With more governmental requirements enforcing requirements that public-facing services need to support IPv6 a lot of customers that have started their cloud journey might be having some issues with adopting IPv6 on all their services.
Especially with Microsoft Azure, not all services support IPv6 natively, therefore, I wanted to write this post to give an overview of what kind of services that support IPv6 natively or what services can get IPv6 enabled as a public-facing service.
NOTE: There are a lot of different articles to showcase how you can add IPv6 to an existing application in Azure running over IPv4 (Add IPv6 to an IPv4 application in Azure virtual network – Azure CLI | Microsoft Docs)
Services marked with bold support IPv6 natively with Microsoft Azure.
- Azure Load Balancer (supports IPv6)
- Azure Public IP Address (supports IPv6)
- Azure Front door (supports IPv6)
- Azure Application Gateway (does not supports IPv6)
- Azure App Services (does not support IPv6)
- Azure Firewall (does not support IPv6)
- Azure Bastion (does not support IPv6)
- Azure VPN Gateway (does not support IPv6)
- Azure Route Server (does not support IPv6)
- Azure ExpressRoute (supports IPv6)
- Azure Network Security Groups (supports IPv6)
- Azure Private Endpoints (does not support IPv6)
- Azure DNS (supports IPv6)
- Azure SQL (does not support IPv6)
- Azure Kubernetes with Kubenet (supports IPv6 in preview)
- Azure PostgreSQL (does not support IPv6)
- Azure API Management (does not support IPv6)
- Microsoft Exchange Online (supports IPv6)
- Microsoft SharePoint Online (Can be enabled with IPv6 with a support request)
- Microsoft Teams (Only supports IPv4)
In addition, there are some limitations when it comes to support for certain services and IPv6 such as.
- VPN gateways cannot be used in a virtual network with IPv6 enabled, either directly or peered with “UseRemoteGateway”.
- Public IPv6 addresses are locked at an idle timeout of 4 minutes.
- Azure doesn’t support IPv6 communication for containers as running with AKS or Container Apps.
- Use of IPv6-only virtual machines or virtual machines scale sets isn’t supported. Each NIC must include at least one IPv4 IP configuration (dual-stack).
- When adding IPv6 to existing IPv4 deployments, IPv6 ranges can’t be added to a virtual network with existing resource navigation links.
- Forward DNS for IPv6 is supported for Azure public DNS. Reverse DNS isn’t supported.
- Routing Preference and cross-region load-balancing isn’t supported.
Can see more about IPv6 support for Microsoft 365 services here –> IPv6 support in Microsoft 365 services – Microsoft 365 Enterprise | Microsoft Docs