diff --git a/faq/apple-silicon.mdx b/faq/apple-silicon.mdx
index eaf42900e6..bf80f0231a 100644
--- a/faq/apple-silicon.mdx
+++ b/faq/apple-silicon.mdx
@@ -44,3 +44,6 @@ Certain operations are restricted by default MDM configuration profiles:
## Do I pay for my Mac mini when I am not using it?
Yes, you pay for your Mac mini as long as it is assigned to your account. You must explicitly delete it in the console or via the CLI to stop charges. For deletion instructions, see [How to delete Mac mini](/apple-silicon/how-to/delete-mac-mini/).
+## Are Mac minis compatible with Private Networks?
+Yes, you can now activate the Private Networks feature on your Mac mini, and attach it to a Private Network so that it can securely communicate with other Scaleway resources. For full details, see the [Mac mini Private Networks documentation](/apple-silicon/how-to/use-private-networks/).
+
diff --git a/menu/navigation.json b/menu/navigation.json
index abde72a31a..9f36f50eec 100644
--- a/menu/navigation.json
+++ b/menu/navigation.json
@@ -892,6 +892,10 @@
"label": "Connect to a Mac mini using SSH",
"slug": "connect-to-mac-mini-ssh"
},
+ {
+ "label": "Use Private Networks",
+ "slug": "use-private-networks"
+ },
{
"label": "Install a package manager",
"slug": "install-package-manager-mac-mini"
diff --git a/pages/apple-silicon/concepts.mdx b/pages/apple-silicon/concepts.mdx
index ac8d0d9883..0b7013ae1e 100644
--- a/pages/apple-silicon/concepts.mdx
+++ b/pages/apple-silicon/concepts.mdx
@@ -24,6 +24,10 @@ Apple silicon as-a-Service is tailored for developing, building, testing, and si
The Mac mini is a physical hardware designed by Apple, powered by the [Apple silicon](#apple-silicon) chip. It is the basis for Scaleway's [Apple silicon as-a-service](#apple-silicon-as-a-service) offer.
+## Private Networks
+
+Private Networks allow your Mac mini to communicate in an isolated and secure network with other Scaleway resources. This is an optional-billed feature for Mac mini. Find out [how to attach your Mac mini to a Private Network](/apple-silicon/how-to/use-private-networks/).
+
## Region and Availability Zone
diff --git a/pages/apple-silicon/how-to/assets/scaleway-m1-network.webp b/pages/apple-silicon/how-to/assets/scaleway-m1-network.webp
new file mode 100644
index 0000000000..0ed3d75fbd
Binary files /dev/null and b/pages/apple-silicon/how-to/assets/scaleway-m1-network.webp differ
diff --git a/pages/apple-silicon/how-to/assets/scaleway-m1-vlan-details.webp b/pages/apple-silicon/how-to/assets/scaleway-m1-vlan-details.webp
new file mode 100644
index 0000000000..f0f86f5af0
Binary files /dev/null and b/pages/apple-silicon/how-to/assets/scaleway-m1-vlan-details.webp differ
diff --git a/pages/apple-silicon/how-to/assets/scaleway-m1-vlan.webp b/pages/apple-silicon/how-to/assets/scaleway-m1-vlan.webp
new file mode 100644
index 0000000000..ee0845b6cd
Binary files /dev/null and b/pages/apple-silicon/how-to/assets/scaleway-m1-vlan.webp differ
diff --git a/pages/apple-silicon/how-to/create-mac-mini.mdx b/pages/apple-silicon/how-to/create-mac-mini.mdx
index afd5416717..426e376be1 100644
--- a/pages/apple-silicon/how-to/create-mac-mini.mdx
+++ b/pages/apple-silicon/how-to/create-mac-mini.mdx
@@ -36,6 +36,7 @@ This page shows how to create your first [Mac mini](/apple-silicon/concepts/#mac
- Mac mini M2 pro and M2 are available in PARIS 1
- Mac mini M1 are available in PARIS 3
- Choose a macOS version. Note that if you choose a macOS other than the one installed by default, there will be a delay of about 1 hour before the Mac mini is made available.
+ - Choose whether to activate the **Private Networks 1 Gbps** feature. This lets you attach your Mac mini to one or more Scaleway Private Networks in a [VPC](/vpc/), enabling secure communication with other attached resources.
- Enter a **Name** for your Mac mini, or leave the randomly-generated name in place.
- Verify the **Estimated cost** for your Mac mini based on your chosen specifications.
