewalls, load balancers) and then click Delete network from the network details page.
A network cannot be deleted while resources are still attached to it. Remove all connected devices and release all IP allocations before deleting.