Amazon announced two new capabilities for Amazon Virtual Private Cloud (VPC) Nat gateway and Amazon Route 53. These new capabilities will allow IPv6-only workloads to transparently communicate with IPv4-only services.
Amazon announced these capabilities as a response to the difficulty that companies were having with letting workloads continue to communicate with IPv4 services and to make calls to older APIs or just as a transient design, while they are migrating multiple dependent workloads from IPv4 to IPv6.
Not having the ability to call an IPv4 service from IPv6 hosts makes migrations slower and more difficult than it needs to be and has required some organizations to build custom solutions that are hard to maintain, according to Amazon.
Now, users can turn on DNS64 for their subnet. The DNS resolver first checks if the record contains an IPv6 address. If it does, the IPv6 address is returned. The IPv6 host can connect to the service using just IPv6. When the record only contains an IPv4 address, the Route 53 resolver synthesizes an IPv6 address by prepending the well-known ‘64:ff9b::/96’ prefix to the IPv4 address.
To enable these two capabilities, users have to adjust two configurations. They must flag the subnets that require DNS64 translation, and second, add a route to the IPv6 subnet routing table to send part of the IPv6 traffic to the NAT gateway.
The two new capabilities are available in all AWS Regions at no extra cost. Additional details are available here.