himanshusinha-msft
commented
4 years ago Thanks for the feedback and bringing this to our notice . At this time we are reviewing the feedback and will update the document as appropriate .
Closed timmo001 closed 4 years ago
himanshusinha-msft
commented
4 years ago Thanks for the feedback and bringing this to our notice . At this time we are reviewing the feedback and will update the document as appropriate .
MartinJaffer-MSFT
commented
4 years ago Hello @timmo001 and thank you for your question. You mention
ADF Integration Runtime running on a VM
If the integration runtime is running on your vm, then it is a self-hosted integration runtime, not an Azure (managed) integration runtime. The IP addresses listed on this page are in reference to the Azure (managed) integration runtimes. Since you are hosting this runtime on your own vm, the IP address you are seeing would belong to your vm.
Does this help, or did I misunderstand?
timmo001
commented
4 years ago So yes I am using the self-hosted integration runtime. The docs however don't mention this. Seems to be some confusion on the naming convention.
Is there a definitive list of IPs for Azure Data Factory and the self-hosted integration runtime? The list below is not enough and we will need to whitelist specific IP ranges, which is why this doc would have been a lifesaver, but turns out it is the wrong list.
MartinJaffer-MSFT
commented
4 years ago @timmo001 Are you using Data Flows, or only regular pipelines? I have looked up the IP adresses you provided, and they are Microsoft addresses, some in UK West rather than UK South.
timmo001
commented
4 years ago @timmo001 Are you using Data Flows, or only regular pipelines? I have looked up the IP adresses you provided, and they are Microsoft addresses, some in UK West rather than UK South.
Both, but this was from testing an ODBC/SQL Server connection requesting data from the self-hosted server.
I don't know how this tool or servers work, but maybe they are redirecting to other servers if they error for one. Which is why one IP is for UK West instead. We do also see US ip ranges. I guess these are also either fallback or authentication servers?
The link you provided, are these the IP ranges we should be whitelisting? Or these even, since those are outdated as of June 2020?
MartinJaffer-MSFT
commented
4 years ago @timmo001 I will assign the issue to author for clarification.
@nabhishek Can you give comment?
CHEEKATLAPRADEEP-MSFT-zz
commented
4 years ago @timmo001 We have updated the IP ranges for Self-Hosted IR - UK South region.
We will now proceed to close this thread. If there are further questions regarding this matter, please comment and we will gladly continue the discussion.
[Enter feedback here]
We are attempting to allow the ADF Integration Runtime running on an on prem VM through our Checkpoint firewall. However, the IP ranges specified on this page are not the same as what is being called. We are currently using UK South for our ADF instance.
Here are some examples of the IPs we are seeing (which are currently being blocked by our firewall, which we are having to manually trace and whitelist) which are not documented.
51.141.31.20(Shows as the same location as UK South but not on the list)51.140.59.9051.140.24.214Document Details
⚠ Do not edit this section. It is required for docs.microsoft.com ➟ GitHub issue linking.