Networking & Content Delivery

Introducing AWS Global Accelerator IPv6

Voiced by Polly

We are excited to announce the availability of Internet Protocol Version 6 (IPv6) support for AWS Global Accelerator. IPv6 is a version of the Internet Protocol that uses a larger address space (128 bits). Moreover, it allows more IP addresses than its predecessor IPv4 (32 bits). IPv6 support lets you meet the requirements for IPv6 adoption that is set by governments, as well as remove the need for IPv6 to IPv4 translation software. Starting today, you can use Global Accelerator to serve end-users connecting via both IPv4 and IPv6. Furthermore, this can be done while taking advantage of the availability, performance, and security benefits of Global Accelerator.

Global Accelerator is a networking service that improves your internet user performance and availability by using the AWS global network infrastructure. Global Accelerator’s automatic routing optimizations help keep your packet loss, jitter, and latency consistently low. Today, standard accelerators automatically route traffic to a healthy endpoint that is nearest to your user. This works for various use cases, such as A/B testing, blue-green deployments, API acceleration, and live video ingest.

Until today, Global Accelerator provided two static anycast IPv4 addresses for each accelerator. Customers could only serve IPv4 traffic through Global Accelerator to their application endpoints running in AWS Regions. The depletion of IPv4 addresses meant that IPv6 adoption among Internet networks has been increasing consistently over the last few years. This is especially true among mobile networks. Our customers want to improve the network performance for users connecting over these IPv6 networks. There are three major reasons to move to IPv6:

  • You’re limited in scaling your public facing applications servers due to the limited availability of IPv4 IP addresses.
  • You want to support your IPv6 users from mobile networks, as well as provide them with improved network performance without having to manage IPv6 to IPv4 translation.
  • You must comply with regulatory compliance, such as the Federal Acquisition Requirement in the US, to run specific internet traffic over IPv6.

Starting today, you can route your IPv6 traffic through Global Accelerator to your Application Load Balancer endpoints running in AWS Regions. Global Accelerator now supports two types of accelerators – Dual-stack and IPv4-only. A Dual-stack accelerator means you’re provided with a pair of IPv4 and IPv6 global static anycast IP addresses that can serve both IPv4 and IPv6 traffic. No additional fees exist for using Dual-stack accelerators. The accelerator pricing remains the same as before. In this post, you will learn how to begin creating a Dual-stack Global Accelerator to route traffic to your applications in AWS Regions.

Getting started

There are two approaches to getting started with Global Accelerator using the dual stack configuration:

  • Creating a new Global Accelerator instance and setting up the Dual-stack accelerator.
  • Updating an existing standard IPv4 accelerator to dual stack accelerator to start receiving IPv6 traffic.

Creating a new Global Accelerator

As of today, when configuring a new standard accelerator, you can now choose a type in the IP address type. When choosing Dual-stack. to create new Dual-stack Global Accelerator:

  1. On the Enter name page
    1. Navigate to AWS Global Accelerator Console
    2. Choose Create accelerator
    3. For Accelerator name, enter MyDualStackAccelerator
    4. For Accelerator type, leave Standard selected
    5. For IP address type, from the drop-down, choose Dual-stack
    6. Choose Next
      aga_basic_configurationFigure 1: Global Accelerator Dual-stack configuration
  2. On the Add listeners page
    1. For Ports, enter 80
    2. For Protocol, from the drop-down, choose TCP
    3. Choose Next
  3. On the Add endpoint groups page
    1. For Region, from the drop-down, choose us-west-2. Optionally, you can choose another supported region.
    2. Choose Next
  4. On the Add endpoints page
    1. Choose Create accelerator

Back on the main Global Accelerator Console page, you can now see your new accelerator. To see more details about your new accelerator, select the accelerator name myFirstDualStack. On the details page, you will notice few differences between an IPv4 only and a Dual-stack Global Accelerator, as shown in the following figure.

Figure 2: Dual-stack Global Accelerator configuration overview

  • For Static IP address set, you can now see two IPv4 and also two IPv6 addresses.
  • For DNS name, you have an IPv4 only DNS, as you do with IPv4 Global Accelerator.
  • For Dual-stack DNS name, you now have a DNS name that returns IPv4 and IPv6 addresses, depending on the DNS lookup query.

Having two DNS names, one for IPv4 only and the other for Dual-stack, lets you control when you start shifting to IPv6 traffic, if you don’t want to immediately send traffic to your IPv6 endpoints via DNS. To test out the Dual-stack DNS, use the Linux nslookup program to query Internet domain name servers for your Global Accelerator. Open your Linux/Unix terminal, and then run the following CLI command:

$ nslookup <your Dual-stack DNS name>

In this case, you made an IPv4 DNS query request. You should see two IPv4 addresses in the response. Now, let’s make an IPv6 DNS query request. Run the following CLI command:

$ nslookup -query=AAAA <your Dual-stack DNS name>

This time, you will see two IPv6 addresses in the response. If you perform the same test using the DNS name, which is IPv4 only, then you will see IPv4 addresses for the IPv4 query request, but no answer for the IPv6 query.

Today, you can only add Dual-stack Application Load Balancers as endpoints behind your Dual-stack accelerators. To complete the setup and add one or more endpoints to your new Dual-stack Global Accelerator, see further details in Endpoints for standard accelerators in AWS Global Accelerator.

Update an existing IPv4 only accelerator to a Dual-stack accelerator

Now that you know how to create a new Dual-stack Global Accelerator, in this section you’ll learn to update an existing Global Accelerator that was configured as IPv4 in IP address type at the time of creation. To update your existing Global Accelerator:

  1. Navigate to AWS Global Accelerator Console
  2. Select your accelerator to see the configuration page
  3. Select Edit
  4. On the Edit accelerator page, for IP address type, choose Dual-stack from the drop-down
  5. Choose Save changes

On the accelerator details page, observe that the Provisioning status has changed to In progress. Furthermore, there is now a new attribute Dual-stack DNS name. Once the Provisioning status is changed to Deployed, reload the page, and you will see a DNS under Dual-stack DNS name.

