It's a cold and blustery day in the UK, but AWS decided it was a good time to announce its upcoming changes to how they'll charge for public IPv4 addresses come 1st Feb 2024, and I'm all for it.
I do not often celebrate a change that will increase customer bills, but this is a little different. We've been in a scarcity of public IPv4 addresses for over a decade. It's why in the late '90s, IPv6 was designed and implemented as the successor to IPv4, but to this day, IPv6 is still not implemented in many organisations or ISPs.
Historically, any unattached Elastic IPs would generate a charge for not being used, albeit small. This ensured that public IPv4 addresses allocated to customers were used due to the lack of availability. Many customers using AWS would default to IPv4 addresses for simplicity and a lack of understanding around IPv6; after all, IPv6 addresses are a lot longer & scarier, including a hexadecimal format and are difficult to remember. To that last point, this is what DNS is used for... utilise it.
About the scarcity of IPv4 addresses
IPv4 addresses are a scarce resource and have been for over a decade. When the internet was originally architected and slowly gained traction, it was taken by the public as more of a fad. Something that wasn't worth the public's time and investment. IPv4 was more than enough for the use of the public, surely! We would never run out of the protocol's 4 billion IP addresses!
![[Pasted image 20240917153300.png]]
Absolutely a fad...
Transport yourself a few years later, and the internet was a phenomenon. As the internet became more accessible & cheaper for users and phones implementing internet features, it quickly became obvious that the exhaustion of public IPv4 addresses was becoming a reality.
Vast pools of addresses were initially assigned to organisations and companies for the use of their devices. To this day, the likes of Apple, Ford and Mercedes still have assigned to them a /8 IPv4 block, meaning each of these organisations has a pool of 16.7 million public IPv4 addresses. Incredible to think about, right? Today, and for some time, you cannot purchase any IPv4 address space. The only way to obtain some IPv4 space is by purchasing from other organisations or in a secondary market. Still, with how subnetting works and operates, you must purchase a contiguous range instead of a single IP address.
As time went on, instead of implementing IPv6, we saw an increase in the use of NAT (Network address translation), where we would utilise a single or few IPv4 addresses on the edge of our networks to allow internet connectivity to users on your infrastructure (with RFC1918 addresses) instead of assigning each of your users a public IP address. Even ISPs utilise NAT (CGNAT, Carrier Grade NAT) for their hundreds of thousands of customers.
So why now?
We've been urged to ensure our infrastructure is compliant and operates with the IPv6 protocol for some time. But hey, when working in the cloud, it's easy to spin up a few instances and default to a public IPv4 address. Why would you want to implement IPv6 and complicate matters further? After all, we can do what we do with on-prem infrastructure. Create a private (RFC1918) IPV4 address space, allocate those addresses where required and NAT all the things. Just spin up your containers/ instances, shove a few private addresses here and there, create your routes to hit a NAT gateway and job done (claps hands).
IP address pools are operated and assigned by various authorities and registries. When you get assigned these pools of addresses, you, as a customer, must ensure you make good use of them or forfeit your right to use them. Put yourself in AWS, GCP or Azure's shoes for a moment. You're getting more and more customers signing up to use your cloud services, and these customers are just utilising more IPv4 addresses because "they can". Well, that's not making good use of that space. Basically, if AWS does not make good use of these addresses, they could forfeit their right to these addresses/ pools.
The likes of Google and Microsoft have been charging for their public (external) IPv4 addresses for some time now. The way it's charged is per hour. AWS is to follow suit now and do exactly the same thing. They are to start charging $0.005 come February 2024, which totals the shocking price of (breaks out calculator); $0.12 per day. Hardly a massive sum, but unless you're just giving all of your instances and containers public IP addresses, you should be fine.
Why are we celebrating this?
As noted above, the public IPv4 addresses' space exhaustion is real. We've already exhausted all addresses; they're assigned to different organisations. IPv6 is a protocol that has been made available for some time now, but many customers still turn away from it in fear. After all, when you first start to implement IPv6 in AWS, you quickly become aware your address is that of a public pool, so how would you restrict access from the outside > into your cloud environment? One of those options is the egress-only Internet Gateway. There are many ways to ensure your infrastructure is secure while utilising IPv6, but I think that is best suited to an entirely different post I'll look to put out soon.
IPv6 needs to be pushed more, and hopefully, highlighting the cost of IPv4 addresses will persuade more customers to utilise IPv6's vast address space of 340 trillion trillion trillion IP addresses.
Not sure where you're utilising IPv4 addresses or curious how much these changes will cost you? AWS has recently posted a new article advising how to aggregate this information and provide information on how to estimate these new charges here.t's a cold and blustery day in the UK, but AWS decided it was a good time to announce its upcoming changes to how they'll charge for public IPv4 addresses come 1st Feb 2024, and I'm all for it.
