X

The latest cloud infrastructure announcements, technical solutions, and enterprise cloud insights.

Bring your own IP (BYOIP) on Oracle Cloud Infrastructure

Ajay Chhabria
Sr. Solution Architect

Modern enterprises are constantly evolving and moving workloads to the public cloud and also want to leverage their existing IP addresses. At Oracle, we understand that managing the migration of IP addresses can be one of the most challenging aspects of a cloud migration for network administrators.

We are pleased to announce that you can now Bring Your Own IP on Oracle Cloud Infrastructure (OCI). BYOIP provides a Public IP management solution that allows customers to bring their own publicly routable CIDR blocks issued by a Regional Internet Registry to OCI. A BYOIP prefix validation process will be completed via an integrated workflow with OCI. OCI will ensure correct ownership of the requested CIDR range. After validation, the requestor will be notified that the prefix is available for advertisement. The network administrators will have full control of the IP address range with the ability to start or stop BYOIP advertisements when needed. They can create one or many public IP pools from their address space by specifying IP CIDR ranges from the BYOIP prefixes and use IP pools for resource allocation. The network administrators can assign these IPs to compute instances, load balancers and NAT gateways. The Irange can be a minimum of /24 to maximum of /8 per Oracle region. The public IP addresses created from BYOIP address prefixes work the same way as Public IP addresses you get from OCI. This feature is now available in all commercial regions.

Use cases

The BYOIP feature supports a wide range of use cases. These use cases are:

Lift and shift workloads

In certain scenarios such as on-premises to OCI migration it can be a requirement for a provider that their application’s IP address remains the same. BYOIP in OCI will allow the providers to minimize their downtime during migration by simultaneously advertising their IP address prefix from OCI and withdrawing it from the on-premise.

Hard-coded dependencies

Several service providers have IPs hardcoded in devices or have built architectural dependencies on their IPs. An inability to leverage their own public IP space forces the provider to create new policies and management processes that results into OCI IP address limitations. Without BYOIP, the provider would have asked all their consumers to change their IPs in their DNS entries from the provider's IP addresses to Oracle assigned IP addresses. This can be disruptive to the service providers end consumers.

Allowing dependencies

If your applications are using IP addresses that your partners and consumers have whitelisted in their firewalls, you can now move these applications to OCI without requiring them to change their IP address whitelists. BYOIP enables such providers hassle free migration to OCI.

Service differentiation

Some network administrators require the ability to use specific ranges of addresses for specific resources like load balancers, firewalls, web servers, etc. BYOIP IP Pool management can provide that ease of management to the network admins.

IP reputation

The IP addresses used by some service providers have a good Internet reputation accrued over many years of responsible service. BYOIP in OCI will help such providers to maintain that reputation between services such as major email service providers and mail delivery systems.

How to Configure BYOIP

The BYOIP Feature introduces a new section called IP Management under the Networking tab on the OCI console. Once you add a CIDR block and give it a name, it will bring you to the page shown below where it provides a validation token. This validation token is unique for every CIDR block you provide and the next step is to take this token to the internet registry (ARIN/RIPE/etc). After you have added the token to the registry, you may want to come back to this page and click on the "Finish Import". You may notice that the "Advertise" option is grayed out since the prefix is not as yet validated and provisioned.

A screenshot of the BYOIP Detail screen with the Next Steps window outlined in red.

After the "Finish Import" request is submitted, there will be a work request generated as seen in the picture below. The network administrator can monitor the work request to view the progress of moving your own IPs, which could take up to 10 business days. You will be notified via email once this process is complete.

A screenshot of the BYOIP screen, showing the work requests, with the status outlined in red.

Once the CIDR block has been successfully provisioned, the "Advertise" button would be enabled (see picture below) and the entire CIDR block (in this case 256 IPs) remain unassigned to any pool. "Manage BYOIP CIDR Blocks" button takes you to the option of assigning the CIDRs to a pool. You must add BYOIP CIDR blocks to IP pools to use them with your OCI resources. You can divide CIDR blocks into smaller segments to suit your needs. 

A screenshot of the BYOIP Details screen with the Advertise option and IP Pool outlined in red.

In order to assign CIDR ranges to a pool, the user has an option to select from the previously created pools or create a new IP pool and assign the respective CIDR blocks. The user also has an option to switch between different compartments.

A screenshot of the Manage BYOIP CIDR Block screen with list of CIDR blocks.A screenshot depicting the Add to Public IP Pool screen.

Before we create an OCI resource with the BYOIP CIDR blocks, lets understand some terminology.

There are two types of public IPs in OCI:

  • Ephemeral: Think of it as temporary and existing for the lifetime of the instance.
  • Reserved: Think of it as persistent and existing beyond the lifetime of the instance it's assigned to. You can un-assign it and then reassign it to another instance whenever you like. See Overview of Public IP Addresses.

A screenshot of the Create NAT Gateway screen, showing the options for IP address sources.

Lastly, in order to create an OCI resource with the BYOIP address, you can either select the existing reserved IP address or create a new one selecting the appropriate pool.

Note: The "Oracle" option in the pre-existing IP pools refers to the set of IP addresses Oracle provides for use by OCI customers. The network admins will not be able to manage or edit the Oracle defined pool.

Conclusion:

This blog shows how a network admin/network user can Bring Your Own IP address range to OCI with minimal configuration. I hope that you enjoyed reading this blog on BYOIP. Now, when you design and plan your migration on Oracle Cloud Infrastructure, you can use this functionality to let you smartly move workloads with minimal downtime.

If you plan to keep your current IP address range to help with migrating to OCI or preserving your IP reputation is important to you or your application, BYOIP for OCI now offers one of the easiest IP preservation solutions.

With both the ability to bring your IP address range to OCI and use this range in the form of Reserved IPs, or even de-provision and migrate your IP address range back to your on-premises if needed, Oracle's Bring Your Own IP greatly simplifies how you can use your CIDR address range on OCI.

For more information about the BYOIP feature, see BYOIP Concepts and IP Pools.

Join the discussion

Comments ( 1 )
  • Eswar Sunday, October 25, 2020
    This is really great feature.
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.Captcha