The state of AWS IPv6 and IPv4 in January 2024

The state of AWS IPv6 and IPv4 in January 2024
Page content

From 1st February AWS will introduce a charge for every Public IPv4 address used, but how is AWS tracking with using IPv6 IP Addresses themselves? Lets take a look at how far IPv6 is used for AWS Services.


Overview

I have been using dual stack IPv4/IPv6 IP addressing on my home network for around 9 years now. My ISP had enabled this feature when I could obtain a new firewall that supported dual-stack I enabled it to see what it was all about. At this time, IPv6 was quite hit and miss, with not many sites supporting it or having misconfigured routers themselves where it seemed DNS would resolve IPv6 addresses that were not reachable, and the site would either not load or fall back to IPv4 depending on the error.

Home Network - Approx 2015

Around 2022/2023, I noticed that these bugs had been worked out, and IPv6 was stable enough to leave enabled all the time without impacting your browsing experience.

So it seems now is the right time to seriously think about enabling IPv6 on your website, home network, and test lab to ensure any new applications are being architected with dual-stack in mind. But what is the incentive to use IPv6? I mean, it’s just doubling the complexity of deployments, as you still need to support the high number of internet users who only have IPv4 at home, at work, and on their mobile devices.

Until now!


AWS and the history of IPv6

Since the first World IPv6 Day in June 2011, announcements of AWS services supporting IPv6 have been made gradually, with I believe the first service to support IPv6 being what is now known as Classic Load Balancers in May 2011 in limited regions (Elastic Load Balancing – IPv6, Zone Apex Support, Additional Security)

This then expanded to Amazon S3 (Now Available – IPv6 Support for Amazon S3), with CloudFront and EC2 some 5 years later in 2016.

There was then another approximately 5 year gap to the next new service supporting IPv6 being EKS, along with IPAM, PrivateLink, RDS, Global Accelerator and Gateway Load Balancer in 2022.

Since 2022 there has only been minor additions to services supporting IPv6, however in July of 2023, AWS announces that all IPV4 addresses will now be charged an hourly rate from 1st February 2024. Obviously this is to try to reduce the number of wasted IPv4 addresses, proving we may finally be seriously running out of IPv4 addresses.

In 2023 AWS Supported World IPv6 day for I believe the first time, showing they are now thinking seriously about IPv6 usage. (Get ready for AWS IPv6 day)

World IPv6 Day Logo


AWS Charging for IPv4 Addresses

Previously AWS would only charge for unallocated EIPs (Elastic IP Addresses). Any address that was in use on an EC2 instance was free of charge. This also goes for IPv4 addresses on ALBs and NLBs. With many applications published across a number of ALBs and AZs, this could add up to dozens of IPv4 addresses very quickly. At no cost, there was really no incentive to architect your deployments to share IPv4 addresses.

In July 2023, just a mere 7 weeks after World IPv6 Day, AWS announced their will start charging for IPv4 addresses (New – AWS Public IPv4 Address Charge + Public IP Insights)

This will mean a typical charge of around $3.60 USD per month for a single IPv4 address. Whilst not significany in itself, by the time you add up Gateways, proxies, Load balancers, and other potential services, you could easily have 20-30+ addresses just for a relatively simple AWS use case. That’s an extra $1000 USD/year for what you already have.


AWS’s IPv6 usage

So with this announcement, we know most AWS services support IPv6, so the AWS console would also be benefiting from these too right? It seems maybe not.

We first take a look at the main AWS Website, it seems some of the static content is delivered over IPv6, but the rest of the site is still running on IPv4

AWS Website

Looking at the AWS console authentication page. We can see two of the 4 destinations are using IPv6, with it appears region specific endpoints only using IPv4 (in this case Sydney).

AWS Console Authentication

Once logged in, the use of IPv6 seems even worse, with only a single endpoint showing as having an IPv6 endpoint. It seems AWS, like most businesses still have a significant amount of work to do to support IPv6 in 2024.

AWS Console


Conclusion

It would be great to see more uptake of IPv6 addressing by AWS and leading by example for the community in running in dual stack mode. From my experience there are still a significant number of engineers, architects and end users that haven’t needed or wanted to get involved with IPv6. If AWS could provide more examples, everyone could benefit from learning how IPv6 works before we are unable to assign IPv4 addresses at all, or they become cost prohibitive for testing and home lab work.

If you are interested in the Plugin I have used to see the IPv4/IPv6 usage, add IPvFoo to your browser: IPvFoo

Lets see how IPv6 progresses in 2024!