To use elastic IP addresses (EIPs) or contiguous EIPs within a specific CIDR block, you can create an IP address pool and add the CIDR block to the IP address pool. When you create an EIP, you can specify the IP address pool to assign an IP address to the EIP.
Limits
You can add only IPv4 CIDR blocks to an IP address pool.
Each Alibaba Cloud account can create at most 16 IP address pools in each region and all IP address pools in each region can contain up to 256 IP addresses.
To use more IP addresses or IP address pools, contact your account manager.
NoteIf an IP address is assigned as an EIP, it consumes the EIP quota. If an IP address is not assigned as an EIP, it does not consume the EIP quota. You can check the EIP quota on the Quota Center page.
If you used IP address pools before 10:00:00 on June 5, 2024 and the maximum number of IP addresses in a region is greater than 256, the actual maximum number of IP addresses supported by the region is displayed on the Quota Management page.
Only BGP (Multi-ISP) lines support IP address pools of the Anti-DDoS Pro/Premium type.
When you specify an IP address pool to create EIPs:
The EIPs must use the pay-as-you-go billing method.
The IP address pool and the EIPs must belong to the same region and use the same line type.
When you create EIPs protected by Anti-DDoS Pro/Premium, you must specify an IP address pool of the Anti-DDoS Pro/Premium type.
If your Alibaba Cloud account has overdue payments, you can only delete IP address pools. For more information, see Overdue payments of IP address pools.
Billing
Item | Description |
Pricing |
|
Billing cycles and bill generation time | Hourly If the usage duration is less than 1 hour in a billing cycle, the usage duration is rounded up to 1 hour. A bill is generated 1 hour after the current billing cycle ends. The system determines the time when bills are issued. |
Procedure
Preparations
Log on to the IP address pool console and perform the following operations:
Apply for the permissions to use the IP address pool feature.
To apply for the permissions, contact your account manager.
Enable the IP address pool feature.
If you used the IP address pool feature before 10:00:00 (UTC+8) on June 5, 2024, the system automatically enables the IP address pool feature to ensure that your services can run as expected. You can skip this step.
Create an IP address pool and add CIDR blocks
Before you use an IP address pool, you must create an IP address pool and add CIDR blocks to the IP address pool. You can add CIDR blocks when you create an IP address pool. You can also add CIDR blocks based on your business requirements after you create an IP address pool.
Log on to the IP Address Pool console.
In the top navigation bar, select the region in which you want to create an IP address pool.
On the IP Address Pool page, click Create IP Address Pool.
On the Create IP Address Pool page, use one of the following methods to create an IP address pool and add a CIDR block:
Add a CIDR block when you create an IP address pool
Set the following parameters and click Submit.
Parameter
Description
IP Address Pool Name
Enter a name for the IP address pool.
Line Type
Select a line type for the IP address pool.
BGP (Multi-ISP): provides premium BGP lines across the world. BGP lines from different Internet service providers (ISPs) can be used. The optimal BGP line is automatically selected to ensure network stability. Supported ISPs are China Telecom, China Unicom, China Mobile, China Mobile Tietong, China Netcom, CERNET, NRTA, Dr. Peng Group, and Founder Broadband.
BGP (Multi-ISP) Pro: BGP (Multi-ISP) Pro improves the efficiency of data transmission from regions outside the Chinese mainland to the Chinese mainland. Compared with BGP (Multi-ISP), BGP (Multi-ISP) Pro establishes cross-border connections by using Chinese mainland ISP services to provide services to users in the Chinese mainland, excluding data centers. This reduces network latency.
NoteThe following regions support BGP (Multi-ISP) Pro: China (Hong Kong), Japan (Tokyo), Singapore, Malaysia (Kuala Lumpur), Philippines (Manila), Indonesia (Jakarta), and Thailand (Bangkok).
Security Protection
Select a protection type based on your business requirements.
Default: Default EIPs from the Default IP address pool can mitigate DDoS attacks at 5 Gbit/s or lower. For more information, see What is Anti-DDoS Origin?
Anti-DDoS Pro/Premium: EIPs allocated from IP address pools of the Anti-DDoS Pro/Premium type can mitigate DDoS attacks at the Tbit/s level.
You can select Anti-DDoS Pro/Premium only if Line Type is set to BGP (Multi-ISP).
NoteIP address pools of the Anti-DDoS Pro/Premium type are supported in the following regions: China (Hong Kong), Philippines (Manila), Japan (Tokyo), Singapore, Malaysia (Kuala Lumpur), Indonesia (Jakarta), US (Virginia), US (Silicon Valley), Germany (Frankfurt), and UK (London).
Add CIDR Block
You can turn on or off Add CIDR Block. If you turn on Add CIDR Block, you can select a method to add CIDR blocks.
