Public IPs

A Public IP is a persistent public IPv4 address that you can attach to a VM to enable inbound internet connectivity. Public IPs are independent resources that can be created, managed, and reassigned between VMs without affecting the VM itself.

How Public IPs work

By default, VMs can make outbound connections to the internet using a shared IP address. However, to receive inbound connections from the internet, a VM must have a Public IP attached to it.

Public IPs are persistent—once allocated, the IP address belongs to your project until you explicitly delete it. You can attach and detach Public IPs from VMs as needed, and the IP address remains constant. This allows you to:

• Replace a VM while keeping the same public IP address
• Temporarily detach a Public IP from one VM and attach it to another
• Reserve IP addresses for future use

When to use Public IPs

You need a Public IP when:

• Running web servers or APIs that accept inbound HTTP/HTTPS traffic from the internet
• Providing SSH access to VMs from external networks
• Hosting services that need a stable, publicly accessible IP address
• Running applications that require inbound connections on specific ports

You don't need a Public IP when:

• VMs only need to communicate with each other within the VPC (private IPs are sufficient)
• VMs only make outbound connections to the internet (outbound connectivity is enabled by default)
• Running internal services not accessible from the public internet

Public IPs and security groups

Attaching a Public IP to a VM isn't sufficient for inbound internet access. You must also configure security group rules to allow the desired inbound traffic. The default security group blocks all inbound traffic from the internet.

For example, to allow SSH access to a VM with a Public IP, you need:

1. A Public IP attached to the VM
2. A security group rule allowing TCP port 22 from the source IP addresses you want to permit

Regional scope

Public IPs are regional resources—they can be attached to VMs in any availability zone within the region. This means you can move a Public IP from a VM in one zone to a VM in another zone without allocating a new IP address.

Outbound traffic with Public IPs

When a VM has a Public IP attached, outbound traffic from that VM uses the Public IP address as the source IP. This differs from VMs without Public IPs, which use a shared IP address.

Limitations

• Public IPs use IPv4 addresses. IPv6 isn't available.
• Each VM can have at most one Public IP attached
• Public IP addresses are allocated from evroc's address space and can't be imported from external sources

Next steps

• Learn about Security Groups for controlling traffic to VMs with Public IPs
• Understand the Default Networking Setup and what gets created automatically
• Learn about Regions and zones and how Public IPs work across zones