By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post
About re:Post

CreateVpc for IPv6-Only VPC fails

0

I am trying to create an IPv6 Only VPC via the API/CLI and am getting the following error

$ aws ec2 create-vpc --ipv6-ipam-pool-id <ipam-pool-id> --ipv6-netmask-length 56
An error occurred (MissingParameter) when calling the CreateVpc operation: Either 'cidrBlock' or 'ipv4IpamPoolId' should be provided.

Additionally, if I add a cidr block (making it a dual-stack vpc) it immediately works

I believe this is a bug/regression? From what I can tell this is a service level bug that prevents users from creating IPv6 Only VPCs at all via programmatic access.

If there is any information that I am missing I'd love to be wrong and just need to add some additional field or resource before hand.

Topics
Networking & Content DeliveryManagement & Governance
Tags
Amazon VPCAWS Command Line InterfaceIPv6
Language
English
aRustyDev
asked 15 days ago31 views
2 Answers
0

Creating a VPC requires and IPv4 CIDR block to be specified. See here: https://docs.aws.amazon.com/vpc/latest/userguide/vpc-cidr-blocks.html#vpc-sizing-ipv4

IPv4 VPC CIDR blocks

When you create a VPC, you must specify an IPv4 CIDR block for the VPC. The allowed block size is between a /16 netmask (65,536 IP addresses) and /28 netmask (16 IP addresses). After you've created your VPC, you can associate additional IPv4 CIDR blocks with the VPC. For more information, see Add or remove a CIDR block from your VPC.

When you create a VPC, we recommend that you specify a CIDR block from the private IPv4 address ranges as specified in RFC 1918.

Once you have created the VPC, you can create IPv6 only subnets within it. Instances/interfaces within these subnets will not have IPv4 addresses assigned. See blog here: https://aws.amazon.com/blogs/networking-and-content-delivery/introducing-ipv6-only-subnets-and-ec2-instances/

Hope this helps.

profile pictureAWS
EXPERT
iBehr
answered 15 days ago
profile pictureAWS
EXPERT
Tushar_J
reviewed 15 days ago
-1

It appears that you are encountering an issue when trying to create an IPv6-only VPC using the AWS CLI. The error message suggests that the API is expecting either a 'cidrBlock' or 'ipv4IpamPoolId' parameter, which is not consistent with creating an IPv6-only VPC.

This does seem to be a potential bug or limitation in the current implementation of the CreateVpc API operation. Typically, for creating an IPv6-only VPC, you should not need to specify an IPv4 CIDR block.

As a workaround, you might try including a dummy IPv4 CIDR block in your command, even though you intend to create an IPv6-only VPC. For example:

aws ec2 create-vpc --cidr-block 10.0.0.0/16 --ipv6-ipam-pool-id <ipam-pool-id> --ipv6-netmask-length 56

After creating the VPC with this workaround, you may need to remove the IPv4 CIDR block association separately to achieve an IPv6-only VPC.

If this workaround doesn't resolve the issue, it would be advisable to contact AWS support to report this potential bug and get further assistance. They may be able to provide a more definitive solution or confirm if this is indeed a known issue with the API.
Sources
create-vpc — AWS CLI 2.27.3 Command Reference
Use CreateVpc with an AWS SDK or CLI - AWS SDK Code Examples

profile picture
re:Post Agent
answered 15 days ago
  • aRustyDev
    15 days ago

    The answer provided by the "AWS Generative AI capabilities" did not work.

    I tried creating a VPC as a dual stack and then modifying to a IPv6 only stack, but was unable to remove the IPv4 stack.

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content