Dedicated Load Balancer Allowlists

logo cloud active logo hybrid disabled logo server disabled logo rtf disabled

If you want to allow IP addresses access to your dedicated load balancer (DLB), you must add those IP addresses, in CIDR notation, to the allowlist of the DLB.

The allowlist works for inbound connections at the load-balancer level only, not at the CN certificate level.

You can either add the allowed IP addresses when you create the DLB or add them to an existing DLB using either Runtime Manager or the command-line interface.

DLB Allowlist Entry Limits

The maximum number of IP address entries that you can add to the DLB allowlist depends on the inbound HTTP mode setting in the DLB configuration, which specifies the behavior of the DLB when receiving an HTTP request.

Inbound HTTP Mode Maximum Allowlist Entries

Off

240

On

120

Redirect

120

If the number of entries in the DLB allowlist exceeds 120, you can’t set HTTP mode to On.

Add an IP Address to the Allowlist of an Existing DLB

To add an IP address to the allowlist of a DLB using Runtime Manager:

  1. From Anypoint Platform, click Runtime Manager.

  2. Click Load Balancers and then click the load balancer name.

  3. In the Whitelisted CIDRs tab, click Add New CIDR:

    *Add New CIDR* option in the load balancer settings page
    Figure 1. The arrow shows the Add New CIDR option in the Whitelisted CIDRs tab.
  4. Enter the IP address in valid CIDR format (for example, 10.2.0.0/16).

  5. Click Add To List.

  6. If you want to delete a CIDR, hover over the …​ icon to display the trash can icon.

  7. Click Apply Changes.

To add a range of IP addresses to the allowlist for a DLB using the CLI:

cloudhub load-balancer whitelist add myLB_name myCIDRblock

The IP addresses must be in valid CIDR format (for example, 10.2.0.0/16).

If you want to remove IP addresses from the allowlist:

cloudhub load-balancer whitelist remove myLB_name myCIDRblock

Was this article helpful?

💙 Thanks for your feedback!

Edit on GitHub