Set up Private Network Load Balancing with Magic WAN
Consider the following steps to learn how to configure Private Network Load Balancing solution, using Magic WAN as the on-ramp and off-ramp to securely connect to your private or internal services. This is currently an API only feature.
-
Create and configure virtual networks using either the Cloudflare UI or the Cloudflare API.
-
Set your virtual network as the default. Your load balancer will use the
default
virtual network. In the API, specify the default virtual network by settingis_default_network = true
. -
Retrieve the ID of the virtual network you created. To get the VNET ID, send a
GET
request to the following API endpoint:
The VNET ID value will be used to ensure that your load balancer is properly integrated with the specified virtual network.
-
Once you have your VNets configured, you need to make sure that the pools you will be using with your load balancer are configured with the default VNet value in the Virtual Network field.
-
Next, create an Account Load Balancer by sending a
POST
request to the following API endpoint. The request body should be structured similarly to a Zone Load Balancer. Refer to the Cloudflare API documentation for details on the required fields and their formats. Make sure that the pools you are using in your load balancer have the default VNET configured (previous step).
To retrieve a list of all created Account Load Balancers, send a GET
request to the same endpoint.
- The
tunnel_id
parameter of the created Load Balancer is necessary for subsequent requests, so make sure to save thetunnel_id
when you receive it in the response of thePOST
request. You can also retrieve thetunnel_id
from theGET
request if you need it for future operations.
To access the new load balancer, you need to create a tunnel route. This will be done automatically for you, but in case you would need to create one yourself or add an additional one, you need to:
-
Use the
tunnel_id
of the Account Load Balancer, retrieved in the previous step. By using thetunnel_id
of the Account Load Balancer and assigning a private network IP we are making the Load Balancer available at that IP address on the associated virtual network. -
To create a route for your Load Balancer, send a
POST
request to following endpoint with this sample body:
After completing these steps, the load balancer should be deployed with the selected private IP address and available to traffic on the same virtual network.