Dedicated IP addresses
Last updated 2021-05-05
Fastly’s Dedicated Internet Protocol (IP) addresses provide you with a pool of IPv4 and IPv6 addresses, maintained and managed by us, across Fastly’s global Edge Cloud. They can be used to support TLS certificate management for non-SNI clients, to support custom cipher suites or IP-to-service pinning, or to help manage zero-rated billing endpoints or security allowlisting.
Purchase of Fastly's Platform TLS product requires you to also have purchased Dedicated IP addresses.
TLS non-SNI client support
Dedicated IP addresses can be used to host customer certificates for non-SNI client support. Fastly can install customer-provided or Fastly-managed certificates at a dedicated set of IP addresses identified via customer-managed DNS records. These DNS records can be set up to use three possible network routing options (sometimes referred to as network maps or domain maps) that allow you to choose which parts of the Fastly network to use. See Fastly's TLS offerings for a more detailed description of the supported TLS options at Fastly.
Custom cipher suites
Fastly supports a number of standard cipher suites. Should you require more personalized control, Fastly supports the creation of custom cipher suites by providing you with dedicated IP addresses that support these custom sets.
IP-to-service pinning uses dedicated IP addresses to map customer services to specific endpoint IP addresses and direct an end user’s request to a specific service based on the requested endpoint IP address.
Zero-rated IP addresses
Zero-rated IP addresses (ZRIPs) allow you to use dedicated IP addresses within Fastly’s global Edge Cloud to identify traffic for special treatment. For example, if you need to waive billing charges going to or from specific web pages, ZRIPs can help you to identify traffic for zero billing.
Security allowlisting uses dedicated IP addresses to control the set of Fastly global IP addresses seen by third parties. You can incorporate dedicated IPs into access control lists (ACLs) to tighten security between a customer and a third party.