Azure Public IP

  • Author: Ronald Fung

  • Creation Date: 30 May 2023

  • Next Modified Date: 30 May 2024

A. Introduction

Public IP addresses allow Internet resources to communicate inbound to Azure resources. Public IP addresses enable Azure resources to communicate to Internet and public-facing Azure services. You dedicate the address to the resource until you unassign it. A resource without a public IP assigned can communicate outbound. Azure dynamically assigns an available IP address that isn’t dedicated to the resource. For more information about outbound connections in Azure, see Understand outbound connections.

In Azure Resource Manager, a public IP address is a resource that has its own properties.

The following resources can be associated with a public IP address:

  • Virtual machine network interfaces

  • Virtual Machine Scale Sets

  • Public Load Balancers

  • Virtual Network Gateways (VPN/ER)

  • NAT gateways

  • Application Gateways

  • Azure Firewalls

  • Bastion Hosts

  • Route Servers

For Virtual Machine Scale Sets, use Public IP Prefixes.

B. How is it used at Seagen

As a biopharma research company using Microsoft Azure, Seagen could use Azure Public IP to enable public internet connectivity to Azure resources, such as virtual machines, load balancers, and application gateways. Here are some ways Seagen could use Azure Public IP:

  1. Host public-facing applications: Azure Public IP allows Seagen to host public-facing applications in Azure, such as web applications or APIs, that require public internet connectivity.

  2. Enable remote access: Azure Public IP allows Seagen to enable remote access to Azure resources, such as virtual machines, over the public internet. This can enable remote management or remote access to applications.

  3. Load balancing: Azure Public IP allows Seagen to configure load balancers to distribute traffic across multiple virtual machines or services. This can improve the availability and scalability of applications.

  4. NAT gateway: Azure Public IP allows Seagen to configure NAT gateways to enable internet access for virtual machines or services that do not have a public IP address.

  5. Security: Azure Public IP allows Seagen to configure security rules, such as network security groups or firewall rules, to restrict access to Azure resources from the public internet.

Overall, Azure Public IP provides a powerful tool for enabling public internet connectivity to Azure resources. Its ability to host public-facing applications, enable remote access, configure load balancing, provide NAT gateway functionality, and support security policies makes it a valuable tool for organizations, such as Seagen, that require public internet connectivity for their enterprise applications and workloads.

C. Features

Azure Public IP is a service that provides public internet connectivity to Azure resources, such as virtual machines, load balancers, and application gateways. Some of the key features of Azure Public IP include:

  1. Public internet connectivity: Azure Public IP provides public internet connectivity to Azure resources, allowing users to access these resources from anywhere on the public internet.

  2. Static IP address: Azure Public IP provides a static IP address that remains constant even if the Azure resource is stopped or restarted. This ensures that users can always access the resource using the same IP address.

  3. Load balancing: Azure Public IP allows users to configure load balancers to distribute traffic across multiple virtual machines or services. This can improve the availability and scalability of applications.

  4. NAT gateway: Azure Public IP allows users to configure NAT gateways to enable internet access for virtual machines or services that do not have a public IP address.

  5. Security: Azure Public IP allows users to configure security rules, such as network security groups or firewall rules, to restrict access to Azure resources from the public internet.

  6. Geo-redundancy: Azure Public IP provides geo-redundancy by replicating public IP addresses across multiple regions, ensuring high availability and disaster recovery.

  7. Integration with other Azure services: Azure Public IP is integrated with other Azure services, such as Azure Virtual Network and Azure Load Balancer, which can enhance the security and performance of accessing Azure resources.

Overall, Azure Public IP provides a powerful tool for enabling public internet connectivity to Azure resources. Its ability to provide static IP addresses, configure load balancing, provide NAT gateway functionality, support security policies, provide geo-redundancy, and integrate with other Azure services makes it a valuable tool for organizations that require public internet connectivity for their enterprise applications and workloads.

D. Where Implemented

LeanIX

E. How it is tested

Testing Azure Public IP involves several steps that include:

  1. Creating a test environment: The first step is to create a test environment that is separate from the production environment. This ensures that any issues or bugs discovered during testing do not affect the live system.

  2. Configuring Azure Public IP: The next step is to configure Azure Public IP for the Azure resources that need to be accessed over the public internet. This involves creating public IP addresses, setting up network security groups, and configuring routing rules.

  3. Testing connectivity: Once Azure Public IP is configured, the next step is to test connectivity. This involves verifying that the Azure resources can be accessed over the public internet and that traffic is not blocked or interrupted.

  4. Testing load balancing: After testing connectivity, the next step is to test load balancing. This involves verifying that load balancers are properly configured to distribute traffic across multiple virtual machines or services.

  5. Testing NAT gateway functionality: After load balancing is tested, the next step is to test NAT gateway functionality. This involves verifying that NAT gateways are properly configured to enable internet access for virtual machines or services that do not have a public IP address.

  6. Testing security: Once NAT gateway functionality is tested, the next step is to test security. This involves verifying that network security groups or firewall rules are properly configured to restrict access to Azure resources from the public internet.

  7. Integration testing: After Azure Public IP has been tested, it must be integrated with other systems and applications to ensure that it works seamlessly with other components.

  8. User acceptance testing: Finally, Azure Public IP must undergo user acceptance testing to ensure that it meets the requirements of the end-users.

Overall, testing Azure Public IP involves a comprehensive testing approach that covers all the functionalities of the solution and ensures that it meets the requirements of the end-users. Testing should include both functional and non-functional testing, such as performance testing, security testing, and scalability testing. It is also important to test the integration of Azure Public IP with other systems and applications to ensure that it works seamlessly with other components. It is recommended to test Azure Public IP in a test environment before deploying it in a production environment to minimize the risk of issues during production use.

F. 2023 Roadmap

????

G. 2024 Roadmap

????

H. Known Issues

Like all software products, Azure Public IP may have some known issues. Here are some of the known issues of Azure Public IP:

  1. IP address conflicts: Azure Public IP may have issues with IP address conflicts, such as IP addresses being assigned to multiple resources, which can cause connectivity issues.

  2. Security issues: Azure Public IP may have issues with security, such as network security groups not being configured correctly or firewall rules not working as expected, which can expose resources to security risks.

  3. Load balancing issues: Azure Public IP may have issues with load balancing, such as load balancers not being configured correctly or not working as expected, which can impact the availability and scalability of applications.

  4. NAT gateway issues: Azure Public IP may have issues with NAT gateway functionality, such as NAT gateways not being configured correctly or not working as expected, which can impact the ability of organizations to use Azure Public IP for their enterprise applications and workloads.

  5. Integration issues: Azure Public IP may have integration issues when integrating with other Azure services or third-party applications, which can impact the ability of organizations to use Azure Public IP for their enterprise applications and workloads.

Overall, while Azure Public IP is a powerful solution for enabling public internet connectivity to Azure resources, users must be aware of these known issues and take steps to mitigate their impact. This may include addressing IP address conflicts, ensuring correct network security group configurations, monitoring load balancing and NAT gateway functionality, and ensuring compatibility and integration with other systems and applications. It is also important to carefully plan and test the use of Azure Public IP to minimize the risk of issues during production use.

[x] Reviewed by Enterprise Architecture

[x] Reviewed by Application Development

[x] Reviewed by Data Architecture