1

Ephemeral external IP addresses: these addresses are available to VM instances and forwarding rules. Ephemeral external IP addresses remain attached to a VM instance only until the VM is stopped and restarted or the instance is terminated. If an instance is stopped, any ephemeral external IP addresses that were assigned to the instance are released back into the general Compute Engine pool and become available for use by other projects. When a stopped instance is started again, a new ephemeral external IP address is assigned to the instance.

I have thought is instantaneously and we won't be getting back the same ephemeral IP address once the VM is stopped. However, it seems that ephemeral external IP addresses will still be assigned to a project for a while longer. For instance, I deleted a VM and released an IP address two days ago. The same IP address is assigned to a new VM today.

  1. How long does it take to release the ephemeral IP addresses back to the GCE pool?

  2. Are the ephemeral external IP addresses "assigned" to VPC or Project? If one has multiple projects within a VPC, will the ephemeral IP addresses be rotated within the projects until they are released to the GCE pool?

Peter Mortensen
  • 30,738
  • 21
  • 105
  • 131
FlyingPenguin
  • 231
  • 1
  • 9

2 Answers2

5

The answer is "it should not matter if ephemeral addresses are reused for your instance or not".

There is no guarantee that your instance will obtain the same address or will not obtain the same address. If you are designing something that depends on a certain ephemeral IP address behavior, your design will fail at some point.

Your question quotes Google's official ephemeral IP address policy. Design to that statement and do not depend on environment level behavior.

If you require a fixed IP address, then assign your instance a static IP address. Otherwise, your instance will have whatever address Google Cloud decides, which may or may not be the same address between restarts or recreates.

If your goal is to randomize public IP addresses, then you cannot count on the ephemeral address behavior to implement that. You can allocate a set of static IP addresses and then change which one is assigned to an instance. Note that unused IP addresses are billed (not free). Another method is to create instances in different regions and zones which will have different public IP addresses. You also could write a script to create VMs until the address is different (not part of a previous set of addresses) and then delete the other VMs (subject to quota restrictions).

From a customer support perspective, it is to Google's benefit to reallocate the same address to you. This minimizes a common problem. Some customers do not understand that the default IP address is ephemeral and what that means. They reboot their instance and the IP address changes. That breaks their SSH scripts, DNS settings, etc. The ephemeral address behavior cannot be consistently deployed but is a positive where possible.

John Hanley
  • 74,467
  • 6
  • 95
  • 159
  • An interesting point, maybe randomizing would be more positive - to break fragile designs early and educate customers. – Oleksandr Bushkovskyi Sep 23 '21 at 06:38
  • I'm a newbie, I don't think is a concern of whether the ephemeral IP address is reused or released. It is more of knowing it is not certain that it will be released instantaneously or knowing how long an assigned IP might "lingered around" your project until it is released fully back to the pool. – FlyingPenguin Sep 23 '21 at 08:05
  • @FlyingPenguin - Do you still have a question after my answer? – John Hanley Sep 23 '21 at 08:26
  • Thanks @JohnHanley Is there a log to keep track of the IP addresses that are assigned during the creation of VMs? – FlyingPenguin Sep 23 '21 at 09:05
  • 1
    @FlyingPenguin - When you create a virtual machine, Google logs the action. I am not sure if the IP address is logged. If you look in the logs, there will be two events. The first is the request to create a VM called "insert" and then another entry once the VM completes or fails to complete. – John Hanley Sep 23 '21 at 09:13
1

Answers to your questions -

  1. It’s instantaneous.
  2. Ephemeral addresses don't belong to any project and can be assigned to any resources across projects, randomly.

Some users have done some tests like this and concluded that the system tends to assign familiar IP addresses to VMs if it can. However, this is not something confirmed by GCP. Regardless, it’s of no use as there is no guarantee what IP address you’ll be getting.

Peter Mortensen
  • 30,738
  • 21
  • 105
  • 131
Anant Swaraj
  • 173
  • 6
  • Thanks. I do think the same set of IP is "lingered around" your project for a while and not instantaneously released back to the pool. Can't speak for all, but at least for my case it works this way. – FlyingPenguin Sep 23 '21 at 07:56
  • As I mentioned, it is observed that the system tends to assign familiar IPs to VMs if it can. – Anant Swaraj Sep 23 '21 at 08:19