AWS IPv4 Charges: Strategies and Solutions

Recently, Amazon Web Services announced that they would start charging for IPv4 addresses. Previously, IPv4 addresses incurred charges in AWS only if the Elastic IP (EIP) was assigned to an instance in a stopped state. However, effective February 1, 2024, AWS began charging $0.005 per IP per hour for all public IPv4 addresses, regardless of whether they are attached to a running instance or not. This means that when you launch an EC2 server and enable the IPv4 public IP address, you will incur charges. Depending on the number of instances in your AWS account, your monthly AWS expenditure may increase significantly.

Many of our customers started approaching us to understand if there was any way to avoid the AWS public IP costs. The solution was to enable IPv6 support in the AWS VPC and assign an IPv6 address within the EC2 instance.

The above strategy worked fine in reducing the cloud costs, but in some cases, the applications hosted on their EC2 instances were communicating with external services that had no IPv6 support enabled yet. For example, WordPress websites communicate with the wordpress.org (no IPV6 support yet) domain name to check for new plugin updates, and theme versions. Since the EC2 instances had only IPv6 support, these checks were failing. To avoid this situation, one option was to create a NAT gateway and attach it to the VPC our clients were using. However, creating a VPC will incur additional costs as well. The increased costs may not justify the IPv6 migration we have done if the AWS account has only a few EC2 instances.

After some digging, we decided to implement NAT64 DNS support within the EC2 instances where no public IPv4 addresses were assigned. NAT64 is a technology that allows IPv6-only clients to contact IPv4 servers using Unicast UDP, TCP, or ICMP. This technology will work on any cloud platform, not just in AWS. As long as you can edit your system DNS configuration, you should be able to use this technology.

In this example, we will be using the free NAT64 DNS service offered by https://nat64.net. We will utilize the following IPv6 DNS servers to enable IPv6-only EC2 instances to communicate with third-party services that do not yet support IPv6 and only operate via IPv4:

2a01:4f8:c2c:123f::1
2a01:4f9:c010:3f02::1
2a00:1098:2c::1

We are using Ubuntu 24.04 LTS release. To begin the configuration, open the netplan configuration associated with your network interface. Usually, the netplan configuration is located under the /etc/netplan folder. Add the following parameters to your network interface configuration file:

dhcp6-overrides:
use-dns: false
dhcp4-overrides:
use-dns: false
nameservers:
addresses: [2a00:1098:2b::1, 2a01:4f8:c2c:123f::1, 2a01:4f9:c010:3f02::1, 8.8.8.4, 8.4.4.1]

The final network configuration file will resemble the following:

After making the DNS server changes, execute the following command to ensure that there are no errors:

netplan try

If there are no errors in the configuration you have made, you’ll see the following message in the terminal window:

Press ENTER before the timeout to accept the new configuration.

You can press the “ENTER” key to continue. Otherwise, you may need to resolve the indentation-related errors.

This solution isn’t exclusive to AWS and can be implemented across other cloud providers where IPv6 support is available, such as GCP, DigitalOcean, or Vultr. By following this strategy for one of our clients, we were able to help them save over $900 per month in EIP costs alone.

If you’re seeking further assistance with optimising your cloud spending or implementing similar cost-saving measures, don’t hesitate to reach out to us to schedule a discovery call. We’re here to help you navigate the evolving landscape of cloud infrastructure and ensure cost-efficient operations for your business.

Scroll to Top