Microsoft Azure: Public IP and Reserved IP

When you are running Virtual Machines in Microsoft Azure and you want to make them available from Internet, you have 2 options: Public IP (PIP) and Reserved IP (VIP)

Public IP (PIP)

A Public IP is an address that you can assign directly to your VM, rather than to the cloud service that your VM resides within. This doesn’t take the place of the VIP that is assigned to your cloud service. Rather, it’s additional IP address that you can use to connect to your VM. You can assign one PIP for each VM. Y

By having a PIP on your VM, you can receive traffic on just about any port, you will not have to open up an endpoint to receive traffic. This enables scenarios like passive FTP where the ports are chose dynamically. Outbound traffic originating from the VM goes out with PIP as the source and this uniquely identifies the VM to external entities.

Pricing? http://azure.microsoft.com/en-us/pricing/details/ip-addresses/
A PIP cost about 3€/month and is limited to 5 per Azure subscription. Now if you need to have more PIP, you could contact Azure support to extend your subscription limit.

Let see how it works and assign a PIP to an existing Virtual Machine (VM), really easily:

Connect to Microsoft Azure with PowerShell:

import-module Azure

$userName = "*******@*******.onmicrosoft.com"

$securePassword = ConvertTo-SecureString -String "********" -AsPlainText -Force

$cred = New-Object System.Management.Automation.PSCredential($userName, $securePassword)

Add-AzureAccount -Credential $cred

We need to check if no PIP has been already assigned to our VM:

Get-AzureRole -ServiceName vnextgpsgate -Slot Production -InstanceDetails

We will now assign a PIP to our VM by running the following command:

#PIP
Get-AzureVM -ServiceName CLOUDSERVICENAME -Name VMNAME | Set-AzurePublicIP -PublicIPName NAMEOFYOURCHOICE | Update-AzureVM
#Done

2015-03-10_13-53-02

And we re-use the first command to check if everything is ok:

Get-AzureRole -ServiceName vnextgpsgate -Slot Production -InstanceDetails

Easy no? Which is really important is that a PIP could be assign to an existing VM which is not the case of a VIP where you have to create a new cloud service.

Now the problem… the PIP is not persistent, it means that if your VM is deallocated, when you will power it up, the VM will receive a new PIP. If you want a persistent IP, you have to go for the Reserved IP option.

Reserved IP

A Virtual IP address (VIP) is a public IP address that can be used to access Compute resources (Web/Worker/Virtual Machines) in Azure. Each time you create a cloud service and allocate compute resources, a VIP is automatically assigned to it. VMs within the cloud service are able to be configured to receive inbound communication via the VIP by using a specified port number.

Reserved IP allows you to reserve a public Virtual IP address in Azure, which you can then associate to a new cloud service. The Reserved IP address is sticky, meaning once it’s associated with the cloud service, it won’t change unless you decide to disassociate it. In a Virtual Machine scenario, If you have to shut down all the VMs of your Cloud Service, the VMs will be marked as dellocated and the VIP will be release. Powering on any VM will request a new VIP to Azure, which will not be necessary the same that you received previously. The Reserved IP address will remain associated with your cloud service even when all the VMs in the cloud service are stopped/deallocated.

At this time, you can’t reserve an IP address for a cloud service that you have already created.

Pricing? http://azure.microsoft.com/en-us/pricing/details/ip-addresses/
The 5 first VIP reservation are free of charge, Azure Subscription is limited to 5 VIP reservation. Now, if you need to have more VIP reservation, you could contact Azure support to extend your subscription limit. There, the price will be that same than a PIP which is about 3€/month.

Example:

New-AzureReservedIP –ReservedIPName “MyReservedIP” –Label “ReservedIPLabel” –Location “East US”

New-AzureVMConfig -Name "CloudServer1" -InstanceSize “Small” –ImageName “Name_of_image”| Add-AzureProvisioningConfig -Windows -AdminUsername “cloudadmin” -Password “ABC123”| New-AzureVM -ServiceName "MyCloudServers" –ReservedIPName “MyReservedIP” -Location "East US"

Conclusion

A PIP is a Public IP dedicated to a Virtual Machine, no endpoint configuration required. A PIP could be reserved for existing Virtual Machine. A PIP is not persistent.
A VIP is a Public IP that will be shared (based on Port) between all the VMs of a Cloud Service. A VIP could be reserved only for new Cloud Service. The reservation is maintained even if all the VMs are dellocated.

Tweet about this on TwitterShare on FacebookShare on LinkedInShare on Google+Email this to someoneShare on TumblrPin on PinterestDigg thisShare on RedditFlattr the authorBuffer this pageShare on StumbleUpon

About Christopher Keyaert

Christopher Keyaert is a Consultant, focused on helping partners to leverage the System Center and Microsoft Azure cloud platform. He is also a Microsoft Most Valuable Professional (MVP) for Cloud and Data Center Management and a Microsoft Certified Trainer (MCT).
This entry was posted in Uncategorized. Bookmark the permalink.

5 Responses to Microsoft Azure: Public IP and Reserved IP

  1. Great blog post. I wrote a blog post for a while back on how to assign a VIP to an existing cloud service, https://systemcenterpoint.wordpress.com/2014/10/17/assigning-a-public-reserved-ip-to-existing-azure-cloud-service/

  2. sbobet says:

    I like many of Microsoft’s products. And also performing well

  3. Raghu says:

    If I do not want to use PIP for the VMs can we disable it?

  4. sunnyzhi says:

    how to get a ReservedIP location in HongKong ,ip address like “207.46.87.0/24” ? thank you

  5. Mark Monster says:

    Hi Christopher,

    I’m wondering if the public ip has evolved, acting similarly as a reserved ip.

    The documentation now says: To ensure the IP address for the associated resource remains the same, you can set the allocation method explicitly to static. In this case an IP address is assigned immediately. It is released only when you delete the resource or change its allocation method to dynamic.

    Just wondering if you would know if I can safely use a public ip set to static allocation with the expectation it to be reserved.

    Best,

    Mark Monster

Leave a Reply

Your email address will not be published. Required fields are marked *