Static and Dynamic Addressing – Virtual Networking
IP addresses can be assigned or allocated in two ways, statically or dynamically. In on-premises, we had a similar concept of fixed IP addresses for our resources; a static IP address is the same logic. With statically assigned IP addresses, the IP addresses do not change. If you don’t opt for static allocation, the IP address will be dynamically allocated. Dynamic allocation does not reserve the IP address, and once your server is restarted, the IP address will be gone, and you will be assigned a new IP address. Having said that, you can use DNS labels to get a static addressing type of experience. While using DNS labels, Azure will make sure that even if the IP address changes, the DNS record will always point to the current IP address.
Though dynamic IP address allocation with DNS labels can help tackle changing IP addresses, static IP allocation is recommended for the following scenarios:
- Apps or services that require a static IP address for IP address–based security models
- TLS/SSL certificates linked to a specific IP address
- Firewalls that are using IP-based filtering rules
- Domain controllers or DNS servers
Understanding these allocation methods is particularly important for an administrator, as you should be able to decide which one is ideal for your workloads. Now let’s learn about the difference between private and public IP addresses.
Private IP Addresses
Private IP addresses are used for facilitating private communications within your Azure resources and with on-premises resources if you are using a VPN or ExpressRoute connection. Private IP addresses can be associated with a network interface card (NIC) of the virtual machines, internal load balancers, and application gateways. We will cover load balancers and application gateways in Chapter 4. For the time being, understand that these are load balancing solutions used to maintain high availability.
Dynamic and static allocation is supported by Azure. When you create a virtual network, the address space you use denotes the private IP address space, and when you create a resource such as a VM, then a private IP address from the associated subnet is assigned to the resource. In the case of dynamic assignment, the next available IP address from the subnet range is assigned to the resource. This process is similar to the DHCP process you saw on-premises where IP addresses are allocated dynamically using a DHCP server. Dynamic assignment is the default method.
When it comes to static assignment, you can pick an IP address from the address range of the subnet and assign it to your resource. The point to note here is you should make sure that the IP address is not assigned to any other resource. Nevertheless, Azure will stop you from using an IP address already allocated to another resource.
In Exercise 3.1, you will see how you can create a virtual network using the Azure portal.