Category: Guides

Coming soon…

Introduction

Most people are familiar with DNS translating domain names into IP addresses. Reverse DNS does the opposite. Reverse DNS delegation plays a critical role in email delivery, security validation, and network trust. This article explains reverse DNS delegation in clear and practical terms.

What Is Reverse DNS?

Reverse DNS, also known as rDNS, resolves an IP address to a domain name. It uses special DNS zones under in-addr.arpa for IPv4 and ip6.arpa for IPv6.

Instead of asking which IP belongs to a domain, reverse DNS answers which domain belongs to an IP address.

What Is Reverse DNS Delegation?

Reverse DNS delegation is the process of assigning control of reverse DNS records for an IP range to another party. Typically, an IP address owner delegates reverse DNS management to a hosting provider or customer.

How Reverse DNS Delegation Works

PTR Records

Reverse DNS uses PTR records to map an IP address to a fully qualified domain name.

Delegation via Name Servers

The IP address owner configures name server records at the RIR or upstream provider level, pointing reverse DNS control to the delegated party’s DNS servers.

Customer Management

Once delegated, the customer can create and manage PTR records independently.

Why Reverse DNS Is Important

Email Deliverability

Mail servers often reject or score down email sent from IP addresses without valid reverse DNS entries.

Security and Trust

Reverse DNS helps verify the legitimacy of servers and reduces spoofing risks.

Logging and Monitoring

Readable hostnames improve clarity in logs and network diagnostics.

Reverse DNS for IPv4 and IPv6

IPv4 Reverse DNS

IPv4 reverse DNS uses the in-addr.arpa domain with octets reversed.

IPv6 Reverse DNS

IPv6 reverse DNS uses the ip6.arpa domain with hexadecimal digits reversed, making delegation more granular but also more complex.

Common Reverse DNS Delegation Scenarios

Hosting Providers

Providers delegate reverse DNS to customers running mail or application servers.

BYOIP Environments

Organizations using BYOIP often require reverse DNS delegation to maintain full control.

Conclusion

Reverse DNS delegation is a foundational networking feature that directly impacts email reliability, security posture, and operational clarity. Properly configured reverse DNS is essential for any organization operating internet-facing services.

Introduction

The internet is not a single network but a collection of thousands of independent networks. The protocol that allows these networks to exchange routing information is the Border Gateway Protocol, or BGP. This article explains BGP in a practical and accessible way.

What Is the Border Gateway Protocol?

BGP is the routing protocol used to exchange routing information between autonomous systems on the internet. An autonomous system is a network or group of networks managed by a single organization and identified by an Autonomous System Number (ASN).

How BGP Works

Route Advertisement

Networks advertise the IP prefixes they can reach to neighboring autonomous systems.

Path Selection

BGP evaluates multiple available paths and selects the best route based on policies, not speed.

Policy-Based Routing

Unlike interior routing protocols, BGP decisions are influenced by business relationships, cost, and traffic engineering goals.

Key BGP Concepts

Autonomous System Number

Each BGP-speaking network is identified by a unique ASN.

IP Prefixes

BGP announces routes as IP prefixes, such as IPv4 or IPv6 networks.

Peering and Transit

BGP sessions are established between networks for peering or transit relationships.

Why BGP Is Important

Internet Scalability

BGP allows the internet to scale by distributing routing decisions.

Traffic Engineering

Organizations can control inbound and outbound traffic flows.

Redundancy and Resilience

Multiple BGP paths enable failover and high availability.

Common Use Cases for BGP

Internet Service Providers

ISPs rely on BGP to exchange routes globally.

Data Centers and Cloud Providers

BGP is used for redundancy and multi-homing.

BYOIP Deployments

BGP is required to announce customer-owned IP addresses.

Conclusion

The Border Gateway Protocol is the backbone of the internet’s routing system. While complex, it provides unmatched flexibility and control for organizations that need resilient and scalable connectivity.

Introduction

As organizations move workloads between data centers, cloud providers, and hosting environments, IP address portability becomes increasingly important. Bring Your Own IP, commonly abbreviated as BYOIP, solves a key problem: maintaining control over your IP addresses regardless of where your infrastructure runs. This article explains what BYOIP is, how it works, and why businesses choose it.

What Is Bring Your Own IP (BYOIP)?

Bring Your Own IP is a networking model that allows an organization to use its own publicly registered IP address ranges with third-party service providers, such as cloud platforms, hosting companies, or connectivity providers. Instead of using IP addresses assigned by the provider, the customer retains ownership and control of the IP space.

These IP addresses are typically allocated by a Regional Internet Registry (RIR) such as RIPE NCC, ARIN, or APNIC.