4. Click **Create Mac mini** to finish. The installation of your Apple silicon is launched, and you are informed when it is ready.
diff --git a/pages/apple-silicon/how-to/use-private-networks.mdx b/pages/apple-silicon/how-to/use-private-networks.mdx
new file mode 100644
index 0000000000..9c93611fbd
--- /dev/null
+++ b/pages/apple-silicon/how-to/use-private-networks.mdx
@@ -0,0 +1,135 @@
+---
+meta:
+ title: How to use Private Networks with your Mac mini
+ description: Learn how to get the most from the Private Networks 1Gbps feature for your Mac mini. Find out how to activate the feature, attach your Mac mini to Private Networks, and enable secure communication with your other Scaleway resources.
+content:
+ h1: How to use Private Networks with your Mac mini
+ paragraph: Learn how to get the most from the Private Networks 1Gbps feature for your Mac mini. Find out how to activate the feature, attach your Mac mini to Private Networks, and enable secure communication with your other Scaleway resources.
+tags: mac-mini mac-mini apple-silicon private-network vpc
+dates:
+ validation: 2025-01-28
+ posted: 2021-05-26
+categories:
+ - bare-metal
+---
+
+Private Networks allow your Mac mini to communicate in an isolated and secure network with other Scaleway resources. This is an optional-billed feature for Mac mini.
+
+When the feature is activated, each Mac mini can be connected to one or several Private Networks, letting you build your own network topologies. Private Networks’ built-in DHCP server manages the allocation of private IP addresses for Mac mini servers (and other resources) when they are attached to the network.
+
+For full information about Scaleway Private Networks and VPC, see our [dedicated documentation](/vpc/) and [best practice guide](/vpc/reference-content/getting-most-private-networks/).
+
+
+
+- A Scaleway account logged into the [console](https://console.scaleway.com)
+- [Owner](/iam/concepts/#owner) status or [IAM permissions](/iam/concepts/#permission) allowing you to perform actions in the intended Organization
+- A [Mac mini](/apple-silicon/how-to/create-mac-mini/)
+
+## How to enable the Private Networks feature
+
+Before you can attach your Mac mini to a Private Network, you must enable the feature. This can be done during [Mac mini creation](/apple-silicon/how-to/create-mac-mini/) or afterwards. These instructions show how to enable the feature after the creation of the Mac mini.
+
+1. Click **Apple silicon** in the **Bare Metal** section of the side menu. The Apple silicon splash page displays.
+2. Click the Mac mini you want to enable Private Networks on. The Mac mini's **Overview** page displays.
+3. In the **Private Networks feature** panel, use the toggle button to enable the feature.
+ A pop-up displays, asking you to confirm that you want to enable Private Networks, and showing the estimated cost.
+4. Click **Enable Private Networks**.
+
+Private Networks are enabled, and you are returned to your Mac mini's **Overview** page.
+
+
+When the feature is activated, you can attach your Mac mini to up to 8 different Private Networks. You are charged the same overall price for the feature, you are not billed per Private Network.
+
+
+## How to disable the Private Networks feature
+
+You can disable the Private Networks feature at any time after activating it.
+
+1. Click **Apple silicon** in the **Bare Metal** section of the side menu. The Apple silicon splash page displays.
+2. Click the Mac mini you want to disable Private Networks on. The Mac mini's **Overview** page displays.
+3. In the **Private Networks feature** panel, use the toggle button to disable the feature.
+ A pop-up displays, asking you to confirm that you want to disable Private Networks.
+4. Click **Disable Private Networks**.
+
+Private Networks are disabled, and you are returned to your Mac mini's **Overview** page. Any Private Networks previously attached to the Mac mini are now detached.
+
+## How to attach a Mac mini to a Private Network
+
+1. Click **Apple silicon** in the **Bare Metal** section of the side menu. The Apple silicon splash page displays.
+2. Click the Mac mini you want to attach to a Private Network. The Mac mini's **Overview** page displays.
+3. Click the **Private Networks** tab.
+4. Click **+ Attach to a Private Network**. A pop-up displays.
+5. Select the Private Network you want to attach the Mac mini to. It will be automatically assigned private IPv4 and IPv6 addresses on this network. The ability to use specific reserved IP addresses for the attachment is planned for the future.
+6. Click **Attach to Private Network**.
+
+The Mac mini is attached to the Private Network, and you are returned to the **Private Networks** tab. The IPv4 and the IPv6 addresses for the Mac mini on the Private Network are displayed, along with the ID of the VLAN interface that was created.
+
+Once you have attached the resource, some manual configuration of the network interface is required. See the next section for full details.
+
+## How to configure the VLAN interface on your Mac mini for Private Networks
+
+You must configure the virtual network interface on each Mac mini you have attached to a Private Network. Traffic from the public internet and traffic from a Private Network will pass through the same network interface of the Mac mini. We must therefore separate the traffic by adding a VLAN interface.
+
+To configure the interface, you must connect to your Mac mini, either via SSH or the remote desktop and carry out the instructions given.
