Create and manage an IPAM pool - Virtual Private Cloud - Alibaba Cloud Documentation Center

You can use IP Address Manager (IPAM) pools and provision CIDR blocks to better manage private IP addresses within your Alibaba Cloud account and avoid address conflicts. You can use IPAM pools to allocate resources to virtual private clouds (VPCs) and detect potential address conflicts. You can also allocate custom CIDR blocks from IPAM pools for later use.

Prerequisites

An IPAM is created. For more information, see Create and manage an IPAM.

Create an IPAM pool

Log on to the IPAM console.
In the top navigation bar, select the region where you want to create the IPAM pool.
In the left-side navigation pane, click IPAM Pool.

On the IPAM Pool page, click Create IPAM Pool. Set the parameters as described in the following table. Keep other parameters at their default value or modify them as needed.

Parameter	Description
IPAM Scope	Select an IPAM scope for the pool. Note Only private IPAM scopes are supported.
CIDR Range	Specify a CIDR range. IPAM: Select an IPAM to create a top-level pool. IPAM Pool: Select another IPAM pool as the source pool to create a subpool.
Source IPAM Pool	Select a source IPAM pool. Note This parameter is available only when CIDR Range is set to IPAM Pool.
Operating Region	Select an effective region for the IPAM pool. Note The effective region for the IPAM pool must belong to the effective regions for the IPAM. After the effective region is specified, you cannot change it. If you specify an effective region for the source IPAM pool, the subpool also uses the effective region. No additional operation is required. If no effective region is specified for the source IPAM pool, the effective region for the subpool must belong to the effective regions for the IPAM. Before you can allocate resources from an IPAM pool to a VPC, you must specify an effective region for the IPAM pool and the region of the VPC must be the same as the effective region.
Automatically Import Discovered Resource	Whether to import the discovered resources to the IPAM. Note The feature is only effective after you configure the Operating Region. If you do not enable automatic import here, you can enable it later on the following pages: Details tab of the IPAM address pool page. Edit in the Actions column of the IPAM address pool page. IPAM continuously discovers VPCs using its resource discovery capabilities and automatically imports resources with CIDRs that fall within the current address pool range and are unallocated in IPAM. When IPAM discovers multiple CIDRs with overlapping ranges, it automatically imports the largest CIDR. If multiple identical CIDRs are found, IPAM randomly imports one of them.
Provision CIDR Block	Enter a CIDR block that you want to provision. You can click Add CIDR Block to add more CIDR blocks. Note If this pool is a subpool, you can specify a CIDR block based on a visualized graph of the CIDR block of the source pool. Make sure that the specified CIDR block does not overlap with the CIDR block of the source pool. Only IPv4 CIDR blocks are supported.
Allocate Rule	Specify the minimum, default, or maximum mask length for CIDR blocks allocated from the pool to resources. Note Each mask must be 0 to 32 bits in length. The actual mask length must meet the requirements of the VPC. Minimum mask length ≤ Default mask length ≤ Maximum mask length.

Optional. After the IPAM pool is created, click View Instance Details. In the upper-right corner of the details page, perform the following operations:
- Click Create Create IPAM Pool to create a subpool from the current pool.
- Click Create VPC to create a VPC and allocate a CIDR block to the VPC.
  Note
  Before you create a VPC, make sure that CIDR blocks are provisioned to the VPC.

Provision and deprovision CIDR blocks

You must provision CIDR blocks to the pool before you allocate CIDR blocks from the pool to resources. Before you provision CIDR blocks, make sure that the following requirements are met:

An IPAM pool is created. For more information, see Create an IPAM pool.
If the pool is a subpool, CIDR blocks are provisioned to the source pool.

Provision a CIDR block

Log on to the IPAM console.
In the top navigation bar, select the region of the IPAM pool and click IPAM Pool in the left-side navigation pane.
On the IPAM Pool page, click the ID of the IPAM pool or Manage in the Actions column. Find the CIDR tab and click Provision CIDR Block.
On the Provision CIDR Block page, enter a CIDR block in one of the following ways.
- If the pool is a top-level pool, enter a CIDR block.
- If the pool is a subpool, specify a CIDR block by using one of the following methods.
  - Click the allocatable section of the CIDR block of the source pool to specify a CIDR block for the subpool.
  - Enter a CIDR block. Use the visualized graph to make sure that the specified CIDR block does not overlap with an existing one.
Note
You can click Add CIDR Block to add more CIDR blocks.