How BYOIP Works

IP Address Ownership

The organization must own a public IP address block registered with an RIR. This block remains assigned to the organization, not the service provider.

Provider Authorization

The organization authorizes the provider to announce the IP range on its behalf. This is usually done using a Letter of Authorization (LoA).

BGP Announcement

The service provider advertises the IP range to the global internet using the Border Gateway Protocol (BGP). Traffic destined for the IP addresses is routed to the provider’s infrastructure.

Routing Control

The customer can move the IP range between providers by changing BGP announcements, allowing flexibility without renumbering systems.

Benefits of BYOIP

Provider Independence

BYOIP prevents vendor lock-in. IP addresses can be moved between cloud providers or data centers without changing DNS records or reconfiguring applications.

Improved Reputation Management

IP reputation, especially for email delivery and security-sensitive applications, stays with the organization rather than the provider.

Business Continuity

In disaster recovery scenarios, workloads can be migrated while keeping the same IP addresses reachable.

Regulatory and Compliance Advantages

Some industries require long-term ownership of network resources. BYOIP supports compliance by keeping IP assets under organizational control.

Common Use Cases for BYOIP

Cloud Migrations

Organizations moving from on-premises to cloud environments use BYOIP to avoid service disruptions.

Multi-Cloud Architectures

BYOIP simplifies routing and identity management across multiple providers.

High-Availability Designs

IP ranges can be dynamically moved between locations for redundancy.

Challenges and Considerations

Provider Support

Not all providers support BYOIP, and requirements may differ.

Routing Complexity

Managing BGP and routing policies requires networking expertise.

Minimum IP Block Sizes

Providers often require a minimum prefix length, such as a /24 for IPv4.

Conclusion

Bring Your Own IP is a powerful solution for organizations that need flexibility, control, and long-term stability of their IP addresses. While it introduces additional routing complexity, the benefits often outweigh the operational overhead for growing and cloud-focused businesses.

Coming soon…

Introduction: What Is BYOIP at OVHcloud?

Bring Your Own IP (BYOIP) is a feature from OVHcloud that allows organizations to use IPv4 address ranges they already own directly on the OVHcloud network. Instead of relying solely on OVHcloud-assigned IP addresses, you can import your own public IP ranges and use them as Additional IPs across supported OVHcloud services.

This approach is particularly useful for companies that want long-term IP portability, consistent IP reputation, and greater control over routing and network architecture.

What Is Bring Your Own IP (BYOIP)?

BYOIP allows you to import an existing IPv4 range into OVHcloud and have it announced from their infrastructure using Border Gateway Protocol (BGP). Once imported, the IP range behaves like a standard OVHcloud Additional IP product.

When importing a bigger range than a /24, it is internally split up into /24 blocks, usable within a single OVHcloud region, and managed through the OVHcloud Control Panel or API. Announcement of the IP range starts once a /24 block, or part thereof, is assigned to an eligible service.

BYOIP Requirements at OVHcloud

Before ordering the BYOIP service, several technical and administrative requirements must be met to ensure successful delivery and stable routing.

Supported Regional Internet Registries (RIRs)

OVHcloud currently supports IPv4 ranges registered with the following Regional Internet Registries:

• ARIN
• RIPE NCC
• APNIC (support for National Internet Registries is experimental)

The WHOIS record for the IPv4 block must exactly match the imported range. Selecting a parent or child block will prevent the range from being used.

IP blocks from ARIN, RIPE, or APNIC can now be used in any OVHcloud region, removing earlier geographical restrictions.

Accepted IP Block Sizes

OVHcloud accepts IPv4 ranges from size /24 up to /19. Larger ranges are split into multiple /24 blocks during the import process.

A /24 results in one block, while a /19 results in thirty-two /24 blocks. Ranges smaller than /24 or larger than /19 are not supported at launch.

Valid Ownership Status per RIR

The imported IP range must have a valid ownership status depending on the RIR.

For ARIN, supported types include Direct Allocation, Direct Assignment, Reallocated, and Reassigned.

For RIPE NCC, supported statuses include ALLOCATED PA, LIR-PARTITIONED PA, SUB-ALLOCATED PA, ASSIGNED PA, ASSIGNED PI, and LEGACY.

For APNIC, supported statuses include Allocated-Portable, Allocated-Non-Portable, Assigned-Portable, and Assigned-Non-Portable.

Choosing an OVHcloud Region

During the order process, you must select one OVHcloud region where your IP range will be used. Once delivery is complete, /24 blocks can be moved between services within the same region.