I do not often celebrate a change that will increase customer bills, but this is a little different. We've been in a scarcity of public IPv4 addresses for over a decade. It's why in the late '90s, IPv6 was designed and implemented as the successor to IPv4, but to this day, IPv6 is still not implemented in many organisations or ISPs.
Historically, any unattached Elastic IPs would generate a charge for not being used, albeit small. This ensured that public IPv4 addresses allocated to customers were used due to the lack of availability. Many customers using AWS would default to IPv4 addresses for simplicity and a lack of understanding around IPv6; after all, IPv6 addresses are a lot longer & scarier, including a hexadecimal format and are difficult to remember. To that last point, this is what DNS is used for... utilise it.
About the scarcity of IPv4 addresses
IPv4 addresses are a scarce resource and have been for over a decade. When the internet was originally architected and slowly gained traction, it was taken by the public as more of a fad. Something that wasn't worth the public's time and investment. IPv4 was more than enough for the use of the public, surely! We would never run out of the protocol's 4 billion IP addresses!
Absolutely a fad...
Transport yourself a few years later, and the internet was a phenomenon. As the internet became more accessible & cheaper for users and phones implementing internet features, it quickly became obvious that the exhaustion of public IPv4 addresses was becoming a reality.
Vast pools of addresses were initially assigned to organisations and companies for the use of their devices. To this day, the likes of Apple, Ford and Mercedes still have assigned to them a /8 IPv4 block, meaning each of these organisations has a pool of 16.7 million public IPv4 addresses. Incredible to think about, right? Today, and for some time, you cannot purchase any IPv4 address space. The only way to obtain some IPv4 space is by purchasing from other organisations or in a secondary market. Still, with how subnetting works and operates, you must purchase a contiguous range instead of a single IP address.
As time went on, instead of implementing IPv6, we saw an increase in the use of NAT (Network address translation), where we would utilise a single or few IPv4 addresses on the edge of our networks to allow internet connectivity to users on your infrastructure (with RFC1918 addresses) instead of assigning each of your users a public IP address. Even ISPs utilise NAT (CGNAT, Carrier Grade NAT) for their hundreds of thousands of customers.
So why now?
We've been urged to ensure our infrastructure is compliant and operates with the IPv6 protocol for some time. But hey, when working in the cloud, it's easy to spin up a few instances and default to a public IPv4 address. Why would you want to implement IPv6 and complicate matters further? After all, we can do what we do with on-prem infrastructure. Create a private (RFC1918) IPV4 address space, allocate those addresses where required and NAT all the things. Just spin up your containers/ instances, shove a few private addresses here and there, create your routes to hit a NAT gateway and job done (claps hands).
IP address pools are operated and assigned by various authorities and registries. When you get assigned these pools of addresses, you, as a customer, must ensure you make good use of them or forfeit your right to use them. Put yourself in AWS, GCP or Azure's shoes for a moment. You're getting more and more customers signing up to use your cloud services, and these customers are just utilising more IPv4 addresses because "they can". Well, that's not making good use of that space. Basically, if AWS does not make good use of these addresses, they could forfeit their right to these addresses/ pools.
The likes of Google and Microsoft have been charging for their public (external) IPv4 addresses for some time now. The way it's charged is per hour. AWS is to follow suit now and do exactly the same thing. They are to start charging $0.005 come February 2024, which totals the shocking price of (breaks out calculator); $0.12 per day. Hardly a massive sum, but unless you're just giving all of your instances and containers public IP addresses, you should be fine.
Why are we celebrating this?
As noted above, the public IPv4 addresses' space exhaustion is real. We've already exhausted all addresses; they're assigned to different organisations. IPv6 is a protocol that has been made available for some time now, but many customers still turn away from it in fear. After all, when you first start to implement IPv6 in AWS, you quickly become aware your address is that of a public pool, so how would you restrict access from the outside > into your cloud environment? One of those options is the egress-only Internet Gateway. There are many ways to ensure your infrastructure is secure while utilising IPv6, but I think that is best suited to an entirely different post I'll look to put out soon.
IPv6 needs to be pushed more, and hopefully, highlighting the cost of IPv4 addresses will persuade more customers to utilise IPv6's vast address space of 340 trillion trillion trillion IP addresses.
Not sure where you're utilising IPv4 addresses or curious how much these changes will cost you? AWS has recently posted a new article advising how to aggregate this information and provide information on how to estimate these new charges here.
There was a question I came across on the official blog post asking if the charges would be applied to Lightsail instances. It would seem that, yes, the public IPv4 charge will affect Lightsail instances.