Azure Networking

Azure Bring your own Public IP Addresses

You can now bring your APNIC allocated Public IP Addresses into Azure

Microsoft has now released the general availability of BYOIP (Bring Your Own IP) to all regions of Azure! This is exciting news because existing public IPs can be kept and reused when planning on-premises migrations to the cloud. You might want to do this to either keep an established IP reputation or to suit the dependencies of customers.

You need to use Azure’s Custom IP Prefix resource to do this. This is what’s going to let you bring your public IPv4 ranges to the cloud and use them in the way you would use any other public Azure-owned IP ranges. Once you’ve migrated your IPs, they can be used with other resources, private IPs or VNETs, and they can export data from Microsoft’s Wide Area Network.

Supplying a custom IP range

First, to use your public IP range in Azure, you must own the range and have it registered with a Routing Internet Registry. Then, the migration can be done through your Azure Portal, Azure PowerShell, Azure CLI or through Azure Resource Manager (ARM) templates. Your range must be at least a /24 (256 IP addresses) or greater to be accepted by ISPs (Internet Service Providers). Once you’ve created your Custom IP Prefix resource, Microsoft will run you through some authentication steps to validate your ownership of the IP range.

It’s important to note that your IP addresses will still remain under your ownership when you migrate, but Microsoft is allowed to advertise it from their WAN (Wide Area Network). Each range will also be linked to an Azure region.

Using your custom IP range

After you’ve put your IP range into Azure, you can begin to use your IP addresses from the range. You can choose to begin assigning addresses to resources or advertising the range prior to assigning. Microsoft will start advertising your range within Azure and to the internet once you go ahead with commissioning it. The region associated with the range will also have the IP posted publicly.

Assigning the custom IPs requires creating a prefix for the public IP, which allows you to distribute individual public IP addresses. Prefixes for the range can be taken from other subscriptions (assuming you have the right permissions).

You can link your IP with resources that support Standard SKU public IPs. This includes, but isn’t limited to, virtual machines, Azure Firewalls and Standard Public Load Balancers. You are charged for egress bandwidth, but not for the maintenance or hosting of your Public IP Prefix.

Onboarding IP Prefix Flow