How to avoid public ipv4 address

2

So I had the notification about charges for public IPV4 addresses and I've been thrashing around for ways to avoid the new cost.

Here's what I have now:

  1. A t4g.micro EC2 instance managed through Elastic Beanstalk
  2. The instance provides a external web interface
  3. The instance connects to other AWS services including DynamoDB and SES

Now it seems that:

  1. Elastic Beanstalk environments need internet access (creation fails on a VPC without an internet gateway)
  2. If I create an IPV6-only VPC, the instances will not be able to connect to all AWS services since many are not IPV6 enabled
  3. I looked at Cloudfront but that communicates with origins using IPV4 only
  4. Any approach to connecting a private VPC to the internet and other AWS services (such as a NAT gateway) is considerably more expensive that keeping the public IPV4 address

So unless I am missing something, for this requirement there is no way to avoid the public IPV4 address and the associated charge. If so, disappointed that AWS does not provide a working migration path.

rde1
已提问 1 年前2800 查看次数
3 回答
1

I've done some more testing. It seems impossible to use Elastic Beanstalk without either a public IPv4 address or other more expensive solutions such as PrivateLink or NAT Gateways. You can set up gateway endpoints from an IPv6 VPC but these support S3 and DynamoDB only.

Any other hints, anyone?

rde1
已回答 1 年前
  • I have done a bit of research on the IPv4 charges and IPv6 on AWS, and I can say that you're absolutely right in all regards. There's no good way to fully avoid these charges. Especially on Beanstalk, which doesn't work with IPv6 at all.

    You might want to look at AWS App Runner. If it works for your use-case and your app can be containerized, this might be a way out. If you don't need VPC access, App Runner will provide IPv4 ingress and egress without IPv4 address charges, I believe.

0

AWS doesn't intend there to be a way to avoid this charge, they themselves say that the purpose of it is to try and dissuade IPv4 usage and drive IPv6 adoption https://aws.amazon.com/blogs/aws/new-aws-public-ipv4-address-charge-public-ip-insights/

intended to encourage you to be a bit more frugal with your use of public IPv4 addresses and to think about accelerating your adoption of IPv6

I would imagine that pretty much everybody who posts on here will be affected by it one way or another, and as we get closer to February 1st the amount of discussion around it on here will increase.

profile picture
专家
Steve_M
已回答 1 年前
  • I'm using one public IPv4 address. I couldn't possibly be any more frugal, and without this my fully prepaid reserved instance would become functionally useless. Amazon need to include at least one free public IPv4 with each VPC.

0

Yes of course I understand that. My problem is that AWS is not providing the what I need to fully adopt IPv6. Many AWS services are not IPv6 enabled so if I want to avoid a public EC2 IPv4 address I have to use a NAT gateway which is considerably more expensive.

I could avoid a public IPv4 address by using API gateway with HTTP forwarding to an EC2 instance via a VPC link, but if the instance itself cannot access the AWS services it needs then that approach seems unworkable.

rde1
已回答 1 年前

您未登录。 登录 发布回答。

一个好的回答可以清楚地解答问题和提供建设性反馈,并能促进提问者的职业发展。

回答问题的准则