By Scott Hogg
As enterprises rely more on cloud, colocation and hosting providers, they should check whether their services support IPv6, which can provide better experiences for their customers, partners, suppliers, vendors and employees.
Here is a look at how three top infrastructure-as-a-service (IaaS) providers – Amazon Web Services, Microsoft Azure and Google Cloud Platform – stack up for IPv6. There are other IPv6-capable public cloud service providers, but we mention these three to show that there is a broad spectrum of IPv6 capabilities even among the behemoth public clouds.
That’s followed by why enterprises should pay attention to these capabilities when choosing providers.
Amazon Web Services
AWS has numerous IPv6 capabilities in its public cloud IaaS service offerings. It offers IPv4/IPv6 web-tier application load balancer and CloudFront distributions with an IPv6-capable web-application firewall.
AWS automatically IPv6-enables Simple Storage Service object-storage services. AWS Virtual Private Cloud virtual (VPC) networks are IPv6-capable and the Elastic Compute Cloud instances in those virtual networks can use DHCPv6 to obtain their IPv6 address. IPv6 works for VPC routing, network access control lists, security groups, and VPC flow logs. AWS allows IPv6 external connectivity to VPCs with Direct Connect and Transit Gateway. AWS uses IPv6 on its public DNS service Route 53, AWS WorkSpaces, API Gateway, and its IoT services.
Microsoft is working to offer more IPv6 services. Azure virtual machines can utilize IPv6, the basic and standard IPv6 Public Load Balancer works with IPv6 health checks (probes), and Azure Front Door Services are IPv6-capable.
Azure offers a public preview of IPv6-enabled VNets virtual networking infrastructure. It offers IPv6 Network Security Group policies, flow logs, packet capture, and IPv6 user-defined routes. Azure DNS supports AAAA records. The Azure portal can be used to configure for IPv6 settings, and PowerShell and Azure command line interface both have IPv6 capabilities.
Google Cloud Platform
Google lags behind the others with the only Google Cloud Platform service that is IPv6-capable being a public-facing load balancer.
Why choose IPv6-capable providers?
Enterprises should IPv6-enable their hosted applications in order to provide the best performance to network users accessing the network on IPv6 devices, and the best way to find out whether providers support IPv6 is to ask. There are many reasons providers might have that capability but don’t advertise it or they might not turn it on by default. Or it may be turned on, and you just didn’t realize it.
For example, a hosted application could already have a globally reachable IPv6 address, but you didn’t recognize that the long hexadecimal number you see is an IPv6 address, which looks very different from an IPv4 address. In such a case, to take advantage the capability, you simply need to enter the IPv6 address into the DNS, creating an AAAA resource record for the fully qualified domain name, and that will allow clients to initiate connections to your Web application over IPv6.
It is also feasible that your colocation or hosting provider is already IPv6 capable but forgot to tell you or may have IPv6 capability, but you need to ask for it to be turned on.
Knowing whether a provider can turn on IPv6 support is important because when an enterprise decides it needs to enable that support, the transition becomes that much easier.
It would be disappointing to discover that a service provider has not yet implemented IPv6 at all. That would be a huge red warning flag that the service provider is not innovative when it comes to network technology. If the provider isn’t offering IPv6 services at this stage, it calls into question its prioritization of innovation and whether it is falling behind the competition in other areas.
This situation really puts the enterprise into a bind if they may need IPv6 capabilities sooner rather than later because the enterprise’s ability to enable IPv6 is based on the IPv6 deployment schedule of the provider.
Each enterprise is different and has a different motivation for enabling IPv6 on their public-facing applications and services. IPv6 deployment is an inevitable technology as there is no other alternative to the IPv4 address exhaustion problem. Given that IPv6 is an eventuality for enterprises, they should start to plan for the deployment and assess the constraints to their deployment schedules.
Enterprises should ask providers what services they offer with IPv6 to determine where they stand and what options they have. Maybe companies don’t need IPv6 internet reachability immediately, but they still need to know what the vendors’ IPv6 roadmaps look like. Only then can enterprises start to plan for the implementation of IPv6.
This story, “Why your providers should support IPv6” was originally published by
Scott Hogg is a co-founder of HexaBuild.io, an IPv6 consulting and training firm, and has over 25 years of cloud, networking and security experience.
Copyright © 2019 IDG Communications, Inc.