Modern enterprises are constantly evolving and moving workloads to the public cloud and also want to leverage their existing IP addresses. At Oracle, we understand that managing the migration of IP addresses can be one of the most challenging aspects of a cloud migration for network administrators.
We are pleased to announce that you can now Bring Your Own IP on Oracle Cloud Infrastructure (OCI). BYOIP provides a Public IP management solution that allows customers to bring their own publicly routable CIDR blocks issued by a Regional Internet Registry to OCI. A BYOIP prefix validation process will be completed via an integrated workflow with OCI. OCI will ensure correct ownership of the requested CIDR range. After validation, the requestor will be notified that the prefix is available for advertisement. The network administrators will have full control of the IP address range with the ability to start or stop BYOIP advertisements when needed. They can create one or many public IP pools from their address space by specifying IP CIDR ranges from the BYOIP prefixes and use IP pools for resource allocation. The network administrators can assign these IPs to compute instances, load balancers and NAT gateways. The IP range can be a minimum of /24 to maximum of /8 per Oracle region. The public IP addresses created from BYOIP address prefixes work the same way as Public IP addresses you get from OCI. This feature is now available in all commercial regions.
The BYOIP feature supports a wide range of use cases. These use cases are:
In certain scenarios such as on-premises to OCI migration it can be a requirement for a provider that their application’s IP address remains the same. BYOIP in OCI will allow the providers to minimize their downtime during migration by simultaneously advertising their IP address prefix from OCI and withdrawing it from the on-premise.
Several service providers have IPs hardcoded in devices or have built architectural dependencies on their IPs. An inability to leverage their own public IP space forces the provider to create new policies and management processes that results into OCI IP address limitations. Without BYOIP, the provider would have asked all their consumers to change their IPs in their DNS entries from the provider's IP addresses to Oracle assigned IP addresses. This can be disruptive to the service providers end consumers.
If your applications are using IP addresses that your partners and consumers have whitelisted in their firewalls, you can now move these applications to OCI without requiring them to change their IP address whitelists. BYOIP enables such providers hassle free migration to OCI.
Some network administrators require the ability to use specific ranges of addresses for specific resources like load balancers, firewalls, web servers, etc. BYOIP IP Pool management can provide that ease of management to the network admins.
The IP addresses used by some service providers have a good Internet reputation accrued over many years of responsible service. BYOIP in OCI will help such providers to maintain that reputation between services such as major email service providers and mail delivery systems.
The BYOIP Feature introduces a new section called IP Management under the Networking tab on the OCI console. Once you add a CIDR block and give it a name, it will bring you to the page shown below where it provides a validation token. This validation token is unique for every CIDR block you provide and the next step is to take this token to the internet registry (ARIN/RIPE/etc). After you have added the token to the registry, you may want to come back to this page and click on the "Finish Import". You may notice that the "Advertise" option is grayed out since the prefix is not as yet validated and provisioned.
After the "Finish Import" request is submitted, there will be a work request generated as seen in the picture below. The network administrator can monitor the work request to view the progress of moving your own IPs, which could take up to 10 business days. You will be notified via email once this process is complete.
Once the CIDR block has been successfully provisioned, the "Advertise" button would be enabled (see picture below) and the entire CIDR block (in this case 256 IPs) remain unassigned to any pool. "Manage BYOIP CIDR Blocks" button takes you to the option of assigning the CIDRs to a pool. You must add BYOIP CIDR blocks to IP pools to use them with your OCI resources. You can divide CIDR blocks into smaller segments to suit your needs.
In order to assign CIDR ranges to a pool, the user has an option to select from the previously created pools or create a new IP pool and assign the respective CIDR blocks. The user also has an option to switch between different compartments.
Before we create an OCI resource with the BYOIP CIDR blocks, lets understand some terminology.
There are two types of public IPs in OCI:
Lastly, in order to create an OCI resource with the BYOIP address, you can either select the existing reserved IP address or create a new one selecting the appropriate pool.
Note: The "Oracle" option in the pre-existing IP pools refers to the set of IP addresses Oracle provides for use by OCI customers. The network admins will not be able to manage or edit the Oracle defined pool.
This blog shows how a network admin/network user can Bring Your Own IP address range to OCI with minimal configuration. I hope that you enjoyed reading this blog on BYOIP. Now, when you design and plan your migration on Oracle Cloud Infrastructure, you can use this functionality to let you smartly move workloads with minimal downtime.
If you plan to keep your current IP address range to help with migrating to OCI or preserving your IP reputation is important to you or your application, BYOIP for OCI now offers one of the easiest IP preservation solutions.
With both the ability to bring your IP address range to OCI and use this range in the form of Reserved IPs, or even de-provision and migrate your IP address range back to your on-premises if needed, Oracle's Bring Your Own IP greatly simplifies how you can use your CIDR address range on OCI.