Dedicated IP addresses

Last updated February 04, 2021

Fastly’s Dedicated Internet Protocol (IP) addresses provide you with a pool of IPv4 and IPv6 IP addresses, maintained and managed by us, across Fastly’s global Edge Cloud. They can be used to support TLS certificate management for non-SNI clients, to support custom cipher suites or IP-to-service pinning, or to help manage zero-rated billing endpoints.

IMPORTANT: This information is part of a limited availability release. For more information, see our product and feature lifecycle descriptions.

TLS non-SNI client support

Dedicated IP addresses can be used to host customer certificates for non-SNI client support. Fastly can install customer-provided certificates at a dedicated set of IP addresses identified via customer-managed DNS records. These DNS records can be set up to use three possible network routing options (sometimes referred to as network maps or domain maps) that allow you to choose which parts of the Fastly network to use. See Fastly's TLS offerings for a more detailed description of the supported TLS options at Fastly.

Custom cipher suites

Fastly supports a number of standard cipher suites. Should you require more personalized control, Fastly supports the creation of custom cipher suites by providing you with dedicated IP addresses that support these custom sets.

IP-to-service pinning

IP-to-service pinning uses dedicated IP addresses to map customer services to specific endpoint IP addresses and direct an end user’s request to a specific service based on the requested endpoint IP address.

Zero-rated IP addresses

Zero-rated IP addresses (ZRIPs) allow you to use dedicated IP addresses within Fastly’s global Edge Cloud to identify traffic for special treatment. For example, if you need to waive billing charges going to or from specific web pages, ZRIPs can help you to identify traffic for zero billing.

Additional resources:

TLS service options