re:Invent 2024

IPv4 vs IPv6 Changes from AWS: Will Your Service Be Impacted?

Networking

Starting February 1, 2024, AWS will implement a significant pricing change: a charge of $0.005 per IP per hour for all public IPv4 addresses. Understanding and strategically preparing for this rollout is vital to minimize its impact on your applications and services.

AWS is updating its IP address billing policy, marking a notable shift in its pricing structure. Starting soon, AWS will charge a fee for the use of public IPv4 addresses. This announcement, on July 28, 2023, signals a crucial shift in AWS' approach to IP address management, with substantial implications for users of their services. In this guide, we'll explore the nuances of these changes and offer insights on how to effectively navigate this transition.

Previously, these addresses were available at no extra cost when used with actively running services. This policy change is in response to the significantly increased costs of acquiring IPv4 addresses, which have escalated by 300%. As a result, the use of each public IPv4 address will now incur an annual fee of $43.80. It's important to note, however, that this new fee structure will not impact users who are part of the Bring Your Own IP (BYOIP) program.

In contrast, public IPv6 addresses will remain available at no charge, thanks to their abundant availability. As a part of this transition, AWS is including 750 hours per month of public IPv4 usage in the free tier for the first 12 months, which covers 1 public IPv4 address. AWS has provided a reference table on their website for a detailed breakdown of these changes, as follows:

ropes

AWS image: https://aws.amazon.com/blogs/aws/new-aws-public-ipv4-address-charge-public-ip-insights/

Understanding the Dynamics of IPv4 and IPv6 in AWS

The transition from IPv4 to IPv6 is a landmark in internet technology history. IPv4, launched in the 1980s, provided about 4 billion addresses, which soon proved insufficient due to the rapid increase in internet-connected devices. IPv6 emerged in the late 1990s, introducing a 128-bit address system to vastly increase the number of available addresses, thereby enhancing internet functionality and security.

As IPv4's address space dwindles, AWS is increasingly navigating towards IPv6, tapping into its vast reserve of addresses. AWS has been at the forefront of this transition, offering IPv6 support for its key services since 2011 and adopting dual-stack approaches that allow services to operate with both IPv4 and IPv6. 

However, the journey to full IPv6 integration is ongoing. Currently, about 30 AWS services support IPv6, but there are variations in their adoption of dual-stack and IPv6 for private endpoints. Moreover, in some regions, several essential services like Amazon API Gateway, AWS CodeCommit, and Amazon DynamoDB are still operating solely on IPv4. This highlights a gap in the transition process, underscoring the need for continued development and integration.

Navigating the IPv4 to IPv6 Transition in AWS Services

As the internet gradually shifts from IPv4 to IPv6, it is crucial to understand and adapt to the pricing dynamics of these protocols for efficient cloud operations. To help us manage it, in July of 2023, AWS added ‘Public IP Insights’, a free IPv4 check feature of VPC IP Address Manager (IPAM). IPAM helps assess the scope of your IPv4 usage, enabling a strategic rethink of network addressing. The added visibility into public IPv4 address utilization is a game-changer, paving the way for more informed decisions in the transition to IPv6. For more information follow the AWS documentation.

AWS image: https://aws.amazon.com/blogs/aws/new-aws-public-ipv4-address-charge-public-ip-insights/ 

How to be prepared?

When preparing for the IPv6 shift, it's essential to reference established guidelines, including the NSA’s IPv6 security recommendations and AWS’ own transition protocols. Embracing a dual-stack strategy across your network interfaces is a smart move. This approach, combined with IPv6-only subnets and NAT translations (using NAT64 and DNS64), ensures a smoother process. These steps allow IPv6 services to communicate seamlessly with legacy IPv4 services, a critical aspect of modern network management.

