A public IP address prefix is a reserved range of IP addresses in Azure. Azure gives a contiguous range of addresses to your subscription based on how many you specify
When you request an IP you will receive one from the general pool of available addresses and it is very unlikely you will receive multiple IPs in the same range.
Instead of requesting a single static IP you can request a Prefix, which will give you a contiguous range of IP addresses. You can then assign IP’s from this range to your VM’s, Load Balancers and other resources. The benefit of this is that you get a a contiguous range of IP’s that you know the addresses of up front, which you can then allocate as required. This means that if you need to work with customers of service providers to whitelist your IP’s you can now do this with a set range, rather than having to update this each time you create a new IP in Azure.
Public IP addresses are assigned from a pool of addresses in each Azure region. You create a public IP address prefix in an Azure region and subscription by specifying a name, and how many addresses you want the prefix to include. Public IP address ranges are assigned with a prefix of your choosing. If you create a prefix of /28, Azure gives 16 ip addresses from one of its ranges. You don’t know which range Azure will assign until you create the range, but the addresses are contiguous.
Why create a public IP address prefix?
When you create public IP address resources, Azure assigns an available public IP address from any of the ranges used in that region.
Until Azure assigns the IP address, you won’t know the exact IP. This process can be problematic when you create firewall rules that allow specific IP addresses. For every IP address added, a corresponding firewall rule must be added.
When you assign addresses to your resources from a public IP address prefix, firewall rule updates aren’t required. The entire range is added to the rule.
Available Prefixes are
- /28 (16 addresses)
- /29 (8 addresses)
- /30 (4 addresses)
- /31 (2 addresses)
Public IP Prefixes are limited by the number of Standard Public IPs in a subscription. Public IP prefix length is limited by 16 contiguos address (/28). You can have a Maximum of 5000 IP prefixes per IP Group.
- Creation of public IP address resources from a known range.
- Firewall rule configuration with ranges that include public IP addresses you’ve currently assigned, and addresses you haven’t assigned yet. This configuration eliminates the need to change firewall rules as you assign IP addresses to new resources.
- The default size of a range you can create is /28 or 16 IP addresses.
- There aren’t limits as to how many ranges you can create. There are limits on the maximum number of static public IP addresses you can have in an Azure subscription. The number of ranges you create can’t encompass more static public IP addresses than you can have in your subscription.
- The addresses that you create using addresses from the prefix can be assigned to any Azure resource that you can assign a public IP address to.
- You can easily see which IP addresses that are given and not given within the range.
Create a Public IP Adress Prefix
$ResourceGroupName = "RG-DEMO-NE" $location = "northeurope" $prefixName = "PIP-Range-NE" $pipRange = New-AzPublicIpPrefix -Name $prefixName ` -ResourceGroupName $ResourceGroupName ` -PrefixLength 28 ` -Location $location ` -IpAddressVersion IPv4 ` -Sku Standard
Create a public IP using Azure public prefix
$publicIpName = "pip-demo" New-AzPublicIpAddress -Name $publicIpName ` -ResourceGroupName $ResourceGroupName ` -Location $location ` -PublicIpPrefix $pipRange ` -AllocationMethod Static ` -Sku Standard
Remove a used public IP from the range
Remove-AzPublicIpAddress -Name $publicIpName ` -ResourceGroupName $ResourceGroupName ` -Force
Remove an Azure public IP prefix
Remove-AzPublicIpPrefix -Name $pipRange ` -ResourceGroupName $ResourceGroupName ` -Force