nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: AWS Elastic IP architecture

From: Blair Trosper <blair.trosper () gmail com>
Date: Sun, 31 May 2015 13:36:17 -0500
AWS built their network first...before IPv6 "popped", so you can appreciate
the huge task
they have of retrofitting all their products to support it.

I don't envy the task, but they have said publicly and privately that it's
a priority.  But it's
also a massive undertaking, and you can't expect them to snap their fingers
and turn it
out over a weekend, man...

The prize of being first cuts both ways when newer technologies at lower
network levels
start taking off and you don't have support built in to something
proprietary.

Would it be great if they had it faster?  Obviously yes.
Are they working on it as a priority?  Yes.
Can they go any faster?  Probably.
Are there other choices for cloud providers that are full dual stack if
this really is a
live or die issue for you?  Yes.

Access to dual-stack isn't a fundamental human right.  If you don't like
what AWS is doing,
then use someone else who has dualstack.

I don't get the outrage...and it's so irrational, that you've caused me to
actually *defend* AWS.

bt


On Sun, May 31, 2015 at 1:29 PM, Matthew Kaufman <matthew () matthew at> wrote:


Since your network has IPv6, I fail to see the issue.

Nobody is anywhere near being able to go single-stack on IPv6, so AWS is
just another network your customers will continue to reach over v4. So what?

Heck, if v6 support from a cloud hosting company is so important, I see a
great business opportunity in your future.

Matthew Kaufman

(Sent from my iPhone)


On May 31, 2015, at 10:57 AM, Owen DeLong <owen () delong com> wrote:

Sigh…

IPv6 has huge utility.

AWS’ implementation of IPv6 is brain-dead and mostly useless for most

applications.


I think if you will review my track record over the last 5+ years, you

will plainly see that I am fully aware of the utility and need for IPv6.


http://lmgtfy.com?q=owen+delong+ipv6 <

http://lmgtfy.com/?q=owen+delong+ipv6>


My network (AS1734) is fully dual-stacked, unlike AWS.

If AWS is so convinced of the utility of IPv6, why do they continue to

refuse to do a real implementation that provides IPv6 capabilities to users
of their current architecture.


Currently, on AWS, the only IPv6 is via ELB for classic EC2 hosts. You

cannot put a native IPv6 address on an AWS virtual server at all (EC2 or
VPC). Unless your application is satisfied by running an IPv4-only web
server which has an IPv6 VIP proxy in front of it with some extra headers
added by the proxy to help you parse out the actual source address of the
connection, then your application cannot use IPv6 on AWS.


As such, I stand by my statement that there is effectively no meaningful

support for IPv6 in AWS, period.


AWS may disagree and think that ELB for classic EC2 is somehow

meaningful, but their lack of other support for any of their modern
architectures and the fact that they are in the process of phasing out
classic EC2 makes me think that’s a pretty hard case to make.


Owen


On May 31, 2015, at 9:01 AM, Blair Trosper <blair.trosper () gmail com>

wrote:


Disagree, and so does AWS.  IPv6 has a huge utility:  being a

universal, inter-region management network (a network that unites traffic
between regions on public and private netblocks).   Plus, at least the CDN
and ELBs should be dual-stack, since more and more ISPs are turning on IPv6.


On Sun, May 31, 2015 at 8:40 AM, Owen DeLong <owen () delong com <mailto:

owen () delong com>> wrote:

I wasn’t being specific about VPC vs. Classic.

The support for IPv6 in Classic is extremely limited and basically

useless for 99+% of applications.


I would argue that there is, therefore, effectively no meaningful

support for IPv6 in AWS, period.


What you describe below seems to me that it would only make the

situation I described worse, not better in the VPC world.


Owen


On May 31, 2015, at 4:23 AM, Andras Toth <diosbejgli () gmail com

<mailto:diosbejgli () gmail com>> wrote:


Congratulations for missing the point Matt, when I sent my email
(which by the way went for moderation) there wasn't a discussion about
Classic vs VPC yet. The discussion was "no ipv6 in AWS" which is not
true as I mentioned in my previous email. I did not state it works
everywhere, but it does work.

In fact as Owen mentioned the following, I assumed he is talking about
Classic because this statement is only true there. In VPC you can
define your own IP subnets and it can overlap with other customers, so
basically everyone can have their own 10.0.0.0/24 <http://10.0.0.0/24>

for example.

"They are known to be running multiple copies of RFC-1918 in disparate
localities already. In terms of scale, modulo the nightmare that must
make of their management network and the fragility of what happens
when company A in datacenter A wants to talk to company A in
datacenter B and they both have the same 10-NET addresses"

Andras



On Sun, May 31, 2015 at 7:18 PM, Matt Palmer <mpalmer () hezmatt org

<mailto:mpalmer () hezmatt org>> wrote:

On Sun, May 31, 2015 at 01:38:05AM +1000, Andras Toth wrote:
Perhaps if that energy which was spent on raging, instead was spent

on

a Google search, then all those words would've been unnecessary.

Official documentation:


http://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGuide/elb-internet-facing-load-balancers.html#internet-facing-ip-addresses
<
http://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGuide/elb-internet-facing-load-balancers.html#internet-facing-ip-addresses




Congratulations, you've managed to find exactly the same info as Owen
already covered:

"Load balancers in a VPC support IPv4 addresses only."

and

"Load balancers in EC2-Classic support both IPv4 and IPv6 addresses."

- Matt
Previous By Date Next
Previous By Thread Next

Current thread: