Intermediate
How to set up VPC networking on DigitalOcean
Quick Answer
Setting up VPC networking on DigitalOcean involves creating a Virtual Private Cloud through the networking panel, configuring IP ranges, and connecting droplets to the VPC for secure internal communication. This allows resources to communicate privately without using public internet traffic.
Prerequisites
- Active DigitalOcean account
- Basic understanding of networking concepts
- SSH key configured for droplet access
- Familiarity with DigitalOcean control panel
1
Access the VPC Section
Log into your DigitalOcean control panel and navigate to Networking from the left sidebar. Click on the VPC tab to access the Virtual Private Cloud management interface.
Tip
Make sure you're in the correct project if you have multiple projects configured.
2
Create a New VPC
Click the Create VPC Network button. Enter a descriptive name for your VPC in the VPC Name field. Select your preferred datacenter region from the Region dropdown menu.
Tip
Choose a region close to your users for better performance and ensure all resources are in the same region.
3
Configure IP Range and Settings
Set the IP range for your VPC using CIDR notation in the IP Range field (default is
10.116.0.0/20). You can customize this range based on your needs. Leave the Description field optional or add notes about the VPC's purpose.Tip
Use private IP ranges like 10.x.x.x, 172.16-31.x.x, or 192.168.x.x to avoid conflicts with public IPs.
4
Review and Create VPC
Review your VPC configuration settings including name, region, and IP range. Click Create VPC Network to finalize the creation. The VPC will appear in your networking dashboard within a few seconds.
5
Create Droplets in the VPC
Navigate to Create > Droplets to create new droplets. In the droplet creation form, scroll to the VPC Network section and select your newly created VPC from the dropdown. Configure other droplet settings as needed.
Tip
You can create multiple droplets in the same VPC for them to communicate privately.
6
Configure Droplet Networking
Complete the droplet creation process. Once created, your droplets will have both public IP addresses and private VPC IP addresses. Access your droplet via SSH using
ssh root@your-droplet-ip to verify network configuration.Tip
Use the private IP addresses for communication between droplets in the same VPC to avoid data transfer charges.
7
Test VPC Connectivity
From one droplet, test connectivity to another droplet in the same VPC using the private IP:
ping 10.116.0.xTip
Configure firewall rules using DigitalOcean Cloud Firewalls to control traffic between VPC resources.
8
Add Existing Resources to VPC
To add existing droplets to your VPC, go to the droplet's Networking tab and click Add to VPC. Select your VPC from the list and click Assign VPC. The droplet will be assigned a private IP within the VPC range.
Tip
Adding existing droplets to a VPC may require a reboot for network changes to take effect.
Troubleshooting
Droplets cannot communicate within VPC
Check that both droplets are in the same VPC network and region. Verify firewall settings allow internal traffic and ensure you're using private IP addresses for communication.
VPC creation fails with IP range error
Ensure you're using valid private IP ranges in CIDR notation. Avoid conflicts with existing VPCs in the same region by choosing different IP ranges like
10.117.0.0/20.Cannot add existing droplet to VPC
Verify the droplet is in the same region as the VPC. Some older droplets may not support VPC networking - consider creating new droplets if the option is unavailable.
High data transfer costs between droplets
Ensure you're using private VPC IP addresses for internal communication instead of public IPs. Traffic within a VPC doesn't incur bandwidth charges between droplets in the same datacenter.
Ready to get started with DigitalOcean?
Put this tutorial into practice. Visit DigitalOcean and follow the steps above.
Visit DigitalOcean →