IP addresses in Azure fall into two categories: dynamic and reserved. Public IP addresses managed by Azure are dynamic by default. That means that the IP address used for a given cloud service (VIP) or to access a VM or role instance directly (ILPIP) can change from time to time, when resources are shutdown or deallocated.
To prevent IP addresses from changing, you can reserve an IP address. Reserved IPs can be used only as a VIP, ensuring that the IP address for the cloud service will be the same even as resources are shutdown or deallocated. Furthermore, you can convert existing dynamic IPs used as a VIP to a reserved IP address.
Important:
Azure has two different deployment models for creating and working with resources: Resource Manager and classic. This article covers using the classic deployment model. Microsoft recommends that most new deployments use the Resource Manager model.
When do I need a reserved IP?
- You want to ensure that the IP is reserved in your subscription. If you want to reserve an IP address that will not be released from your subscription under any circumstance, you should use a reserved public IP.
- You want your IP to stay with your cloud service even across stopped or deallocated state (VMs). If you want your service to be accessed by using an IP address that will not change even when VMs in the cloud service are stop or deallocated.
- You want to ensure that outbound traffic from Azure uses a predictable IP address. You may have your on-premises firewall configured to allow only traffic from specific IP addresses. By reserving an IP, you will know the source IP address and won’t have to update your firewall rules due to an IP change.
How to manage reserved VIPs
Before you can use reserved IPs, you must add it to your subscription. To create a reserved IP from the pool of public IP addresses available in the Central US location, run the following PowerShell command:
New-AzureReservedIP –ReservedIPName MyReservedIP –Location "Central US"
Notice, however, that you cannot specify what IP is being reserved. To view what IP addresses are reserved in your subscription, run the following PowerShell command, and notice the values for ReservedIPName and Address:
Get-AzureReservedIP
ReservedIPName : MyReservedIP
Address : 23.101.114.211
Id : d73be9dd-db12-4b5e-98c8-bc62e7c42041
Label :
Location : Central US
State : Created
InUse : False
ServiceName :
DeploymentName :
OperationDescription : Get-AzureReservedIP
OperationId : 55e4f245-82e4-9c66-9bd8-273e815ce30a
OperationStatus : Succeeded
Once an IP is reserved, it remains associated to your subscription until you delete it. To delete the reserved IP shown above, run the following PowerShell command:
Remove-AzureReservedIP -ReservedIPName "MyReservedIP"
How to reserve the IP address of an existing cloud service
You can reserve the IP address of an existing cloud service by adding the -ServiceName parameter. To reserve the IP address of a cloud service TestService in the Central US location, run the following PowerShell command:
New-AzureReservedIP –ReservedIPName MyReservedIP –Location "Central US" -ServiceName TestService
How to remove a reserved IP from a running deployment
To remove the reserved IP added to the new service created in the script above, run the following PowerShell command:
Remove-AzureReservedIPAssociation -ReservedIPName MyReservedIP -ServiceName TestService
Assign Reserved IP to Service.
Executing this command on Azure Power Shell will assign a reserved public IP to an existing virtual machine:
Set-AzureReservedIPAssociation -ReservedIPName MyReservedIP -ServiceName TestVMService
Remove Reserved IP from a deployed Service
Executing this command on Azure Power Shell will remove a reserved public IP to an existing virtual machine:
Remove-AzureReservedIPAssociation -ReservedIPName MyReservedIP -ServiceName TestVMService
Get All reserved Public IP Details
Get-AzureReservedIP