It is not possible to change the region of an imported IP range after delivery, where the Gravelines, Roubaix, and Strasbourg regions are regarded as one French region.

Proving Ownership of the IP Range

To verify ownership of the IP range, OVHcloud provides a unique verification token that must be added to the public WHOIS object before placing the order.

For RIPE, the token must be added to the descr field of the inetnum object.
For ARIN, it must be added to the Public Comments field of the Network object.
For APNIC, it must be added to the remarks field of the inetnum object.

The token must appear on its own dedicated line and must remain in place until the delivery process is complete.

Proving Ownership of an AS Number

If you choose to provide your own AS number, ownership must be verified using the same token used for the IP range.

For RIPE, the token must be placed in the descr field of the aut-num object.
For ARIN, it must be placed in the Public Comments field of the ASN object.
For APNIC, it must be placed in the remarks field of the aut-num object.

Allowing OVHcloud to Announce the IP Range

You must create a route object for the IP range in the RIR where it is registered. The route object must exactly match the imported IP range and specify either OVHcloud AS16276 or your own AS number as the origin.

If the IP range is already announced from another provider, routing conflicts or packet loss may occur. In such cases, OVHcloud cannot guarantee connectivity to OVHcloud services.

How BYOIP Works After Delivery

Once delivered, imported IP ranges behave like their regular Additional IP products. Each imported range is split into /24 blocks that can be assigned to eligible services within the selected region.

Announcement of the IP range on the Internet begins when at least one /24 block is assigned to a compatible service.

Some limitations apply. WHOIS records cannot be modified through the OVHcloud Control Panel or API, and reverse DNS handling is restricted. OVHcloud creates ARPA zones during delivery, and reverse DNS changes become publicly visible once the RIR delegates the zone.

IP Range Slicing and Aggregation

Imported IP blocks can be further split into smaller blocks or individual IP addresses through either the OVHcloud API or their Manager.

Slicing an IP Block

To slice a block, it must be unused and have no pending operations. The slicing process is asynchronous, and the resulting blocks behave like standard Additional IP products.

Aggregating IP Blocks

Aggregation allows smaller blocks to be merged back into a parent block. This operation is asynchronous and requires all child blocks to be available.

Conclusion

OVHcloud’s Bring Your Own IP feature enables organizations to use their existing IPv4 resources on a global cloud platform while retaining control over routing and IP reputation. With support for major RIRs, flexible region usage, and API-driven management, BYOIP is well suited for enterprises, ISPs, and SaaS providers.

Proper preparation is essential, particularly when it comes to WHOIS records, route objects, and reputation checks. When configured correctly, BYOIP offers long-term IP portability without sacrificing network stability or performance.

Coming soon…

Introduction

In networking and telecommunications, formal authorization is often required to allow another party to manage or announce your resources. A Letter of Authorization, commonly called an LoA, provides this permission in a standardized and verifiable way.

What Is a Letter of Authorization?

A Letter of Authorization is a formal document in which a resource owner grants permission to another party to perform specific actions. In networking, this usually involves IP address announcements, routing, or DNS delegation.

When Is an LoA Required?

IP Address Announcements

When a provider announces your IP addresses using BGP.

BYOIP Configurations

To authorize cloud or hosting providers to use your IP space.

Reverse DNS Delegation

Some providers require an LoA before delegating reverse DNS control.

What Information an LoA Contains

Resource Details

IP address ranges or AS numbers covered by the authorization.

Authorized Party

The organization receiving permission.

Scope and Purpose

What actions are allowed, such as BGP announcements.

Validity Period

Start and end dates of the authorization.

Signature and Contact Information

Proof that the request comes from the legitimate resource owner.

Example of a Letter of Authorization

Company Name: Example Networks Ltd
Registered Address: Example Street 1, 1234 AB City, Country

Date: 15 January 2026

Subject: Letter of Authorization for IP Address Announcement

We, Example Networks Ltd, hereby authorize Hosting Provider B.V. to announce the following IP address ranges on our behalf:

IPv4: 203.0.113.0/24
IPv6: 2001:db8:1234::/48

This authorization is valid solely for the purpose of BGP announcement and related routing activities.

Authorization is valid from 15 January 2026 until 15 January 2027.

If you have any questions regarding this authorization, please contact:

Name: John Doe
Email: noc@example-networks.com
Phone: +31 10 123 4567

Signed,
John Doe
Network Operations Manager
Example Networks Ltd

Conclusion

A Letter of Authorization is a simple but critical document that enables cooperation between IP address owners and service providers. Clear, well-defined LoAs reduce delays, prevent disputes, and ensure smooth network operations.

Coming soon…