The current private network implementation is very limited:
1) IP addresses/subnets cannot be chosen by the user
2) Routed packets cannot traverse it, they are silently discarded
Which means: Linking two different data centers via just a plain ol' tunnel is impossible because of #2, and would be a little frustrating in the first place, thanks to #1.
Both of these would be easily solved if we could just get one or more VLANs per account/project per data center.
Being able to route from private IP <-> private IP is great for security, and it would be a cinch if it weren't for the current implementation.