top | item 39258104

(no title)

roboben | 2 years ago

I can just imagine that moving to IPv6 is as messy on Azure than it is on AWS.

Don’t get me wrong, actually using it is simpler, you can just have your range and then be free to do whatever you want. But the fact that it was added later to a stack never made for it shows everywhere, which makes UX tough.

Currently struggling with metadata service weirdness and slowness in IPv6 land on AWS :’)

discuss

jiggawatts|2 years ago

It's almost certainly worse in Azure than AWS.

Random examples:

Azure hands out contiguous blocks of 16 IPv6 addresses. No, not a /56 or anything useful like that. Sixteen addresses.

If you enable IPv6 in some virtual network, other peered virtual networks will have unrelated services just break. Like Postgres, Azure VPNs, and more.

There are no IPv6 to IPv4 gateways, and you can't even build such a thing yourself without enabling IPv6 in the whole virtual network... which breaks other networks!

Azure NATs IPv6, defeating the entire purpose of the thing. It's basically IPv4 with extra steps.

Azure doesn't support IPv6 for any of their PaaS offerings, especially not in their firewall rules.

Etc...

If you think there are excuses for any of this, consider this: IPv6 has been a standard for two decades and Windows has supported IPv6 since 2000.

I like to swap IPv4 and IPv6 in any sentence to gauge the insanity of it. E.g.: "Enabling IPv4 breaks unrelated services in other networks" would have you running for the hills, would it not?

charcircuit|2 years ago

>you think there are excuses for any of this, consider this: IPv6 has been a standard for two decades and Windows has supported IPv6 since 2000.

That's like complaining that Linux came out in the 1990s yet Photoshop doesn't support Linux. Like how it doesn't make economic sense for Adobe to support Linux, it doesn't make sense for a lot of organizations to additionally support ipv6 when they can just support ipv4.

suncore|2 years ago

That should be 16 IPv6 /64 networks, right? Which means Azure gives you a /60 prefix, I guess?

jeroenhd|2 years ago

With how weirdly complicated Azure was about IPv6 last time I looked into it, I wouldn't be surprised if it'd be more complicated than on AWS.

I'm not convinced it ever improved. Looking up a quick guide brings up https://learn.microsoft.com/en-us/azure/virtual-network/ip-s... which tells you to just... assign a random network from 2404:f800::? What even is this network? Are they using a routable IPv6 address as a substitute for an ULA for their NAT'ing load balancers? Why 2404:f800:8000:122::/64 specifically?

WirelessGigabit|2 years ago

Microsoft owns 2404:f800::/30.

I just did the tutorial and I noticed that in the Azure portal it shows a public IPv6 address and a private IPv6 address. From my machine I connect to the public one and magically end up on the private one.

Curling what is my ip6 from the machine yield the public IPv6 address.

I suppose all of this is needed to ensure LB can be done? And it's easier to do with a range like this than a ULA which by default isn't routable.

hossbeast|2 years ago

I'm curious what issues you're having with the metadata service on IPv6?