Networking¶
Do Atlas clusters' public IPs ever change?¶
This section applies to M10 or larger clusters only unless
specified.
An Atlas cluster's public IPs don't change when you:
- Scale the cluster vertically.
- Unpause the cluster.
- Change the cluster's topology.
- Terminate then re-deploy a cluster with the same name within 36 hours.
- Experience a maintenance event on your cluster.
- Experience healing event on your cluster.
An Atlas cluster's public IP addresses must change when you:
- Convert a replica set to a sharded cluster.
- Add shards to a sharded cluster.
- Change the region(s) into which a cluster is deployed.
- Scale an
M0,M2, orM5cluster to anM10or larger cluster. - Terminate then re-deploy a cluster with the same name but in a different tier within 36 hours.
To find the public IP address for any node in your cluster, use the
nslookup tool from the command line. The IP address shown are
the Address portion of the output.
nslookup ds-shard-00-00-17jcm.mongodb-dev.net Address: 34.226.104.79
Can I specify my own VPC for my MongoDB Atlas project?¶
No. An Atlas project, and its clusters, are associated with a region-specific VPC .
Atlas creates a VPC when you deploy the first M10+ dedicated
paid cluster to a given provider and region. For multi-region clusters,
Atlas creates one VPC per region if there is not already a VPC
for that region.
(AWS deployments only) Atlas also creates a VPC when you create a VPC peering connection to an AWS VPC . Atlas creates the VPC in the same region as the peered VPC .
To use a different VPC (that is, on the customer's own cloud infrastructure accounts), you would need to use MongoDB Cloud Manager or Ops Manager.
How do I find my Atlas-side hostnames to open up my outbound firewall?¶
If your firewall blocks outbound network connections, you must open outbound access from your application environment to MongoDB Atlas. To configure your application-side networks to accept Atlas traffic you can either use the:
- Get All Clusters endpoint to retrieve the
mongoURIsof your clusters from the response elements. - Get All MongoDB Processes in a Group endpoint to retrieve the
hostnamesof your clusters from the response elements.
You can parse these hostname values and pass the IP addresses programmatically into your application-tier orchestration automation to push firewall updates.
To find the public IP address for any node in your cluster, use the
nslookup tool from the command line. The IP address is shown in
the Address portion of the output.
nslookup ds-shard-00-00-17jcm.mongodb-dev.net Address: 34.226.104.79
How many cross-region network permissions does Atlas support?¶
For a given region in an Atlas project with multi-region clusters or clusters in multiple regions, there is a limit of 40 MongoDB nodes on all other regions in that project. This limit applies across all cloud service providers and can be raised upon request. GCP regions communicating with each other do not count against this limit.
If an Atlas project has:
- 30 nodes in
Region A - 10 nodes in
Region B - 5 nodes in
Region C
You can no longer add any nodes to your project in Region A or
Region B. This is because the nodes in those clusters add up to 40,
which is the maximum allowed per project. You can add up to 5 nodes in
Region C while still satisfying the project limit.
This limit applies even if Regions A, B, and C are backed by
different cloud service providers.
For Atlas projects where every cluster is deployed to a single region, you cannot create a multi-region cluster in that project if there are already 40 or more nodes in that single region unless you request that the limit be raised.
Please contact Atlas support for questions or assistance with raising this limit.
If you would exceed the cross-region permissions limit when creating a cluster through the Atlas API , the API returns the following error:
{ "error" : 403, "detail" : "Cannot have more than 40 cross-region network permissions.", "reason" : "Forbidden" }
Can Atlas be used with AWS Transit Gateway?¶
Yes. AWS PrivateLink powers Atlas Private Endpoints. This allows for transitive connectivity. You can use the AWS Transit Gateway with your VPC if you connected your VPC to Atlas via AWS PrivateLink.
Can Atlas be used with AWS Direct Connect?¶
Yes. AWS PrivateLink powers Atlas Private Endpoints. This allows for transitive connectivity. You can use AWS Direct Connect with your VPC if you connected your VPC to Atlas via AWS PrivateLink.