AWS & IPv6 - Post Afterparty

AWS & IPv6 - Post Afterparty

AWS & IPv6, post afterparty. With a sore head, we revisit the subject and why it's not as simple as previously told.

Following our recent post where we celebrated the fact that AWS are to start charging for IPv4 public addresses, we're now in the hangover stage. We wake up the next day with a sore head and revisit our celebration with a somewhat clearer mind.

Why? For all is not a clear-cut journey to IPv6 with some AWS services.

So.. What AWS services are we talking about?

Here is a small selection of services we could pick out or see being discussed following the news.

You can find a complete list of AWS' services that support IPv6 and in that configuration type here.

  • ALB (Application Load Balancer) - Only supports dual-stack, with no option to disable IPv4. ALBs also create a public IPv4 address in each AZ (3x cost).

  • RDS - Dual stack, but can't connect to RDS externally over IPv6.

  • CloudFront - CloudFront supports IPv6 but can't do an origin-pull over IPv6.

  • API Gateway - This doesn't directly support IPv6, but you can get around this by utilising CloudFront in front of it.

  • ECS - ECS supports dual stack but doesn't support a standalone option to utilise just IPv6.

As you can see, a few services either do not support IPv6 or only support it in some dual-stack options, with no way to disable IPv4.

Why this isn't just an AWS issue

IPv6 has been readily available for some time now, but we live in an age where many ISPs, globally, have not enabled IPv6 throughout their infrastructure and for customers. I, for one, am with EE, an ISP in the UK, and unable to receive an IPv6 address or prefix. The global IPv6 issue starts with them and should generally be a minimum requirement.

The image was captured off my EE router.

So without a more global push from ISPs to enable a dual-stack configuration for their users, your services in AWS would have to remain dual-stack (support IPv4 & IPv6) at minimum or risk your customers being unable to access your services.

With that in mind, AWS does need to clear up its own house and have IPv6 as an option for all of its services and ensure that it can operate purely on an IPv6-only stack. If you charge for the public IPv4 address space, at least ensure your services will be available over IPv6.

So, for now, every customer of AWS will have to support IPv4 in some capacity and eat the cost or risk some of their customers being unable to access their services.

The biggest hit will be on hobbyist builders. I, for one, will be hit by this change. I host a couple of simple Grafana based instances for personal projects. Leaving these instances operating all year round could amount to a total of $43 per year for the sole use of a public IPv4 address. Without the option to go to IPv6 only, due to ISP constraints, I have now got to look at potentially moving the service I use to a VM or container at home.

What we're hoping for.

In light of this recent announcement from AWS, all eyes will be set on AWS re-invent 2023 in the hope that there will be some significant changes. Although, there is the other side of this, where they would "silently" release these capabilities as the year ends.

We'll keep a close eye on the changes in the coming months. Anything we come across, we'll ensure to keep you updated.

Did you find this article valuable?

Support Daniel Jones by becoming a sponsor. Any amount is appreciated!