Posted On: Jan 17, 2023

AWS Network Firewall now supports IPv6 for dual stack subnets so you can filter IPv4 and IPv6 traffic flows to and from the public internet, on-premises network, or any endpoint in your Amazon Virtual Private Cloud (VPC). Now, you can use AWS Network Firewall to protect your IPv6 workloads on AWS.

AWS Network Firewall is a managed firewall service that makes it easy to deploy essential network protections for all your Amazon VPCs. With this capability, you can enable AWS Network Firewall endpoints to filter both IPv4 and IPv6 traffic in dual stack subnets. A dual stack subnet is a subnet with both an IPv4 CIDR block and an IPv6 CIDR block. Resources in a dual-stack subnet can communicate over IPv4 and IPv6.

There is no additional cost to enable dual stack AWS Network Firewall endpoints. You can configure dual stack firewall endpoints using the AWS Management Console, AWS CLI, AWS SDK, or the AWS Network Firewall API. IPv6 is supported in all AWS Regions where AWS Network Firewall is available today, including the AWS GovCloud (US) Regions. For more information on availability, please see the AWS Region table. To learn more about configuring AWS Network Firewall for dual stack, please refer to the service documentation.