Public CIDR Lists for Red Hat (IP Addresses for cdn.redhat.com)

Updated -

Downloads from Red Hat Network through yum are now provided by a content delivery network (CDN), resulting in significantly faster download speeds than previously available. The yum client is directed to a content repository that is geographically near to the requesting machine.

In some cases, your firewall may be blocking access to the CDN URLs, which would result in yum being unable to complete downloads from Red Hat. In this case, your current firewall settings will need to be updated if you wish to download content from the CDN utilizing Red Hat Subscription Management.

Note: Updates are always delivered from the hostname cdn.redhat.com unless a system has been intentionally reconfigured to download from another source. For example, some customers may wish to configure their systems located in China to download from china.cdn.redhat.com for better performance.

The IP address of our default source cdn.redhat.com is dynamically provided by a third-party based on geographical location, and as such is subject to change. It's recommended to allow-list the domain itself if possible or all IPs in the range provided in this article. Customers who are not using the most up-to-date IP list (below) could see intermittent errors when downloading content - the error returned by yum and/or Red Hat Satellite server would be: [Errno 256] No more mirrors to try.

If cdn.redhat.com is found to resolve to any address outside of this range listed below, please open a support case and report your client's IP/hostname along with the IP address that cdn.redhat.com is resolving to. From the range of IPs on this list, not all IPs will resolve to cdn.redhat.com at any given time. As such, it is advised to not allow select IP addresses from this list but ALL IP addresses on this list. This will prevent any interruptions in access to content from load balancing changes done within Akamai's infrastructure.

Container registries and Universal Base Image (UBI) repositories

Red Hat does not have an IP list for the container registry domains or cdn-ubi.redhat.com the way we do for cdn.redhat.com. If you need to firewall off the registry and/or UBI repositories, we recommended using a proxy (e.g., squid) and allow-list the domains:

  • registry.access.redhat.com
  • registry.redhat.io
  • registry.connect.redhat.com
  • sso.redhat.com
  • cdn-ubi.redhat.com
  • cdn.quay.io
  • cdn01.quay.io
  • cdn02.quay.io
  • cdn03.quay.io
  • cdn04.quay.io
  • cdn05.quay.io
  • cdn06.quay.io

Complete list of IP addresses

The complete list is below and is also available in JSON format. If you are looking only for the recent changes as of July 6 2017, a list of the differences is also included further down for convenience.

Current complete list:

104.67.28.83/32
104.68.188.83/32
104.76.92.83/32
104.78.76.83/32
104.81.246.83/32
104.82.76.83/32
104.83.76.83/32
104.83.82.83/32
104.83.92.83/32
104.91.156.90/32
104.94.102.83/32
104.98.240.125/32
114.108.188.251/32
173.222.100.251/32
173.222.116.251/32
173.222.140.251/32
173.222.144.251/32
173.222.152.251/32
173.222.164.251/32
173.222.188.251/32
173.222.192.251/32
173.222.204.251/32
173.222.212.251/32
173.222.216.251/32
173.222.224.251/32
173.222.244.251/32
173.223.140.251/32
173.223.152.251/32
173.223.172.251/32
173.223.228.251/32
173.223.36.251/32
173.223.48.251/32
173.223.92.83/32
182.51.200.251/32
184.26.176.251/32
184.26.180.251/32
184.27.248.251/32
184.27.40.251/32
184.50.16.251/32
184.51.24.251/32
184.51.36.251/32
184.51.68.251/32
184.84.184.251/32
184.84.188.251/32
184.84.192.251/32
184.84.196.251/32
184.84.200.251/32
184.85.176.9/32
184.86.236.251/32
2.16.128.83/32
2.16.212.251/32
2.16.30.83/32
2.17.124.251/32
2.18.220.251/32
2.20.12.251/32
2.21.145.130/32
2.22.0.251/32
2.22.12.251/32
2.22.220.83/32
209.132.183.107/32
209.132.183.108/32
23.0.172.83/32
23.0.230.83/32
23.0.236.83/32
23.1.188.83/32
23.1.44.251/32
23.1.8.251/32
23.10.12.83/32
23.10.60.83/32
23.12.236.83/32
23.13.176.251/32
23.13.44.83/32
23.14.44.83/32
23.15.132.83/32
23.15.204.251/32
23.15.248.251/32
23.194.220.83/32
23.194.236.91/32
23.197.60.83/32
23.198.104.83/32
23.198.106.83/32
23.204.100.83/32
23.206.76.83/32
23.207.148.112/32
23.212.102.83/32
23.215.140.83/32
23.221.20.83/32
23.222.172.83/32
23.223.76.83/32
23.3.140.251/32
23.3.247.117/32
23.32.12.83/32
23.38.116.83/32
23.40.12.83/32
23.42.76.83/32
23.45.224.251/32
23.46.2.83/32
23.48.80.251/32
23.49.52.251/32
23.5.124.83/32
23.50.99.181/32
23.51.12.83/32
23.51.156.83/32
23.52.60.20/32
23.54.12.83/32
23.57.112.251/32
23.57.124.251/32
23.58.0.251/32
23.58.148.251/32
23.58.8.251/32
23.58.90.83/32
23.59.92.251/32
23.60.144.251/32
23.61.124.251/32
23.63.144.251/32
23.63.150.83/32
23.63.16.251/32
23.64.142.83/32
23.64.4.251/32
23.64.56.251/32
23.65.16.251/32
23.65.200.83/32
23.65.216.83/32
23.66.152.83/32
23.66.40.83/32
23.75.218.83/32
59.151.136.251/32
72.246.48.83/32
72.247.112.251/32
72.247.116.251/32
88.221.236.251/32
88.221.44.251/32
88.221.56.251/32
95.100.244.251/32
95.101.100.251/32
95.101.104.251/32
95.101.152.251/32
95.101.156.251/32
95.101.160.251/32
95.101.164.251/32
95.101.188.251/32
95.101.4.251/32
95.101.44.251/32
95.101.48.251/32
95.101.56.251/32
95.101.60.251/32
95.101.64.251/32
95.101.84.251/32
95.101.92.251/32
95.101.96.251/32
96.17.0.251/32
96.6.32.251/32
96.6.36.251/32

New addresses added as of July 6 2017:

104.67.28.83/32
104.68.188.83/32
104.76.92.83/32
104.78.76.83/32
104.81.246.83/32
104.82.76.83/32
104.83.76.83/32
104.83.82.83/32
104.83.92.83/32
104.91.156.90/32
104.94.102.83/32
104.98.240.125/32
173.223.92.83/32
209.132.183.107/32
209.132.183.108/32
2.16.128.83/32
2.16.30.83/32
2.22.220.83/32
23.0.172.83/32
23.0.230.83/32
23.0.236.83/32
23.10.12.83/32
23.10.60.83/32
23.1.188.83/32
23.12.236.83/32
23.13.44.83/32
23.14.44.83/32
23.15.132.83/32
23.194.220.83/32
23.194.236.91/32
23.197.60.83/32
23.198.104.83/32
23.198.106.83/32
23.204.100.83/32
23.206.76.83/32
23.212.102.83/32
23.214.72.83/32
23.215.140.83/32
23.221.20.83/32
23.222.172.83/32
23.223.76.83/32
23.32.12.83/32
23.3.247.117/32
23.38.116.83/32
23.40.12.83/32
23.42.76.83/32
23.46.2.83/32
23.50.99.181/32
23.51.12.83/32
23.51.156.83/32
23.5.124.83/32
23.52.60.20/32
23.54.12.83/32
23.58.90.83/32
23.63.150.83/32
23.64.142.83/32
23.65.200.83/32
23.65.216.83/32
23.66.152.83/32
23.66.40.83/32
23.75.218.83/32
72.246.48.83/32

Addresses removed as of July 6 2017:

173.222.128.251/32 
173.223.132.251/32 
173.223.168.251/32 
184.25.160.251/32 
184.25.244.251/32 
184.51.140.251/32 
2.17.184.63/32 
2.20.16.251/32 
23.211.152.245/32 
23.62.151.53/32 
95.101.108.251/32 
95.101.124.251/32
96.17.184.251/32

Addresses removed as of May 14 2021:

173.223.96.251/32 
184.51.48.251/32 
23.214.72.83/32 
23.61.12.251/32

New address added after October 1, 2022:

184.85.176.9/32

To get a list of public IP addresses for api.access.redhat.com or cert-api.access.redhat.com please refer: How do I configure my firewall for api.access.redhat.com?

Comments