Understanding the basics of IPv6

© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.

Understanding the basics of IPv6 networking on AWS

Shakeel Ahmad

N E T 2 0 7 - R

Solutions Architect

Amazon Web Services

Agenda

Why IPv6

Brief overview of the IPv6 protocol

IPv6 in Amazon VPC

IPv4 to IPv6 migration patterns

Hands-on with IPv6 on AWS

IPv4 exhaustion

IPv4 vs IPv6 address size

IPv4: 32-bit / 4,294,967,296 addresses (~4.3 x 109)

11000000 00000000 00000010 00000001

IPv6: 128-bit / 340,282,366,920,938,463,463,374,607,431,768,211,456 addresses (~3.4 x 1038)

0010000000000001 0000110110111000 0000111011000010 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001

IPv4 vs IPv6 address types

IPv4: Address types

1. Unicast

2. Broadcast

3. Multicast

IPv6: Address types

1. Unicast

2. Multicast

3. Anycast

IPv4 vs IPv6 address format

IPv4: Dotted Decimal Notation + CIDR

192.168.0.1/24 127.0.0.1

IPv6: Colon-Separated Hextet Notation + CIDR

2001:0db8:0ec2:0000:0000:0000:0000:0001/64 0000:0000:0000:0000:0000:0000:0000:0001

2001:db8:ec2:0:0:0:0:1/64 0:0:0:0:0:0:0:1

2001:db8:ec2::1/64 ::1

Public Subnet

Amazon VPC—dual-stack

VPC

Instance

IPv4:

IPv6:

Internet

gateway

Amazon VPC—private subnet? NAT?

VPC

Instance

IPv4:

IPv6:

Egress-only

internet gateway

X

Private subnet

Public Subnet

Amazon VPC—IPv6 routing and more . . .VPC

Instance

IPv4:

IPv6:

Internet

gateway

Target Status

2001:db8:ec2:/56 local Active

::/0 IGW Active

VPC

Instance

IPv4:

IPv6:

Egress-only

internet gateway

X

Private subnet

Target Status

2001:db8:ec2:/56 local Active

::/0 EIGW Active

Amazon VPC—NACLs, security groups . . .

Migrating to IPv6

• Step 1: Associate an IPv6 CIDR block to your VPC & subnets

• Step 2: Update your route tables

• Step 3: Update your security group rules

• Step 4: Change your instance type (if required)

• Step 5: Assign IPv6 to your instances

• Step 6: Configure IPv6 on your instances (if required)

• Step 7: Turn on IPv6 on Application Load Balancer (dual stack)

Dual-stack

IPv4

Address

IPv6

Address

Amazon VPC—migration patterns

VPC

Availability Zone 1 Availability Zone 2

Auto Scaling group

Instance Instance

Application Load Balancer

DNS name: nameme-xyz.us-east-1.elb.amazonaws.comIP address type: ipv4

Internet gateway

ipv4

Amazon VPC—migration patterns

VPC

Availability Zone 1 Availability Zone 2

Auto Scaling group

Instance Instance

Application Load Balancer

DNS Name: nameme-xyz.us-east-1.elb.amazonaws.com

IP address type: dual-stack

Internet gateway

ipv4

172.31.0.100/20 172.31.16.100/20

Dual-stack user/dual-stack website

IPv4internet

IPv6internet

www.ipv6.org

DNS

www.ipv6.org

194.63.248.52 (A)2a01:5b40:0:248::52 (AAAA)

http://www.ipv6.org/

Details

• Use your own account (AWS credits available)

• Use either AWS Management Console or AWS CLI (or both)

• Ask questions as you go along

https://bit.ly/AWSIPv6Workshop


Free digital courses cover topics related to networking and content delivery, including Introduction to Amazon CloudFront and Introduction to Amazon VPC

Visit aws.amazon.com/training/paths-specialty

Validate expertise with the AWS Certified Advanced Networking - Specialty exam

Learn networking with AWS Training and CertificationResources created by the experts at AWS to help you build and validate networking skills

Thank you!


Shakeel Ahmad

[email protected]

Understanding the basics of IPv6

Documents

Transcript of Understanding the basics of IPv6