Select Mask and select a mask from the drop-down list.
If you select Mask, the system can automatically create a CIDR block. The subnet mask must be 24 to 28 bits in length.
If you select Destination CIDR Block, you need to enter a CIDR block.
You can add only an IPv4 CIDR block. The CIDR block cannot start with 0 and the subnet mask must be 23 to 30 bits in length.
NoteIf you select Destination CIDR Block, you can contact your account manager to request a specific CIDR block. You can also use an on-premises CIDR block. Make sure that the on-premises CIDR block is migrated to the cloud before you use it. For more information, see Bring your public IP address range to Alibaba Cloud.
In this example, Add CIDR Block is turned on and Mask/Destination CIDR Block is specified to add CIDR blocks.
Resource Group
Select the resource group to which the IP address pool belongs.
The resource group must be a resource group that is created in Resource Management by the current Alibaba Cloud account. For more information, see Create a resource group.
Tag
Add a tag to the IP address pool.
Specify Tag Key and Tag Value.
Description
Enter a description for the IP address pool.
In the dialog box that appears, check the status of the IP address pool and click Close.
Add a CIDR bock after you create an IP address pool
NoteIf you want to add a CIDR block to an existing IP address pool, go to Step c.
Set the following parameters and click Submit.
Parameter
Description
IP Address Pool Name
Enter a name for the IP address pool.
Line Type
Select a line type for the IP address pool.
BGP (Multi-ISP): provides premium BGP lines across the world. BGP lines from different Internet service providers (ISPs) can be used. The optimal BGP line is automatically selected to ensure network stability. Supported ISPs are China Telecom, China Unicom, China Mobile, China Mobile Tietong, China Netcom, CERNET, NRTA, Dr. Peng Group, and Founder Broadband.
BGP (Multi-ISP) Pro: BGP (Multi-ISP) Pro improves the efficiency of data transmission from regions outside the Chinese mainland to the Chinese mainland. Compared with BGP (Multi-ISP), BGP (Multi-ISP) Pro establishes cross-border connections by using Chinese mainland ISP services to provide services to users in the Chinese mainland, excluding data centers. This reduces network latency.
NoteThe following regions support BGP (Multi-ISP) Pro: China (Hong Kong), Japan (Tokyo), Singapore, Malaysia (Kuala Lumpur), Philippines (Manila), Indonesia (Jakarta), and Thailand (Bangkok).
Security Protection
Select a protection type based on your business requirements.
Default: Default EIPs from the Default IP address pool can mitigate DDoS attacks at 5 Gbit/s or lower. For more information, see What is Anti-DDoS Origin?
Anti-DDoS Pro/Premium: EIPs allocated from IP address pools of the Anti-DDoS Pro/Premium type can mitigate DDoS attacks at the Tbit/s level.
You can select Anti-DDoS Pro/Premium only if Line Type is set to BGP (Multi-ISP).
NoteIP address pools of the Anti-DDoS Pro/Premium type are supported in the following regions: China (Hong Kong), Philippines (Manila), Japan (Tokyo), Singapore, Malaysia (Kuala Lumpur), Indonesia (Jakarta), US (Virginia), US (Silicon Valley), Germany (Frankfurt), and UK (London).
Add CIDR Block
You can turn on or off Add CIDR Block. If you turn on Add CIDR block, you can specify Mask or Destination CIDR Block to add CIDR blocks.
By default, Add CIDR Block is turned off.
Resource Group
Select the resource group to which the IP address pool belongs.
The resource group must be a resource group that is created in Resource Management by the current Alibaba Cloud account. For more information, see Create a resource group.
Tag
Add a tag to the IP address pool.
Specify Tag Key and Tag Value.
Description
Enter a description for the IP address pool.
In the dialog box that appears, check the status of the IP address pool and click Close.
On the IP Address Pool page, find the IP address pool to which you want to add a CIDR block and click Add CIDR Block in the Actions column.
On the CIDR Blocks tab of the details page, click Add CIDR Block.
In the Add CIDR Block dialog box, select a method to add CIDR blocks and click OK.
Select Mask and select a mask from the drop-down list.
If you select Mask, the system can automatically create a CIDR block. The subnet mask must be 24 to 28 bits in length.
If you select Destination CIDR Block, you need to enter a CIDR block.
You can add only an IPv4 CIDR block. The CIDR block cannot start with 0 and the subnet mask must be 23 to 30 bits in length.
NoteIf you select Destination CIDR Block, you can contact your account manager to request a specific CIDR block. You can also use an on-premises CIDR block. Make sure that the on-premises CIDR block is migrated to the cloud before you use it. For more information, see Bring your public IP address range to Alibaba Cloud.