Deprovision a CIDR block

When you deprovision a CIDR block, make sure that no IP addresses are allocated from the CIDR block to a VPC, an IPAM pool, or a custom resource.

On the IPAM Pool page, click the ID of the IPAM pool or Manage in the Actions column.
Click the CIDR tab, find the CIDR block, and click Deprovision in the Actions column.

Create and release a custom allocation

You can use custom allocations in the following scenarios:

Hybrid cloud networking scenarios.
In such scenarios, data centers are connected to VPCs where complex services are deployed. You can mark the CIDR blocks of data centers as custom CIDR blocks for address reservation. This ensures that IP addresses assigned in the cloud do not overlap with IP addresses used by the data center.
Multi-cloud communication scenarios.
In such scenarios, Alibaba Cloud services are connected to other cloud services. You can mark the CIDR blocks used by other cloud services as custom CIDR blocks for address reservation. This ensures that the CIDR blocks can be used for specific services and avoids address conflicts.

Create a custom allocation

You can create a custom allocation for CIDR blocks. Before you create a custom allocation, make sure that CIDR blocks are provisioned to the pool. For more information, see Provision a CIDR block.

Use one of the following methods to allocate a CIDR block from an IPAM pool.

Allocate a CIDR block from the pool when you create a VPC. For more information, see Create a VPC and a vSwitch.
Allocate a CIDR block from the pool when you use the pool to create a subpool. For more information, see Create an IPAM pool.
Allocate a CIDR block from the pool when you create a custom CIDR block. CIDR blocks allocated by using this method are reserved CIDR blocks. To create a custom allocation, perform the following steps.

Log on to the IPAM console.
In the left-side navigation pane, select the region of the IPAM pool and click IPAM Pool in the left-side navigation pane.
On the IPAM Pool page, click the ID of the IPAM pool or Manage in the Actions column. Click the Allocate tab and click Create Custom Allocation.
On the Create Custom Allocation page, specify a CIDR block by using one of the following methods.
- Enter a CIDR block directly. Use the visualized graph to make sure that the specified CIDR block does not overlap with an existing one.
- Click the allocatable section of the provisioned CIDR block.
Note
You can click Add CIDR Block to add more CIDR blocks.

Release a custom allocation

Note

The supported resource types for release are VPCs and custom allocation.
When you release a VPC, only the allocation relationship between the VPC and the IPAM pool is removed, while the VPC itself is deleted. If you want to delete both, see Delete a VPC and Create and manage an IPAM pool for more information.

Only custom CIDR blocks can be released. To release CIDR blocks allocated to VPCs and IPAM pools, see Delete a VPC and Create and manage an IPAM pool.

On the IPAM Pool page, click the ID of the IPAM pool or Manage in the Actions column.
On the Allocate tab, find the custom CIDR block and click Release in the Actions column.

What to do next

Log on to the IPAM console.
In the left-side navigation pane, select the region of the IPAM pool and click IPAM Pool.

On the IPAM Pool page, you can perform the following operations as needed.

View pool usage

In the IPAM Pool page, click the ID of the IPAM pool or Manage in the Actions column.
In the Pool usage section, you can view the following information about the IPAM pool and the source pool:
- The number of available IP addresses and usage.
- The number of IP addresses allocated to this pool and usage.
- The number of IP addresses allocated to other resources and usage.
Note
If the pool is a top-level pool, only the usage of the top-level pool is displayed.

Visualized IP usage

In the IPAM Pool page, click the ID of the IPAM pool or Manage in the Actions column.
Click the IP Address Usage tab to view the details about the usage of CIDR blocks.

Modify an allocation rule

Find the IPAM pool and use one of the following methods to edit an allocation rule.
- Click Edit in the Actions column.
- Click the ID of the pool, click the Compliance Rules tab, and click Edit next to Allocation Rule.
In the Modify Allocation Rule dialog box, modify the minimum, default, or maximum mask length, and click OK.

Delete an IPAM pool

Before you delete an IPAM pool, make sure that no CIDR block is provisioned to the IPAM pool. For more information about how to deprovision a CIDR block, see Deprovision a CIDR block.

Find the IPAM pool and use one of the following methods to delete the IPAM pool:
- In the Actions column, click Delete.
- Click the ID of the IPAM pool and click Delete in the upper-right corner of the details page.
In the message that appears, click OK.

References

For more information about how to view the scope of an IPAM pool, see Create and manage IPAM.
For more information about the features and quotas of IPAM pools, see IPAM.
For more information about how to allocate an IPv4 CIDR block from an IPAM pool when you create a VPC, see Create a VPC.