- If you assign public IP addresses to all nodes in a multi-node system, you can use the respective public IP address to connect to any node from an external location.
Public IP addresses can be static or dynamic. Static IP addresses ensure the addresses for the nodes never change. By default, you can use up to 20 static public IP addresses within a given region associated with a given subscription. If you plan to deploy a system comprising more than 20 nodes, you must first submit a request to increase your networking limits accordingly in order to assign static public IP addresses to all nodes.
- If you assign a public IP address to only one (the first) node in a multi-node system, you can use the respective public IP address to connect to the first node from an external location and use the private IPs on the VM subnet to connect with other nodes.
- If you do not assign a public IP address to any nodes in a multi-node system, you can deploy a VM in the system's VNet, assign a public IP address to that VM, and then use that VM as a jump box to connect with system nodes from an external location.
If your use case allows for fluctuating public IP addresses, you can use the portal or the PowerShell/CLI script to change the IP address Assignment setting to Dynamic after deployment. However, you must first dissociate the public IP addresses from the network interface. If needed, you must also submit a request to increase your networking limits above the default value of 60 for dynamic public IP addresses within a given region associated with a given subscription.
If Deploying Teradata Products Using a Solution Template
- Data Mover
- Data Stream Controller
- Ecosystem Manager
- Server Management
If Deploying Teradata Products Separately
If you deploy Teradata products separately, you can create a new public IP address or choose not to assign any public IP address to the VM. Instead, you can access the VM using another jump box VM in the same VNet or through a VPN. If using a public IP address, review the NSG rules to lock down access to only known source IP ranges.