Effective address planning and management are key to using address resources efficiently and avoiding conflicts. Poor network planning can lead to high rebuilding costs. Traditional IP address management relies on workbooks and custom tools to manually track address allocations across multiple accounts and VPCs. This method is time-consuming, error-prone, and can cause address conflicts.
IP Address Manager (IPAM) is a tool that automates IP address allocation and management. It simplifies network management and prevents address conflicts. IPAM provides the following features:
Enterprise address planning Poor address planning causes network conflicts and leads to high rebuilding costs. Network administrators can use IPAM to plan available CIDR blocks for the business. In an enterprise with multiple accounts, network administrators can share planned address pools with business accounts.  | Address resource allocation Manually managing and allocating addresses is complex and error-prone. Using IPAM pools for network planning, you can automatically allocate CIDR blocks to VPCs based on allocation rules. This improves the consistency and efficiency of address management. You can also reserve CIDR blocks as needed to avoid address conflicts.  |
Global address resource management Each VPC belongs to a specific region and account. You can view VPC and vSwitch resources only in their respective regions and within your account. After associating an IPAM with a resource discovery, you can centrally view and manage all VPCs and vSwitches across all operating regions. A network administrator can associate an IPAM with resource discoveries shared by business accounts. This allows them to manage resources across multiple accounts and identify address conflicts.  | IP address conflict detection and usage monitoring Monitoring IP address usage allows your resource team to automate capacity management. You can promptly scale out resources that have high IP usage. Understanding address overlaps helps you proactively identify and resolve address conflicts in network connections. This prevents conflicts during network interconnection.  |
How it works
Because IPAM is a modular feature, you must select one region to create and host an IPAM instance. Plan and manage all address resources across multiple regions using IPAM. If a region within the management scope fails, it does not affect IPAM's ability to manage resources in the other regions.
The region that you select during IPAM creation becomes the Hosted Region of the instance. You can add other regions for the IPAM to manage. These regions become the Effective Regions of the IPAM.
After you create an IPAM, the system creates two default scopes. Each scope represents a separate IP address space.
Public scope: For all public spaces. You can allocate and use only IPv6 CIDR blocks provided by Alibaba Cloud.
Private scope: For all private spaces. Allocate and use IPv4 CIDR blocks. You can also create custom private scopes to manage separate address spaces.
Within an IPAM scope, you can create an IPAM Pool. Use layered planning to divide pools and provision CIDR blocks if necessary.
By creating subpools, you divide large CIDR blocks into smaller CIDR blocks, for example, by region. You can then allocate these smaller CIDR blocks to different departments or lines of business.
This layered approach helps prevent IP conflicts. Each subpool can be associated with specific security rules to meet the security requirements.
Use the CIDR blocks provisioned in an IPAM pool to allocate CIDR blocks to VPCs. You can also create custom allocations to reserve addresses for hybrid cloud or multi-cloud environments to avoid IP conflicts.
More information
Billing
The IPAM feature is in public preview and is free of charge for now.
Supported regions
Area | Regions |
Asia Pacific - China | China (Hangzhou), China (Shanghai), China (Nanjing - Local Region, Closing Down), China (Qingdao), China (Beijing), China (Zhangjiakou), China (Hohhot), China (Ulanqab), China (Shenzhen), China (Heyuan), China (Guangzhou), China (Chengdu), China (Hong Kong), China (Wuhan - Local Region), and China (Fuzhou - Local Region, Closing Down) |
Asia Pacific - Others | Japan (Tokyo), South Korea (Seoul), Singapore, Malaysia (Kuala Lumpur), Indonesia (Jakarta), Philippines (Manila), and Thailand (Bangkok) |
Europe & Americas | Germany (Frankfurt), UK (London), US (Silicon Valley), and US (Virginia) |
Middle East | UAE (Dubai) and Saudi Arabia (Riyadh - Partner Region) Important The SAU (Riyadh - Partner Region) region is operated by a partner. |
Quota
Quota name | Description | Default limit | Increase quota |
ipam_quota_per_region | The number of IPAMs that can be created by each user in each region. | 1 | Cannot be increased. |
ipam_scope_quota_per_ipam | The number of IPAM scopes that can be created in each IPAM. | 5 | |
ipam_pool_quota_depth | The maximum depth of each IPAM pool. | 10 | |
ipam_cidr_quota_per_ipam_pool | The number of CIDRs that can be provisioned in each IPAM pool. | 50 | |
ipam_sub_pool_quota_per_ipam_pool | The number of sub-pools that can be created in each IPAM pool. | 50 | |
ipam_pool_quota_per_scope | The number of IPAM pools that can be created in each private IPAM scope. | 500 | |
ipam_resource_discovery_quota_per_region | The number of resource discoveries that can be created by an account in a region. | 1 | |
resource_share_quota_per_ipam_resource_discovery | The number of shared resources supported for creation by each resource discovery. | 100 | |
shared_ipam_resource_discovery_quota_per_user | The number of shared resource discoveries allowed for each user. | 100 | |
resource_share_quota_per_ipam_pool | The number of resource shares that can be created for each IPAM pool. | 100 | |
shared_ipam_pool_quota_per_user | The number of shared IPAM pools that each user can have. | 100 | |
ipam_public_ipv6_top_pool_quota_per_region_isp | The number of public top-level IPAM IPv6 pools each user can create for each ISP type in each region. | 1 | |
ipam_cidr_quota_per_public_ipv6_top_pool | The number of CIDRs each user can provision for public top-level IPAM IPv6 pools in each region. | 1 |