Your data. Anywhere you go.

New Relic for iOS or Android


Download on the App Store    Android App on Google play


New Relic Insights App for iOS


Download on the App Store


Learn more

Close icon

ACTION REQUIRED: Updated IP Whitelist Changes


#1

UPDATE OCT. 26 2018

We completed the DNS migration for Insights Custom events traffic to the 162.247.240.0/22 block and began to move APM agent and Plugins traffic to this same block this past week with some interim tests to assess the broader impact across our customer base. As a result of those tests, we will roll out the DNS changes for APM agent and Plugins traffic a bit slower in order to minimize customer impact as we head into the busy holiday season. The revised plan is to go with a 30% rollout next Wednesday, Oct. 31st and keep that running through the holidays.

We currently do not have a set date for when the old IP block will be retired, but we expect this to be after the busy holiday season. Please keep the old 50.31.164.0/24 block along with the new 162.247.240.0/22 block in your firewall rules going forward. This will ensure the smoothest transition possible as the changeover occurs.

This page in our documentation will always be the most current, up-to-date source for the IP blocks we use:

https://docs.newrelic.com/docs/apm/new-relic-apm/getting-started/networks


UPDATED IP Whitelist Changes FAQ:

What is being changed?

On Tues, Oct 16th, we began the first phase of DNS changes to start routing the collection of Custom Insights Events, to 162.247.240.0/22.

On Tues, Oct 23rd, we will complete the DNS changes and start routing APM agent traffic, and Plugin Metric collection to 162.247.240.0/22. This traffic was previously being routed to 50.31.164.0/24. Once the migration is completed, we will be retiring the 50.31.164.0/24 block from use.

Who will be affected?

This change may impact customers whose networks restrict outbound traffic to the networks and ports listed in our Getting Started Guide .

How can I ensure that I am not affected by this change?

The best way to fully ensure that you are not affected, is to get confirmation from your internal Network/IT/Firewall Admin group that the necessary IPs have been whitelisted for all New Relic hosts running in your environment.

Is there a way to check I am affected by this change?

Due to the highly variable nature of complex business networks, it is challenging to test across a wide spectrum of possible network configurations which is why we are encouraging you to confirm with your Network/IT/Firewall Admin group that the necessary IPs have been whitelisted for all New Relic hosts running in your environment.

Most enterprises have different firewalls for users (ie desktops) which may be more open than production environments which often are more tightly locked down vs other environments that are somewhere in-between.

You can check whether any given host will be affected by attempting to access the following URL from the host in question: https://ip-connectivity-test-162-247-240.newrelic.com (ie: run this test from where the APM agent is running). This test will need to be run from each host; if it’s not feasible to check all hosts individually, you’ll need to verify network connectivity at whatever network level makes sense for your environment (working with your Networking group).

A successful connection is indicated by following message: “Connection test successful. This client has successfully connected to New Relic’s IP space. The host should experience no difficulty following our upcoming IP address change.”

When will this change take place?

The final phase to shift APM agent, and Plugin Metric collection traffic to the new IP Range begins on Tuesday, October 23rd, 2018.

What action do those affected need to take to prepare for this change?

Ensure your network firewall rules allow the following outgoing connections:

What will happen if I do NOT make this change?

Starting October 16th, 2018, traffic blocked by your network from connecting to New Relic’s 162.247.240.0/22 IP ranges will manifest itself in the following ways:

  1. Custom Insights events: custom Insights events will not be received by New Relic and any alerts relying on this data may not be triggered.

Starting October 23rd, 2018, traffic blocked by your network from connecting to New Relic’s 162.247.240.0/22 IP ranges will manifest itself in the following ways:

  1. APM Agents: affected applications will stop showing data in the APM UI, and alerts which require this data may not be triggered.

Plugin metrics to New Relic: affected plugins will stop showing data in the APM UI, and alerts which require this data may not be triggered.


Error establishing connection with New Relic Service at collector.newrelic.com:443:
#2

#3

Has this been completed or are there some outstanding actions? Would be good to know the success/failure if that is acceptable.


#4

Hey @stefan_garnham! I edited this post with an update based on our current plan and status (see above).

Let us know if this answers your question! :blush: