When the Cloud Load Balancer or WAF connects to your server or device to send traffic, it typically uses a proxy IP address tied to that region. This is by design to ensure that return traffic comes back through that region so it can be sent back to the end-user/client while maintaining session management/state awareness, completing full circle. Each region uses anywhere from one to four IP addresses for communication, depending on how many nodes are within that region.
Some customers like to create an Access Control List (ACL) or other firewall rule to block all traffic except for traffic traversing one of our nodes. This ensures that no end-user/client can bypass the cloud IP address you’ve published your pack on, protecting it from attack etc. To do this, you will need a list of our IP addresses.
You can find the complete IPv4 and IPv6 IP address list when you log into the management portal. It is currently on the dashboard below the News and Announcements section in a link titled: “Cloud Platform IP Addresses”. This list is updated on occasion, and when it is, the date on the page will change, and we will email all customers several weeks (usually at least a month) in advance so you can update your ACL/Firewall as needed.
All IPv4 traffic will come from one of the IPv4 addresses listed. All IPv6 traffic will come from one of the IPv6 addresses listed.
If you require any further information about our cloud IP address ranges, please do not hesitate to contact support.