How to use Azure Public IP Addresses

When designing an Azure Application Architecture, the Public IP Addresses are one thing which every Azure Architect / Azure Developer should take into consideration.

There are 2 types of allocation methods for the Public IP Addresses,

  • Static: – As the name suggests it is allocated on static based and doesn’t change over time.
  • Dynamic: – It is dynamic and it can change based on your Azure resources getting “Associated / Dissociated” with the Public IP Address.

Please note that the allocation method to static does not imply that we can specify actual IP address assigned to the public IP address resource. Azure assigns the IP address from a pool of available IP addresses in the given Azure location the resource is created in.

A full list of IP Ranges which are available for Customers can be downloaded at Microsoft Public IP Range List.

The Public IP Addresses can be allocated one at a time, or a full range based on requirement using Public IP prefix resource.



Public IP Address Associated Resources

The Public IP Addresses in Azure can be used by different set of Azure Resources for Networking purposes as below: –

  • Application Gateways (Hosting application load balancing and Web application Firewalls)
  • VPN Gateways (Connectivity for On-premise and Virtual Network interconnection)
  • Azure Firewall (used for NATting (DNAT / SNAT) and application traffic filtering)
  • Virtual machines (core part of VMs)
  • Public Load Balancers

Here is a brief summary of what all type of IP Addressing modes and allocations are supported by each of the above Resources



Supported Addressing Modes

ResourceIP Address AssociationDynamicStaticIPv4IPv6
Application gatewayFront-end configurationYes (V1 only)Yes (V2 Only)YesYes
VPN gatewayGateway IP configurationYesNoYesNo Support for ExpressRoute Circuits
Azure FirewallFront-end configurationNoYesYesYes
Virtual machinesNetwork interfaceYesYesYesYes
Public Load BalancerFront-end configurationYesYesYesYes ((No load balancing support for Secondary Network Interface of the VM having IPV6 address space in VNET)
IPV4 / IPV6 dual-stack hosting is very much supported.

There is a limit to how many Public IP Addresses that you can create. You should contact Azure Support when you want to increase the Networking limits.



Happy Reading. See you next time !