How to Set a Static Internal Private IP (DIP) for Azure VM in ARM

  • Article

With the recent introduction of new Azure PowerShell modules generation, starting with version 1.0.0, Azure Product Group greatly accelerated bringing new features and innovation out the door, but also introduced several breaking changes in the API, with the transition from ASM (Azure Service Management) to ARM (Azure Resource Manager), and in PowerShell itself since cmdlets are now renamed and differentiated with the addition of “*Rm*” qualifier. Additionally, the semantic of some features are totally different and require a totally different
approach, cmdlets and then syntax. If you have not done already, I encourage you to read the blog post below related to PowerShell 1.0.0 release:

Azure PowerShell 1.0

https://azure.microsoft.com/en-gb/blog/azps-1-0

I’m writing this pretty short blog post to fill a gap in the actual Azure documentation, related to Azure Virtual Machines (VM) IP addressing, and to clarify some content that is outdated, then no more useful. Specifically, I want to clarify a changed behavior in PowerShell and APIs to manage/set static internal private IP, or if you prefer, call it static DIP. In the past, using ASM, we used “Set-AzureStaticVNetIP” to mark a DIP as static:

New-AzureService -ServiceName TestService -Location "Central US"

$image = Get-AzureVMImage|?{$_.ImageName -like "*RightImage-Windows-2012R2-x64*"}

New-AzureVMConfig -Name TestVM -InstanceSize Small -ImageName $image.ImageName `

| Add-AzureProvisioningConfig -Windows -AdminUsername adminuser -Password MyP@ssw0rd!! `

| Set-AzureSubnet –SubnetNames Subnet-1 `

| Set-AzureStaticVNetIP -IPAddress 10.0.0.7 `

| New-AzureVM -ServiceName "TestService" –VNetName TestVnet

 

Normally, a DIP is DHCP assigned with infinite lease, but there are some cases where it may change (stopped VM with deallocation) and you don’t want absolutely, think about an Active Directory Domain Controller for example. That’s why you may want to “mark” a DIP as static. Now, in ARM with latest PowerShell Azure modules (>= v.1.0.0), this cmdlet does not exist anymore, neither the correlated one used in the past to test DIP allocation:

Test-AzureStaticVNetIP –VNetName TestVNet –IPAddress 10.0.0.7

Then, the article below does not apply to ARM and PowerShell Azure modules higher than v.1.0.0:

How to Set a Static Internal Private IP

https://azure.microsoft.com/en-us/documentation/articles/virtual-networks-reserved-private-ip

Now, the supported and only possible way to mark a DIP as “static”, is using the parameter “PrivateIpAddress” when creating a new Network Interface as in the example below:

New-AzureRmNetworkInterface -Name InterfaceName -ResourceGroupName $gname -Location $PrimaryLocation -Subnet $vnet1.Subnets[1] -PublicIpAddress $dcvip `

-PrivateIpAddress "10.1.1.4" -InternalDnsNameLabel $dnssuffix -DnsServer "10.1.1.5", "10.1.1.4"  

When you specify an explicit IP value as in the example above, Azure will consider that address as static and will never change, you can double-check yourself using the code below (“Static” should be returned):

$nic=Get-AzureRmNetworkInterface -ResourceGroupName $rgname -Name $InterfaceName
$nic.IpConfigurations[0]. - PrivateIpAllocationMethod

Be aware that if you will specify an already used DIP, execution will return an error; additionally, there is no “test” cmdlet to check availability of a DIP inside a VNET/Subnet.

Best regards everyone, enjoy!