Microsoft Azure Datacenter IP Prefixes - Commercial Cloud
Microsoft Azure Datacenter IP Prefixes - China
Microsoft Azure Datacenter IP Prefixes - Germany
Office 365 services (see supporting document here)
Source code can be found on GitHub.
This API can allow you to retrieve (programatically or using this page) to retrieve IP prefixes in Azure and for Office 365. The IP address space for Azure represents the IPs that get advertised over ExpressRoute's public peering, whereas the IPs for Office 365 do not represent necessarily all the IPs advertised over ExpressRoute's Microsoft peering but some. See more here.
Prefix list is what it is. Try and see. Complement Prefix are interesting in that the represent what's "not" the prefix itself.
For instance, if you have a list with only one prefix of 10.0.0.0/8, the complement would be :
0.0.0.0/6 (covering from 0.0.0.0 to 220.127.116.11)
18.104.22.168/7 (covering from 22.214.171.124 to 126.96.36.199)
188.8.131.52/8 (covering from 184.108.40.206 to 220.127.116.11)
18.104.22.168/6 (covering from 22.214.171.124 to 126.96.36.199)
Advertising 0.0.0.0/0 on the BGP sessions with the Microsoft Enterprise Edge routers achieves the forced tunneling. To ensure that not all (a.k.a. 0.0.0.0/0) traffic is sent back on premise and what is meant for the Azure Datacenter to stay in Azure, you would advertise the Complement Prefixes. That keeps the cloud in the cloud.
Use at your own risks on your routers. Like any production network, you need to understand fully the impact of using these configuration lines into your production routers. The authors provide no guarantee on that code, implicit or explicit and aren't liable for any consequence, including loss of productivity, profits, etc.
This allows you to find where a prefix, if it's in Azure or in Office 365. If it exists in an Azure datacenter, you will
see the region. If it's an IP used for Office 365, you will see the service in question. It is possible it's in use for
Office 365 and that it's also in an Azure Datacenter.
It is not possible to use CIDR notation (188.8.131.52/32) to look for a subnet, we're expecting an IP to be in the box.
Use at your own risks. Using this should not break anything. What you do with the information you retrieve is up to you ;-). The authors provide no guarantee on that code, implicit or explicit and aren't liable for any consequence, including loss of productivity, profits, etc.