Specify an IP address pool for an EIP
When you create a pay-as-you-go EIP, you can specify an IP address pool for the EIP. The system assigns an IP address from a CIDR block in the IP address pool to the EIP.
- Log on to the Elastic IP Address console .
On the Elastic IP Addresses page, click Create EIP.
On the Elastic IP page, configure the following parameters, click Buy Now, and then complete the payment.
This topic describes only the key parameters. For more information, see Apply for an EIP.
Parameter
Description
Billing Method
Only pay-as-you-go EIPs support the IP address pool feature. In this example, Pay-As-You-Go is selected.
Region
The region in which you want to create the EIP.
You can associate the EIP with a cloud resource such as an Elastic Compute Service (ECS) instance, a NAT gateway, a Classic Load Balancer (CLB) instance, a high-availability virtual IP address (HAVIP), or a secondary elastic network interface (ENI). Make sure that the EIP and the cloud resource are deployed in the same region.
Line Type
Select a line type for the EIP.
BGP (Multi-ISP): provides premium BGP lines across the world. BGP lines from different Internet service providers (ISPs) can be used. The optimal BGP line is automatically selected to ensure network stability. Supported ISPs are China Telecom, China Unicom, China Mobile, China Mobile Tietong, China Netcom, CERNET, NRTA, Dr. Peng Group, and Founder Broadband.
BGP (Multi-ISP) Pro: BGP (Multi-ISP) Pro improves the efficiency of data transmission from regions outside the Chinese mainland to the Chinese mainland. Compared with BGP (Multi-ISP), BGP (Multi-ISP) Pro establishes cross-border connections by using Chinese mainland ISP services to provide services to users in the Chinese mainland, excluding data centers. This reduces network latency.
NoteThe following regions support BGP (Multi-ISP) Pro: China (Hong Kong), Japan (Tokyo), Singapore, Malaysia (Kuala Lumpur), Philippines (Manila), Indonesia (Jakarta), and Thailand (Bangkok).
Make sure that the line type of the EIP is the same as the line type of the IP address pool that you want to select.
Security Protection
Select an edition of Anti-DDoS based on your requirements.
Default: specifies Anti-DDoS Origin Basic, which can mitigate DDoS attacks at 5 Gbit/s or lower. For more information, see What is Anti-DDoS Origin?
Anti-DDoS Pro/Premium: specifies Anti-DDoS Pro/Premium, which can mitigate DDoS attacks at the Tbit/s level.
ImportantIf you use Anti-DDoS Pro/Premium to protect your EIPs, take note of the following items:
The first time you use Anti-DDoS Pro/Premium for your EIPs, click Anti-DDoS Origin (pay-as-you-go) to activate Anti-DDoS Pro/Premium on a pay-as-you-go basis.
If you use Anti-DDoS Pro/Premium to protect your EIPs, you are charged a security protection fee by Anti-DDoS. For more information, see Anti-DDoS Origin 2.0 (Pay-as-you-go).
IP Address Pool
Select an IP address pool based on your business requirements.
By default, Default is selected. The system assigns an IP address from the public IP address pool of Alibaba Cloud.
You can select another IP address pool from the drop-down list. The system assigns an IP address from the selected IP address pool.
Make sure that the EIPs and the IP address pool use the same security protection type.
What to do next
Operation | Description |
Modify an IP address pool |
|
Delete an IP address pool | Before you delete an IP address pool, make sure that the IP addresses in the CIDR blocks that are added to the IP address pool are not assigned to EIPs.
|
Delete a CIDR block from an IP address pool | Before you delete a CIDR block, make sure that the IP addresses in the CIDR block are not assigned to EIPs.
|
References
Share an IP address pool: The owner Alibaba Cloud account of an IP address pool can share the IP address pool with other Alibaba Cloud accounts. Then, the Alibaba Cloud accounts can assign IP addresses from the IP address pool to EIPs.
Best practices for using EIPs protected by Anti-DDoS Pro/Premium: Learn about how to specify an IP address pool of the Anti-DDoS Pro/Premium type to create an EIP protected by Anti-DDoS Pro/Premium.
Overdue payments of IP address pools: Learn about the impacts of overdue payments, how to prevent overdue payments, and how to handle overdue payments. This helps you better manage resources and reduce costs.
CreatePublicIpAddressPool: creates an IP address pool.
UpdatePublicIpAddressPoolAttribute: modifies the attributes of an IP address pool.
ListPublicIpAddressPools: queries available IP address pools.
DeletePublicIpAddressPool: deletes an IP address pool.
AddPublicIpAddressPoolCidrBlock: adds a CIDR block to an IP address pool.
ListPublicIpAddressPoolCidrBlocks: queries CIDR blocks in an IP address pool.
DeletePublicIpAddressPoolCidrBlock: deletes a CIDR block from an IP address pool.