IPv6 in VPC

Learn IPv6 address space, its importance, and features.

We'll cover the following

Why IPv6?
IPv4 vs. IPv6
Setting up IPv6 for a VPC
Egress-only internet gateway

IPv6 is a successor of IPv4 that has a very large space of public IP addresses. We can enable IPv6 for our VPC and subnets initially enabled for IPv4 only. This way, our VPC will operate in dual-stack mode. IPv4 and IPv6 traffic flows without interacting, and the resources can communicate with each by using either IPv4 or IPv6 or both.

Why IPv6?

IPv4 address space is limited by its design and is getting exhausted quickly. With the increase in the usage of internet devices, it is impossible to meet the requirement of assigning IPv4 address to every device. Therefore, we must shift to the IPv6 addressing scheme to avoid running out of IPv4 addresses.

IPv4 vs. IPv6

IPv6 is quite different from IPv4 in design and working aspects. Let’s see some of their main differences in the table below:

IPv4	IPv6
IPv4 is 32 bits long and makes a maximum of 4.3 billion addresses.	IPv6 is 128 bits long and has a pool of 2^{128} IP addresses.
It consists of 4 blocks separated by a dot (.)	It consists of 8 blocks separated by colon. The higher 64 bits present the network part, and the lower 64 bits present the nodes.
It is a dotted-decimal representation	It is a hexadecimal representation
IPv4 supports both private and public addresses	IPv6 supports only public addresses and is internet-routable.
Accesses the internet using the internet gateway	Also uses the internet gateway to access the internet and support egress traffic only with the help of an egress-only internet gateway
Supports elastic interfaces (EIFs)	Does not support because IPv6 is static by default

Press + to interact

Setting up IPv6 for a VPC

To set up a VPC with an IPv6 address, we need to have a VPC with an IPv4 CIDR block. Then, we enable the IPv6 by allocating a CIDR block. If we have subnets in our VPC then we can create our IPv6 CIDR block for subnets within the range of VPC CIDR block. Once we enable IPv6 on the VPC, we must update the security groups accordingly.

Egress-only internet gateway

This is used only for IPv6 traffic to allow outbound traffic only. It works like a NAT gateway but is used only in IPv6 cases. Allows our private instances to initiate a connection to the internet but doesn’t allow the internet to initiate an IPv6 connection to the instances.

Press + to interact

Get hands-on with 1300+ tech skills courses.

Introduction

AWS Fundamentals

Understanding Cloud Computing Essentials— From Zero to Hero

Identity and Access Management

Securing AWS Resources: Managing Access with IAM

AWS IAM Permission Boundaries

Using AWS IAM Access Analyzer

Compute Services

Understanding AWS Compute Services — From Zero to Hero

Amazon EC2: Elastic Compute Cloud

Working with Instances: An Amazon EC2 Walkthrough

Managing Instance Volumes Using EBS

Networking

Understanding Networking Services in AWS—From Zero to Hero

Controlling VPC Traffic Using Network ACLs

Managing Peer Connections between Amazon Virtual Private Clouds

Accessing AWS Services over AWS PrivateLink Using VPC Endpoints

Monitoring IP Traffic Using VPC Flow Logs

Route 53

Serverless Computing

Getting to Know AWS Lambda

Building and Deploying Serverless Applications with AWS SAM

Developing RESTful Microservices with API Gateway and DynamoDB

Building a WebSocket-Based Chat Application Using API Gateway

Mastering AWS AppSync Lambda Resolvers

Application Integration

Getting Started with Amazon Simple Queue Service (SQS)

Handling Amazon SNS Notifications with AWS Lambda

Build a Fanout Serverless Architecture using SNS, SQS, and Lambda

Decoupling Serverless Applications with Amazon EventBridge

Getting Started with AWS Step Functions

Containers

Getting Started with Amazon ECS

Create an EKS Cluster and Deploy an Application

High Availability and Scalability

Managing Application Traffic Using Elastic Load Balancers

Understanding Auto Scaling Group (ASG) in AWS

Mastering Amazon EC2 Dynamic Scaling Policies

Storage

Understanding AWS Storage Options—From Zero to Hero

Simple Storage Service (S3)

Working with AWS S3 Cross-Region Replication

Resizing Images with S3 Batch Operations and AWS Lambda

Managing Data Access with Amazon S3 Access Points

File Storage and Transfer

Getting Started with Amazon FSx for Windows File Server

Databases

Working with Relational Databases: A Beginner's Guide to AWS RDS

Getting Started with Amazon Aurora Database Engine

Working with NoSQL Databases: A Beginner's Guide to AWS DynamoDB

Exploring Graphs with Amazon Neptune

Getting Started with Amazon Keyspaces

Achieving Ultra-Fast Performance Using Amazon MemoryDB for Redis

Improving Database Performance with Amazon ElastiCache for Redis

Migration and Transfer

Use of AWS Database Migration Service from Aurora MySQL to S3

Security and Compliance

Getting Started with AWS Key Management Service (KMS)

Encrypting S3 Buckets and EBS Volumes Using KMS

Protecting Web Applications Using AWS WAF

Managing Aurora DB Credentials and API Keys Using Secrets Manager

Finding Vulnerabilities on EC2 Instances Using AWS Inspector

Deployment Services

Mastering AWS Deployment Services—From Zero to Hero

CloudFormation

Getting to Know AWS CloudFormation

AWS CloudFormation Updates: Change Sets and Stack Policies

Mastering AWS CloudFormation Helper Scripts

Machine Learning

Understanding Machine Learning Services on AWS—From Zero to Hero

Deploying a Machine Learning Model with Amazon SageMaker

Getting Started with Amazon Fraud Detector

Build an Educative Chatbot with Conversational AI Using AWS Lex

Content Delivery and Optimization

Analytics

Analyzing S3 Data and CloudTrail Logs Using Amazon Athena

Getting Started with Amazon EMR

Getting Started with Amazon Redshift

Building ETL Pipelines on AWS

Create a Data Lake with Lake Formation and Analyze It with Athena