Network traffic between a Floating IP and a Droplet flows through an anchor IP, which is an IP address aliased to the Droplet’s public network interface (
eth0). Droplets must have an anchor IP before you can assign a Floating IP to it.
Droplets created after October 20, 2015 automatically have an anchor IP, and you can add an anchor IP to older Droplets to use a Floating IP with them.
An anchor IP is only accessible to the Droplet that it belongs to and the Floating IP that is assigned to the Droplet. You should bind any public services that you want to make highly available through a Floating IP to the anchor IP.
For example, if you are using a Floating IP in an active/passive load balancer setup, you should bind your load balancer services to their respective Droplet anchor IPs so they can only be accessed via the Floating IP address. This prevents your users from using the public IP addresses of your Droplets to bypass your Floating IP.
To retrieve your Droplet’s anchor IP, you can use something like
ip addr show eth0, but the easiest way is using the Droplet Metadata service. One way to do this is running the following command on the Droplet:
curl -s http://169.254.169.254/metadata/v1/interfaces/public/0/anchor_ipv4/address
You can get other information about the anchor IP, like its netmask or gateway, by replacing the final
/address in the command above with
A Droplet can also see if it has a Floating IP assigned to itself by using Metadata. One way to do this is by running the following command on the Droplet, which will return a
curl -s http://169.254.169.254/metadata/v1/floating_ip/ipv4/active
If a Floating IP is assigned, the Droplet can similarly retrieve the address of the Floating IP:
curl -s http://169.254.169.254/metadata/v1/floating_ip/ipv4/ip_address
See the API Metadata documentation for more details.