FAQ: Networking

Do Atlas cluster's public IPs ever change?

The factors that determine if and when an Atlas cluster's public IP address changes depends on the cluster tier.

An Atlas cluster's public IP addresses must change when you:

• Vertically scale an NVMe-backed cluster on Amazon Web Services (AWS) or Microsoft Azure.

• Convert a replica set to a sharded cluster.

• Add shards to a sharded cluster.

• Change the region into which a cluster is deployed.

• Scale an M0 or Flex cluster to an M10 or larger cluster.

• Terminate then re-deploy a cluster with the same name but in a different tier within 36 hours.

• Enable Encryption at Rest on a cluster with a lifetime less than 12 hours.

An Atlas cluster's public IPs don't change when you:

• Vertically scale a cluster on Amazon Web Services (AWS) or Microsoft Azure that is not backed by an NVMe SSD, or vertically scale a cluster from any tier on Google Cloud Platform (GCP).

• Unpause the cluster.

• Terminate and then re-deploy a cluster with a lifetime of 12 hours or more within 12-36 hours.

• Experience a maintenance or a healing event on your cluster.

To find the public IP address for any node in your cluster, use the nslookup tool from the command line. The IP address is shown in the Address portion of the output.

$ nslookup ds-shard-00-00-17jcm.mongodb-dev.net
Address: 34.226.104.79

Can I specify my own VPC for my MongoDB Atlas project?

No. An Atlas project, and its clusters, are associated with a region-specific VPC.

Atlas creates a VPC when you deploy the first M10+ dedicated paid cluster to a given provider and region. For multi-region clusters, Atlas creates one VPC per region if there is not already a VPC for that region.

(AWS deployments only) Atlas also creates a VPC when you create a VPC peering connection to an AWS VPC. Atlas creates the VPC in the same region as the peered VPC.

To use a different VPC (that is, on the customer's own cloud infrastructure accounts), you would need to use MongoDB Cloud Manager or Ops Manager.

How do I find my Atlas-side hostnames to open up my outbound firewall?

If your firewall blocks outbound network connections, you must configure outbound access from your application environment to MongoDB Atlas.

How many cross-region network permissions does Atlas support?

Clusters can span regions and cloud service providers. The total number of nodes in clusters spanning across regions has a specific constraint on a per-project basis.

Atlas limits the total number of nodes in other regions in one project to a total of 40, not including:

• Google Cloud regions communicating with each other

• Free clusters

• Flex clusters

Sharded clusters include additional nodes. The electable nodes on the dedicated Config Server Replica Set (CSRS) count towards the total number of allowable nodes. Each sharded cluster has an additional electable node per region as part of the dedicated CSRS. To learn more, see Replica Set Config Servers.

The total number of nodes between any two regions must meet this constraint.

You can't create a multi-region cluster in a project if it has one or more clusters spanning 40 or more nodes in other regions.

Contact Atlas support for questions or assistance with raising this limit.

If you would exceed the cross-region permissions limit when creating a cluster through the Atlas Administration API, the API returns the following error:

{
 "error" : 403,
 "detail" : "Cannot have more than 40 cross-region network permissions.",
 "reason" : "Forbidden"
}

Can Atlas be used with AWS Transit Gateway?

Yes. AWS PrivateLink powers Atlas Private Endpoints. This allows for transitive connectivity. You can use the AWS Transit Gateway with your VPC if you connected your VPC to Atlas via AWS PrivateLink.

Can Atlas be used with AWS Direct Connect?

Yes. AWS PrivateLink powers Atlas Private Endpoints. This allows for transitive connectivity. You can use AWS Direct Connect with your VPC if you connected your VPC to Atlas via AWS PrivateLink.