+
+### Via SSH and networksetup
+
+1. Make a note of your Mac mini's **VLAN ID**. You can view this in the Scaleway console, in the **Private Networks** tab of the Mac mini in question.
+2. [Connect to your Mac mini via SSH](/apple-silicon/how-to/connect-to-mac-mini-ssh/).
+3. Use the following command to bring up the interface. Ensure you replace `` with the VLAN_ID from step one.
+ ```
+ sudo networksetup -createVLAN pn en0
+ ```
+4. Check that the interface has been brought up with the following command:
+ ```
+ sudo networksetup -listVLANs
+ ```
+ You should see a response similar to the following:
+ ```
+ VLAN User Defined Name: pn
+ Parent Device: en0
+ Device ("Hardware" Port): vlan0
+ Tag: 3548
+ ```
+
+No configuration is required for your Mac mini's IP address on the Private Network, as this is automatically managed by Scaleway DHCP. You can view the IP address in the Scaleway console, in the Mac mini's **Private Networks** tab.
+
+
+ If you have any issues with bringing up the VLAN interface or the IP address, the following commands may be helpful.
+
+ To delete the VLAN, so you can attempt re-creation;
+ ```
+ sudo networksetup -deleteVLAN pn en0
+ ```
+ To renew the DHCP lease:
+ ```
+ sudo ipconfig set en0 BOOTP && sudo ipconfig set en0 DHCP
+ ```
+
+
+### Via remote desktop
+
+1. Make a note of your Mac mini's **VLAN ID**. You can view this in the Scaleway console, in the **Private Networks** tab of the Mac mini in question.
+2. [Access the Mac mini's remote desktop](/apple-silicon/how-to/access-remote-desktop-mac-mini/).
+3. Go to **System Settings** > **Network**, then click **...v** and select **Manage Virtual Interfaces** from the menu that displays.
+
+4. Click **+** > **New VLAN** to add a new virtual interface.
+
+5. Enter a **VLAN name** of your choice, the VLAN ID from step 1 in the **Tag** field, and **Ethernet** as the interface. Click **Done**.
+
+The VLAN interface is created. You can check its status in the **Network** tab, and see its full details by clicking on it.
+
+
+
+No configuration is required for your Mac mini's IP address on the Private Network, as this is automatically managed by Scaleway DHCP.
+
+## How to detach a Mac mini from a Private Network
+
+1. Click **Apple silicon** in the **Bare Metal** section of the side menu. The Apple silicon splash page displays.
+2. Click the Mac mini you want to detach from a Private Network. The Mac mini's **Overview** page displays.
+3. Click the **Private Networks** tab.
+4. Click the unlink icon next to the Private Network you want to detach from the Mac mini.
+ A pop-up displays, asking you to confirm that you want to detach the resource.
+5. Click **Detach resource**.
+
+The Mac mini is detached from the Private Network, and you are returned to the **Private Networks** tab. You can reattach it at any time.
\ No newline at end of file
diff --git a/pages/apple-silicon/index.mdx b/pages/apple-silicon/index.mdx
index 7e81602482..fc29783b0b 100644
--- a/pages/apple-silicon/index.mdx
+++ b/pages/apple-silicon/index.mdx
@@ -4,6 +4,13 @@ meta:
description: Dive into Scaleway Apple silicon with our quickstart guides, how-tos, tutorials and more.
---
+
+ You can now activate the Private Networks feature on your Mac mini, and attach it to up to eight Private Networks so that it can securely communicate with your other Scaleway resources. See the [dedicated documentation](/apple-silicon/how-to/use-private-networks/) for full details.
+
+
+For Elastic Metal servers and Apple silicon Mac minis, manual configuration of the network interface is required. This is not required for Instances or other types of resources. See the relevant documentation for [Elastic Metal](/elastic-metal/how-to/use-private-networks/#how-to-configure-the-network-interface-on-your-elastic-metal-server-for-private-networks) or [Apple silicon](/apple-silicon/how-to/use-private-networks/) for full instructions.
+
## How to view the resource's IP address
When you attach a resource to a Private Network, it gets a private IPv4 address on that network (and also an IPv6 address, if supported by the resource). Private IPs are assigned from the CIDR block defined at the time of the Private Network's creation, either via auto-assignment or specification of a particular [reserved IP](/ipam/how-to/reserve-ip/).
@@ -101,7 +105,7 @@ Refer to our documentation on [IPv4](/vpc/how-to/create-private-network/#how-to-
-When you attach an Instance or Elastic Metal server to a legacy Private Network on which you [have not activated DHCP](/vpc/reference-content/vpc-migration/#dhcp-activation-on-pre-existing-private-networks), no IP address is configured or shown on the screen shown above.
+When you attach a resource to a legacy Private Network on which you [have not activated DHCP](/vpc/reference-content/vpc-migration/#dhcp-activation-on-pre-existing-private-networks), no IP address is configured or shown on the screen shown above.
You will need to carry out manual configuration to set the IP address on the resource, or activate DHCP.
@@ -109,7 +113,6 @@ We strongly recommend that you [activate DHCP on the Private Network](/vpc/how-t
If you do not see an IP address in the screens above for your resource, and you think you should, check out our [troubleshooting](/vpc/troubleshooting/resource-attached-no-ip/) guide.
-Note that in any case, for Elastic Metal servers, some [manual configuration is required](/elastic-metal/how-to/use-private-networks/#how-to-configure-the-network-interface-on-your-elastic-metal-server-for-private-networks) even after activating DHCP. This is not required for Instances or other types of resources.
## How to access a resource on a Private Network via its hostname (DNS)
diff --git a/pages/vpc/reference-content/getting-most-private-networks.mdx b/pages/vpc/reference-content/getting-most-private-networks.mdx
index df2e7b4145..90d1be2c5a 100644
--- a/pages/vpc/reference-content/getting-most-private-networks.mdx
+++ b/pages/vpc/reference-content/getting-most-private-networks.mdx
@@ -110,14 +110,14 @@ Different types of Scaleway resources may have different requirements and possib
* **Compatible with private IPv6**: Whether or not the resource is compatible with private IPv6 addressing. Compatible resources generally acquire both an IPv4 and an IPv6 address when attached to a Private Network.
* **Compatible with reserved IPs**: Whether or not you can use a [reserved IP](/ipam/how-to/reserve-ip/#how-to-attach-a-resource-to-a-private-network-using-a-reserved-ip-address) to attach the resource to a Private Network
-| | Instance | Elastic Metal | Kubernetes | Managed Inference |
-|------------------------------|----------|---------------|------------|-------------------|
-| Max attached PNs | 8 | 8 | 1 | 1 |
-| Mandatory PN | No | No | Yes | No |
-| Compatible with private IPv6 | Yes | Yes | Yes | No |
-| Compatible with reserved IPs | Yes | Yes | No | No |
-| Additional information | -- | [Paid-for
feature](https://www.scaleway.com/en/pricing/elastic-metal/#network) | PN cannot be changed
after cluster creation | Must have at least one of
private and/or public endpoint |
-| Documentation | [Go](/instances/how-to/use-private-networks/) | [Go](/elastic-metal/how-to/use-private-networks/) | [Go](/kubernetes/reference-content/secure-cluster-with-private-network/#why-have-a-private-network-for-your-kubernetes-kapsule-cluster) | [Go](/managed-inference/how-to/managed-inference-with-private-network/) |
+| | Instance | Elastic Metal | Apple silicon | Kubernetes | Managed Inference |
+|------------------------------|----------|---------------|---------------|------------|-------------------|
+| Max attached PNs | 8 | 8 | 8 | 1 | 1 |
+| Mandatory PN | No | No | No | Yes | No |
+| Compatible with private IPv6 | Yes | Yes | Yes | Yes | No |
+| Compatible with reserved IPs | Yes | Yes | No |No | No |
+| Additional information | -- | [Paid-for
feature](https://www.scaleway.com/en/pricing/elastic-metal/#network) | [Paid-for
feature](https://www.scaleway.com/en/pricing/apple-silicon/) | PN cannot be changed
after cluster creation | Must have at least one of
private and/or public endpoint |
+| Documentation | [Go](/instances/how-to/use-private-networks/) | [Go](/elastic-metal/how-to/use-private-networks/) | [Go](/apple-silicon/how-to/use-private-networks/) | [Go](/kubernetes/reference-content/secure-cluster-with-private-network/#why-have-a-private-network-for-your-kubernetes-kapsule-cluster) | [Go](/managed-inference/how-to/managed-inference-with-private-network/) |
| | Managed Database | Managed Database for Redis™ | Public Gateways | Load Balancer |
diff --git a/pages/vpc/troubleshooting/vpc-limitations.mdx b/pages/vpc/troubleshooting/vpc-limitations.mdx
index 0aa4f3f06f..4f13fd88be 100644
--- a/pages/vpc/troubleshooting/vpc-limitations.mdx
+++ b/pages/vpc/troubleshooting/vpc-limitations.mdx
@@ -21,6 +21,7 @@ This page sets out some current limitations of Scaleway's VPC.
- The following resource types can be attached to a Private Network:
- Instances
- Elastic Metal servers
+ - Apple silicon (Mac mini)
- Load Balancers
- Public Gateways
- Managed Databases for PostgreSQL and MySQL