Skip to content
By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post
About re:Post

AWS Global Accelerator IPv6

0

We are using a private APN SIM installed in an IoT device. The MPLS network from the telecom provider is terminated in AWS using AWS Direct Connect. Previously, our application was communicating directly with an EC2 instance using its IPv6 address, and the setup was functioning correctly.

However, we are now scaling the application across multiple servers and deploying EC2 instances in two different AWS regions. To simplify connectivity, we want to use a single static IP address for communication from the IoT devices to the backend application.

For this purpose, we attempted to use AWS Global Accelerator so that the IoT devices can communicate with the application using the Global Accelerator public IP. However, when we try to access the Global Accelerator IP from the device using the private APN SIM, both telnet and traceroute fail, and the connection cannot be established.

We would like to understand whether Global Accelerator IPs are reachable over a private APN/MPLS network connected via AWS Direct Connect, and if there are any additional routing or configuration requirements needed to enable this communication.

Topics
Networking & Content Delivery
Tags
AWS Global AcceleratorAWS Direct ConnectIPv6
Language
English
asked 2 months ago117 views
2 Answers
0
Accepted Answer

Based on how AWS Global Accelerator works, there are important considerations for your use case. Global Accelerator provides static IP addresses that are anycast from the AWS edge network - specifically, two static IPv4 addresses for IPv4 configurations, or four total addresses (two IPv4 and two IPv6) for dual-stack configurations.

The key challenge with your setup is that Global Accelerator's static IP addresses are designed to accept incoming traffic onto the AWS global network from edge locations that are closest to users on the public internet. The service is optimized to route traffic through the AWS global network to improve performance and availability by maximizing the time traffic stays on AWS's network.

However, when using a private APN/MPLS network connected via AWS Direct Connect, your traffic is already on a private network path that doesn't traverse the public internet or AWS edge locations in the same way. Global Accelerator's anycast addresses are announced from AWS edge network locations, which are part of the public internet infrastructure, not the private Direct Connect connection.

For your architecture where you need a single static IP address to route to multiple EC2 instances across regions over a private network connection, you may need to consider alternative approaches. One option would be to use Elastic IP addresses with your EC2 instances or load balancers within your VPC, and manage routing through your Direct Connect connection. You could also explore using Network Load Balancers or Application Load Balancers in each region with static IP addressing, and implement DNS-based routing or your own traffic management logic at the application layer.

The fundamental issue is that Global Accelerator is designed for public internet traffic routing through AWS edge locations, which doesn't align with private APN/MPLS connectivity patterns through Direct Connect.
Sources
AWS Global Accelerator components - AWS Global Accelerator
How AWS Global Accelerator works - AWS Global Accelerator

answered 2 months ago
AWS
EXPERT
reviewed 2 months ago
0

But we cannot assign the Same IPv6 on two different EC2 instances deployed in two regions. Also we have no option of Elastic IPv6 in AWS

answered 2 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Relevant content