I’m thrilled to share the news about the general availability of IPv6 support for Azure Application Gateway (v2), a development I’ve been eagerly anticipating as a big fan of leveraging the gateway for load balancing and as a central point for network ingress and egress. See my other blog about front door and gateway here.
The internet is growing by leaps and bounds, and the rollout of IPv6 support introduces a myriad of advantages that resonate deeply with my interests, especially considering the vast address space and the enhancements to routing efficiency it offers. Seeing multiple telecom providers enabling IPv6 for organization and particular usages.
This update is particularly exciting for someone like me, who relies on Azure Application Gateway for orchestrating network traffic efficiently. The introduction of IPv6 is a game-changer, especially when faced with the limitations of IPv4 address exhaustion. It’s not just about having more IP addresses; it’s about the streamlined network management and improved performance for applications that are critical in today’s digital landscape.
Being able to support IPv6 clients directly through Azure Application Gateway not only future-proofs our network infrastructure but also ensures that we can continue to provide seamless, high-quality services without worrying about running out of IP addresses. This is a significant stride towards embracing the next generation of internet protocol, and I’m looking forward to integrating IPv6 into my load balancing and network management practices with Azure Application Gateway.
Getting Started with IPv6 on Azure Application Gateway
To leverage IPv6 with Azure Application Gateway (v2), you simply need to create a new Application Gateway and select both IPv4 and IPv6 frontends during the setup process. This feature supports dual-stack (IPv4 and IPv6) frontend connections, allowing your applications to be more accessible and versatile. However, it’s important to note that you cannot upgrade existing IPv4-only Application Gateways to dual-stack. Additionally, backend IPv6 addresses are not yet supported.
Creating an IPv6 Azure Application Gateway: A Quick Guide
Creating an IPv6-compatible Application Gateway involves a few steps in the Azure portal:
- Set Up a Dual-Stack Network: Your first step is to create or select a dual-stack VNet, which has subnets for both IPv4 and IPv6. Azure VNets already offer dual-stack capabilities, simplifying the process.
- Create the Application Gateway: Navigate through the Azure portal to create a new Application Gateway, ensuring to select “Dual stack (IPv4 & IPv6)” for the IP address type. This setup involves configuring a virtual network, adding frontend IP addresses (IPv4 and IPv6), and creating a backend pool with virtual machines for testing.
- Test Your Setup: Once your Application Gateway is configured, testing is crucial to ensure everything works as expected. Assign DNS names to your IPv6 address for easier testing and verify connectivity through your browser.
For the code and automation geeks the Bicep Template module;
resource vnet 'Microsoft.Network/virtualNetworks@2021-02-01' = {
name: 'myVNet'
location: 'eastus'
properties: {
addressSpace: {
addressPrefixes: [
'10.0.0.0/16'
'ace:cab:deca::/48'
]
}
subnets: [
{
name: 'myAGSubnet'
properties: {
addressPrefix: '10.0.0.0/24'
addressPrefixes: [
'10.0.0.0/24'
'ace:cab:deca::/64'
]
}
}
]
}
}
resource publicIP 'Microsoft.Network/publicIPAddresses@2020-07-01' = {
name: 'myPublicIP'
location: 'eastus'
properties: {
publicIPAllocationMethod: 'Static'
publicIPAddressVersion: 'IPv4'
}
sku: {
name: 'Standard'
}
}
resource publicIPv6 'Microsoft.Network/publicIPAddresses@2020-07-01' = {
name: 'myPublicIPv6'
location: 'eastus'
properties: {
publicIPAllocationMethod: 'Static'
publicIPAddressVersion: 'IPv6'
}
sku: {
name: 'Standard'
}
}
resource applicationGateway 'Microsoft.Network/applicationGateways@2020-06-01' = {
name: 'myAppGateway'
location: 'eastus'
properties: {
sku: {
name: 'Standard_v2'
tier: 'Standard_v2'
}
gatewayIPConfigurations: [
{
name: 'appGatewayIpConfig'
properties: {
subnet: {
id: vnet.properties.subnets[0].id
}
}
}
]
frontendIPConfigurations: [
{
name: 'appGatewayFrontendIp'
properties: {
publicIPAddress: {
id: publicIP.id
}
}
}
{
name: 'appGatewayFrontendIpv6'
properties: {
publicIPAddress: {
id: publicIPv6.id
}
}
}
]
frontendPorts: [
{
name: 'appGatewayFrontendPort'
properties: {
port: 80
}
}
]
backendAddressPools: [
{
name: 'appGatewayBackendPool'
properties: {
backendAddresses: []
}
}
]
httpListeners: [
{
name: 'appGatewayHttpListener'
properties: {
frontendIPConfiguration: {
id: applicationGateway.properties.frontendIPConfigurations[0].id
}
frontendPort: {
id: applicationGateway.properties.frontendPorts[0].id
}
protocol: 'Http'
}
}
]
requestRoutingRules: [
{
name: 'rule1'
properties: {
ruleType: 'Basic'
httpListener: {
id: applicationGateway.properties.httpListeners[0].id
}
backendAddressPool: {
id: applicationGateway.properties.backendAddressPools[0].id
}
backendHttpSettings: {
id: applicationGateway.properties.backendHttpSettingsCollection[0].id
}
}
}
]
backendHttpSettingsCollection: [
{
name: 'appGatewayBackendHttpSettings'
properties: {
port: 80
protocol: 'Http'
}
}
]
}
}
output applicationGatewayId string = applicationGateway.id
Limitations and Considerations
While IPv6 support for Azure Application Gateway marks a significant milestone, there are a few limitations to be aware of:
- Only the v2 SKU supports dual-stack frontends.
- Backend IPv6 addresses and IPv6-only Application Gateways are currently not supported.
- Certain features like WAF rules apply only to IPv4 traffic at this time.
Why IPv6 Matters
The transition to IPv6 is more than just an upgrade; it’s a necessity for the future of the internet. With its virtually limitless address space, IPv6 addresses the exhaustion of IPv4 addresses and introduces improvements in routing and network autoconfiguration. For businesses, this means being able to support a growing number of devices and users worldwide without the constraints and complications of IPv4. Read more about IPv6 in my previous gateway IPv6 support here.
Final Thoughts
Azure’s support for IPv6 in Application Gateway is a step forward in making modern applications more accessible and future-proof. While there are limitations, the potential for growth and improvement is significant. As more services and devices move to support IPv6, being prepared with dual-stack capabilities will ensure your applications remain reachable and resilient.
For those looking to dive deeper into the setup and capabilities of IPv6 support in Azure Application Gateway, the Azure documentation provides comprehensive guides and resources, found here.
