- Newest
- Most votes
- Most comments
The solution depends on who initiates the communication. If the communication is initiated by an IPv6-only host to an IPv4-only, then you can use AWS native NAT64 with DNS64 capabilities. As you transition your workloads to IPv6 networks, they would continue to need access to IPv4 network and services. With NAT64 and DNS64, your IPv6 resources can communicate with IPv4 services within the same VPC or connected VPCs, your on-premises networks, or the Internet. More on that solution and how it can be implemented can be found in this blog post [1] or AWS documentation [2].
However, if the communication is initiated by an IPv4-only host to an IPv6-only, then you’d need to deploy a middle-box or a router of your choice to implement NAT46 or Tunneling – could be a simple Linux Instance or a third party router from AWS Market Place such as Cisco CSR1000v. You can refer to this link [3] for an example of how to implement a middle-box with NAT46.
Alternatively, If you have two applications running in IPv4 address stack and IPv6 address stack respectively. You can enable communication between these two application stacks by associating the applications to VPC lattice. The communications are supported bi-directional between IPv4 and IPv6. You can reference this blog which talks in good depth: https://aws.amazon.com/blogs/networking-and-content-delivery/accelerate-your-ipv6-adoption-on-aws-with-amazon-vpc-lattice/
[1] https://aws.amazon.com/blogs/aws/let-your-ipv6-only-workloads-connect-to-ipv4-services/ [2] https://docs.aws.amazon.com/vpc/latest/userguide/nat-gateway-nat64-dns64.html [3] https://www.cisco.com/c/en/us/support/docs/ip/network-address-translation-nat/217208-understanding-nat64-and-its-configuratio.html#anc16
Relevant content
- asked 2 years ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 4 months ago
Thanks for the insight, we'll explore these options and see what's best for us.