Table of Contents
Internet is a web of interconnected networks. The communication over the internet happens using the Public IP addresses only. Private networks be it on-prem or on Azure VNETs make use of private IP addresses defined in RFC 1918 for communication and aren’t routable over the internet. In this post we will learn some of the properties of the Azure Public IPs and also understand their usage and some limitations.
What are Azure Public IPs?
In order to access the Azure resources i.e., web servers sitting inside a private VNET in Azure from the internet you will need to assign these Azure resources with a public IP address. This same public IP address can also be used for outbound connections from Azure resources towards the internet. Azure resources that don’t have a public IP address assigned can communicate to the internet via Network address translation service.
A Public IP address in Azure is created as an independent resource which is then bound to another Azure resource. Few resources to which you can assign or unassign a public IP address are as follows:
- Virtual machine network interfaces
- Virtual machine scale sets
- Public Load Balancers
- Virtual Network Gateways (VPN/ER)
- NAT gateways
- Application Gateways
- Azure Firewall
- Bastion Host
- Route Server
Public IP assigned can be an IPV4 or IPV6 address.
Azure Public IPs: Types
An Azure Public IP can be dynamic or can be static.
- Dynamic Public IPs – These IPs can change over the lifespan of the Azure Resource and are usually assigned at start or creation of Azure resources. For example, when an Azure VM is powered off and then powered on it will be assigned a new Public IP dynamically and won’t have the same public IP which it had before powering the VM off. Since, there is a cost associated with Public IPs and we don’t retain these IPs while Azure resources are powered Off, this option is more cost effective when compared to static Public IPs.
- Static Public IPs – This type of Public IP doesn’t change over the lifespan of Azure resources and is retained even when the Azure resource is powered off or not in use. It is released only when you delete the resource or change the IP allocation method to dynamic.
Azure Public IPs: SKU options
The Public IPs from Azure are available in two SKU options:
- Basic SKU – Basic SKU supports both static and dynamic assignments. It doesn’t support Availability Zones. It is recommended use of NSGs for traffic restrictions as it is open to all communication by default. The Basic SKU is available free to use.
- Standard SKU – Standard SKU supports only static assignments. It supports Availability Zones. Standard IPs are secure by default and closed to inbound traffic. The Standard SKU has many additional features and it is a paid version.
Difference between Basic & Standard SKU
Let’s compare the two SKU options in details by comparing different aspects through a comparison table:
Are you preparing for your next interview?
Please check our e-store for e-book on Microsoft Azure Interview Q&A. All the e-books are in easy to understand PDF Format, explained with relevant Diagrams (where required) for better ease of understanding.