Virtual Private Gateway
IP Address Assignment
When using a Virtual Private Gateway, several types of IP addresses are used and assigned. Understanding these IP addresses and their assignment methods is essential for proper VPG configuration and capacity planning.
IP Address Types
| IP Address Type | Description |
|---|---|
| VPG IP Address | The source IP address used when the VPG sends packets to your system over a private network connection. |
| VPG Global IP Address | The public IP address used for the VPG's Internet gateway. |
| Device IP Address | The private IP address assigned to Air for Cellular and Arc devices connected to the VPG. |
VPG IP Address
The VPG IP address is the source IP address used when the VPG sends packets to your system over a private network connection (such as when using Soracom Canal, Direct, or Door).
| Item | Details |
|---|---|
| IP Address Range | 100.64.0.0/10 (Shared Address Space RFC 6598). The actual IP address range assigned to a specific VPG can be viewed in the VPG IP Address Range field on the VPG settings screen. For more information, refer to VPG Type-E Configuration, Type-F Configuration, Type-G Configuration, or Type-F2 Configuration. |
| Assignment Method | Automatically assigned. You cannot specify a particular IP address. |
| IP Address Persistence | Once assigned, the IP address will not change until the VPG is deleted. |
VPG Global IP Address
The VPG global IP address is the public IP address used for the VPG's Internet gateway.
| Item | Details |
|---|---|
| Global IP Address | For VPGs with the Internet Gateway enabled, a global IP address is automatically assigned. You can enable the Fixed Global IP Address option to assign static public IP addresses to the VPG. |
When the Internet Gateway is disabled, no global IP address is assigned. For more information, refer to the VPG Overview documentation.
Device IP Address
The device IP address is the private IP address assigned to Air for Cellular and Arc devices connected to the VPG.
| Item | Details |
|---|---|
| IP Address Range (Device Subnet IP Address Range) | By default, 10.128.0.0/9 is used. Device IP addresses are selected from this IP address range. The device subnet IP address range can be specified when creating a VPG. For information about the available ranges, refer to the CIDR Range for device subnet parameter in VPG Type-E Configuration, Type-F Configuration, Type-G Configuration, or Type-F2 Configuration. |
| Assignment Method | By default, IP addresses are automatically assigned. For each device, an IP address candidate is determined based on a predefined algorithm, and an available IP address from the device subnet IP address range is assigned to the device. You can assign a specific IP address to each device by IMSI using the IP address map option in the Device LAN tab of the VPG settings screen. For more information, refer to IP Address Mapping. When using Soracom Gate, you can access devices using their assigned IP addresses. |
| IP Address Persistence | In general, the same IP address will be assigned to a device each time it connects. However, if there is a shortage of available IP addresses, the assigned IP address may change. |
Device Subnet Capacity Planning
Why Sufficient IP Address Space Is Important
Device IP addresses are assigned based on a predefined algorithm that determines IP address candidates for each device. When a device connects to the VPG, it is assigned an available IP address from among its candidates within the device subnet IP address range. This assignment method is not completely random.
As the device subnet IP address range approaches capacity, the likelihood increases that all of a device's IP address candidates are already in use. When this occurs, the device cannot be assigned an IP address, and the cellular session cannot be established.
Recommendations
To avoid IP address exhaustion:
- Use the default device subnet range - The default
10.128.0.0/9range provides over 8 million IP addresses, which is sufficient for most deployments. - Plan for headroom - If you must use a custom device subnet range, allocate at least 1.5 times the expected number of simultaneously connected devices.
- Monitor usage - Regularly check the number of active sessions on the VPG Overview screen and count available IP addresses.
- Use IP Address Mapping - If you prefer to manually assign specific IP addresses rather than rely on the VPG’s predefined algorithm, refer to IP Address Mapping.
The device subnet IP address range cannot be changed after a VPG has been created. If you need to expand the IP address range, you must create a new VPG with a larger range and migrate your devices to it.
Gate Peer IP Address
When using Gate, the Gate Peer is a host in your network that establishes a VXLAN tunnel with the VPG. The Gate Peer is assigned an IP address as follows:
| Item | Details |
|---|---|
| IP Address Range | Assigned from the VPG's device subnet IP address range. |
| Assignment Method | Automatically assigned. You cannot specify a particular IP address. |
| IP Address Persistence | Once assigned, the IP address will not change until the VPG is deleted. |