Q: How can I take an external IP address from my organization and use it in Azure?
A: If you publish services from on-premises to the Internet, you likely do so by having a publicly accessible IP address and a public DNS entry that resolves to that IP address. If you move this service to Azure, perhaps as part of a failover, your first thought might be to take this IP address to Azure; however, this isn't possible. The virtual IP address (VIP) used for cloud services and even for instance-level IP addresses comes from the Azure pool of IP addresses. There's no way to suddenly make your on-premises IP address assigned from your carrier route correctly to Azure services. An alternative solution is to use one of the following approaches:
- As part of a failover, run a PowerShell script (e.g., you can call Azure Automations as part of an Azure Site Recovery recovery plan) that updates the public DNS to a new IP address, such as that of the Cloud Service the virtual machine moves to. You need to ensure that the Time To Live (TTL) on the record is such that clients see it quickly when it's updated.
- A better solution would be to leverage Azure Traffic Manager (see "Understand Azure Traffic Manager"). Using PowerShell, it's possible to add endpoints to Azure Traffic Manager that don't reside in Azure, which would allow you to use a failover option with the primary pointing to on-premises and the failover pointing to Azure.
Likewise, you can't use an Azure VIP on-premises. The IP address wouldn't route correctly.