With regards to specific AWS services, the transition strategies vary:

  1. EC2 (Elastic Compute Cloud): First, allocate IPv6 CIDR blocks and revise security group rules to include IPv6 addresses. The next step is launching EC2 instances in dual-stack mode, which supports both IPv4 and IPv6, then ensuring your applications are compatible with the new protocol.
  2. ALB (Application Load Balancer): To bring your Application Load Balancer into the IPv6, enable dual-stack IP addresses. Subsequently, update your target groups and security settings to manage IPv6 traffic. Don't forget to check that your backend systems can work with IPv6 as well. 
  3. ECS (Elastic Container Service): For ECS, the transition involves both the ECS cluster and its underlying network infrastructure. Assign IPv6 blocks to your VPCs and subnets, and update the ECS task definitions to accept IPv6 addresses. This ensures that your containerized applications are IPv6-ready.
  4. EKS (Elastic Kubernetes Service): Transitioning EKS to IPv6 focuses on the Kubernetes cluster’s network configuration. Start by assigning IPv6 CIDR blocks to relevant VPCs and subnets. Update your Kubernetes pods and services to be IPv6-compatible, which includes adjusting CNI IPv6 plugins and network policies accordingly.

Efficiently configuring IPv6 capabilities is paramount. In dual-stack interfaces, establish distinct security rules for IPv4 and IPv6. If your organization requires it, you can also centralize outbound traffic for dual stack VPCs. Explicitly configure SDKs and CLI tools for IPv6 where necessary, ensuring a seamless operational experience in the environment.

The transition to IPv6 transcends technical requirements, representing a strategic step towards a resilient, globally interconnected digital infrastructure. Embracing IPv6 across AWS services is more than just an upgrade; it's a commitment to future-readiness in an expanding internet landscape. This shift is essential to meet the demands of our connected world, offering heightened efficiency and security.

Considering Business Continuity

Navigating the dynamic AWS ecosystem can be intricate. Think beyond technology. Consider how these changes can impact your business. What if your crucial services don’t support IPv6? It’s a conversation worth having, rethinking strategies to avoid surprises when checking the AWS bill at the beginning of March 2024.

Would you like expert support with preparing your networking infrastructure for a shift to IPv6? Caylent’s engineers have vast experience in helping organizations ensure their networking infrastructure meets the highest standards of performance, efficiency and reliability. Get in touch to find out how we can help! 

Networking
Leticia Albuquerque

Leticia Albuquerque

As a Cloud Architect at Caylent with 9 years of experience in technology, Leticia has been immersed in the world of AWS since 2018, holding 7 certifications on the platform. Passionate about cloud architecture, she bring deep experience to imagine and implement impactful solutions for clients from a plethora of industries. In addition to technology, she is also a gaming enthusiast and finds joy in outdoor adventures with her husband and children.

View Leticia's articles
Mark Olson

Mark Olson

Mark Olson, Caylent's Portfolio CTO, is passionate about helping clients transform and leverage AWS services to accelerate their objectives. He applies curiosity and a systems thinking mindset to find the optimal balance among technical and business requirements and constraints. His 20+ years of experience spans team leadership, technical sales, consulting, product development, cloud adoption, cloud native development, and enterprise-wide as well as line of business solution architecture and software development from Fortune 500s to startups. He recharges outdoors - you might find him and his wife climbing a rock, backpacking, hiking, or riding a bike up a road or down a mountain.

View Mark's articles

Accelerate your cloud native journey

Leveraging our deep experience and patterns

Get in touch

Related Blog Posts

re:Invent 2023 Networking Session Summaries

Get up to speed on all the networking focused 300 and 400 level sessions from re:Invent 2023!

AWS Announcements
Networking

Network Infrastructure & Observability on AWS

Learn how the AWS cloud transforms networking infrastructure deployment velocity & flexibility while improving management and observability compared to on-premises deployments.

Networking
Infrastructure & DevOps Modernization
Observability

Modernizing Networking on AWS

The AWS Cloud offers powerful networking capabilities for those migrating from on-premise environments. Learn how you should transform technology and people as you modernize your networking architecture on the cloud.

Networking
Infrastructure & DevOps Modernization