3.17 Private and Public IP Addresses

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *

Already have an account? Sign In »

18 hours 43 minutes
Video Transcription
Welcome back In this episode, we're gonna take a look at a resource we're already familiar with private and public I P addresses and a little bit more detail.
My objectives include learning a little bit more about private I p address public I P addresses and then taking Look at a Demo and Satyr. Roger Portal.
So let's start with Private I p addresses. Private I P addresses allow for communication within our azure virtual networks as well as our own premises networks. When we have a VPN gateway configured
private I P addresses can be I p V four or I p V six, and they are assigned a ble to virtual network interfaces, internal load balancers and application gateways.
You'll typically see private I P addresses and something like the 1 92.1 68 range, or 1 72.16 or 10 dot network.
So how are private I P addresses allocated First, the private I P address comes from the range that we define in our virtual network sub net.
We've seen this quite a bit throughout our demos. In this course. For example, if we have the sub net range 1 90 to 1 68 10 with a 24 bit subject mask. Then we have 256 I p addresses available.
However, you might have noticed during the demos that when we create a sub net like this, it says there are only 251 I p addresses available. This is because five I p addresses in the seven it are reserved for azure.
This is the 1st 4 I P addresses and the last I p address are set aside. After this, we have two options. The first is dynamic allocation. This means that Azure will assign the next available i p address to the resource.
If the resource is powered down or removed, Azure will dynamically reuse that I p address for the next resource.
Then, of course, we have static allocation. This will leave the I. P address assigned to the resource and will persist until the network interface is deleted.
Was continue on with discussing public I P addresses.
These are assigned to re sources and allow inbound Internet communication to our internal azure resource is they also allow for resource is to communicate with the Internet and other public facing at your service is with a consistent I p address. If a public I P addresses not assigned to resource that resource can still communicate with the Internet,
but it's gonna use a dynamically assigned public i p address instead.
Public I p addresses are also available, and I pee before and I p v six. However, Onley Internet load balancers can use I p v six and just like our private I P addresses, thes can be assigned to virtual machines, Internet load balancers, BP and gateways and application gateways.
Public I P addresses can also be assigned dynamically or statically. Dynamic allocation means thebe public i p address is provisioned when it is allocated to resource
and when the resource is stopped, the public i p address is then released and could be picked up by another public i p address resource.
This means you could potentially lose the public I p address when the resource is stopped.
Next we have static. Were the public I P address is allocated when the I P resource is created and as the name implies, the I P address will stay the same until the public. I p resource itself is deleted.
One difference from private I P addresses is you don't get to define a range of public I P addresses to use. This is determined by which azure region you provisioned the i P address from.
We also have public i p address skews. The first is basic, which can either be dynamically or statically allocated, and they're also opened by default. So you would need to define your own network security groups on the I P address to restrict any inbound or outbound traffic.
The next skew is standard, which is four static. I p addresses only
these air more secure by default as they automatically block all inbound traffic. And it's up to you to explicitly create rules allowing inbound traffic using network security groups.
Look, I P addresses also support availability zones, meaning service in a region is guaranteed as long as an availability zone is still up and running.
One final note about our public and private I P addresses. It is not recommended that you try and statically assigned these to your virtual machines within the operating system itself.
Azure is going to be handling this for you. Now Let's go out to the azure portal and take a look at these resources
here in our azure portal. I've already got a virtual machine provisioned so we can take a look at how to configure some of these public and private I P addresses.
As you can see on the right are current Private I p addresses tin 0.1 dot to 0.4. Let's go take a look at some of our network settings
and here next to network interface, let's go check out our V M 01 interface
and finally under settings. Go check out I p configurations
and select our I P address right down here.
And here is where we configure our private I p address to be static. So if we were to stop this virtual machine and then bring it back online later, it should keep this I p address for us. Let's go ahead and save this configuration.
Back in the overview for our virtual machine, we took note of the private I P address earlier, but right now we don't have a public I p address. Let's go create a new public i p address resource and assign it to our virtual machine
if you select, create a resource
search for public I p address
select on create.
And here we have the options that we looked at Back in our slides,
we can select our I P version and our skew. I'm gonna leave it at I p for and basic. We have our resource in name. I know. I'm gonna attach this to V M 01
I'm gonna leave the i p address assignment as dynamic and we're gonna demonstrate how When we stop the version machine and restart it, we'll get a new public I p address associated with it.
I'll select my existing resource group
and go ahead and click on Create
Let's go check out our public I p address. Resource is,
here's our new V M 01 public I p address.
And since this is a dynamically assigned one, you'll notice we don't have an I P address yet.
We're going to get one as soon as we associate it with a resource.
Let's select our resource type. Gonna choose network interface.
We're gonna choose R V M 01 network interface on a virtual machine
and after a refresh, we can see we now have a public i p address of 13.92 49.177
Let's go back to our virtual machine.
We can now see that our virtual I p address is associated with this virtual machine. Now let's go stop our virtual machine.
When we do, we get a warning that if we continue stopping the virtual machine, we're going to lose our public i p address that we have.
And if we want to, we can preserve it,
which will switch it over to a statically assigned public i p address. But I'm gonna uncheck this.
Go ahead and stop the virtual machine.
With our Virtue machine now stopped, we can see we still have the public I p address resource assigned, but it no longer has an I p address associated with it. Let's go ahead and restart our virtual machine.
And with our virtual machine restarted, we can see we have a wildly different public i p address of 40.76 43.2 for one.
All that just to show you if you need to keep your public I p address on your resource is make sure you configure a static one.
Same thing for the private I. P address
does it for a demo. Let's jump back to the slides and wrap this up,
and this next episode we're going to discuss our next topic with network troubleshooting.
See you in the next episode.
Up Next