You successfully updated your existing IPv4 accelerator to Dual-stack. Now you can add or edit the endpoints for the standard accelerator. To learn more about endpoints, see Endpoints for standard accelerators in AWS Global Accelerator.

Revert Dual-stack accelerator to IPv4 only accelerators

If you update an existing IPv4 only accelerator to a Dual-stack accelerator, then you can revert it back to IPv4 only. In this case, the two static IPv6 addresses will be reserved for the lifetime of the accelerator. If you decide to update it to Dual-stack again, then the same IPv6 addresses will be used that were assigned to the accelerator. However, if you delete the accelerator, then both your IPv4 and IPv6 addresses will be released to the AWS pool.

In the next sections, you will deploy an environment in your AWS Account to test an end-to-end setup that supports both IP protocols. Furthermore, you will validate that the Dual-stack Global Accelerator serves HTTP requests for each of the protocols.


Make sure that you have permissions for your AWS Account to deploy the following AWS resources:

Implementation and deployment details

In this section, you will create a CloudFormation stack that creates AWS resources to run an end-to-end test for a Dual-stack Global Accelerator setup. Before you deploy the CloudFormation template, let’s review the architecture that is deployed.

Figure 3: Architecture overview – IPv6 enabled environment with Dual-stack Global Accelerator

Let’s look at how the flow illustrated in this figure works.

  1. Using Systems Manager, you securely connect to an Amazon EC2 instance that has an IPv6 address assigned, and is deployed into an IPv6 enabled VPC.
  2. Using cURL, make an HTTP request over IPv4, and then over IPv6, to Global Accelerator.
  3. Global Accelerator forwards the request to ELB – IPv4 request to ELB’s IPv4 address and IPv6 request to ELB’s IPv6 address.
  4. ELB forwards the request to Lambda, and the response is returned to the cURL HTTP request.

To avoid the case that your local network might not have an IPv6 address assigned, you will use an EC2 instance and Systems Manager to make sure that Dual-stack setup can be tested correctly. The EC2 gets an IPv4 and IPv6 address assigned. Therefore, both protocols can be tested.

The CloudFormation template deploys the AWS resources into the US West (Oregon) Region. Download the CloudFormation template to start the deployment process.

To start the deployment process, following the steps:

  1. Nativate to CloudFormation page, choose Create stack
  2. In Template source section, choose Upload a template file, then Choose file and select the CloudFormation template you downloaded, and choose Next
  3. On the Stack name page, enter AGA-DualStack and choose Next
  4. On the Specify stack details page, choose Next
  5. On the Configure stack options page, choose Next
  6. On the Review page, select the I acknowledge that AWS CloudFormation might create IAM resources check box.
  7. Choose Create stack, and then wait for the status to change to CREATE_COMPLETE.

Note that it can take up to 20 minutes for the stack to create all of the AWS resources and reach the CREATE_COMPLETE status.

Once the stack creation reaches CREATE_COMPLETE, navigate to the Outputs tab and copy the AcceleratorDualStackDnsName value to your notes. This is the Global Accelerator DNS name that you will make HTTP requests using cURL.

Testing the Dual-stack Global Accelerator

Now that the stack is deployed, it’s time to test out the end-to-end Dual-stack setup. First, follow the steps to securely connect to the EC2 instance.

  1. Open the EC2 console
  2. Select the instance named aga-dual-stack, and choose Connect
  3. For Connection method, choose Session Manager
  4. Choose Connect

First, let’s validate that you can make a request using the IPv4 address. To do this, you will pass the following options to the cURL request:

  • -4, This option tells cURL to resolve names to IPv4 addresses only, and not try IPv6.
  • -v, This option makes cURL verbose during the operation. You will see the exact IP address to which the DNS request is resolved, as well as the IP address to which the HTTP request is made.

In your session window, using Systems Manager, issue the following cURL command to make the request using IPv4 address:

Note that you should replace <YOUR-GLOBAL-ACCELERATOR-DUAL-STACK-DNS> with the value that you pasted into your notes – the AcceleratorDualStackDnsName value from CloudFormation stack Outputs.


The request response looks similar to the following:

*   Trying
* Connected to <YOUR-GLOBAL-ACCELERATOR-DUAL-STACK-DNS> ( port 80 (#0)> GET / HTTP/1.1
> Host: <YOUR-GLOBAL-ACCELERATOR-DUAL-STACK-DNS> User-Agent: curl/7.58.0
> Accept: */*
>< HTTP/1.1 200 OK
< Server: awselb/2.0
< Date: Thu, 13 Jan 2022 23:14:48 GMT
< Content-Type: text/html
< Content-Length: 18< Connection: keep-alive
<* Connection #0 to host <YOUR-GLOBAL-ACCELERATOR-DUAL-STACK-DNS> left intact
Hello from Lambda!

In your response, notice the following lines:

  • Trying followed by an IP address is the IP address that the DNS request was revolved to, and it was the IP address used to make the HTTP request
  • Hello from Lambda!, is the response from Lambda indicating a successful request

Let’s do the same test, but this time we’ll make the HTTP request using the IPv6 address. To do this, instead of the -4 option, you will replace it with the following:

  • -6, This option tells cURL to resolve names to IPv6 addresses only, and not try IPv4.

In your session window, using Systems Manager, issue the following cURL command to make the request using IPv6 address:


This time, observe that the Trying line in the request has an IPv6 address which was used to make the HTTP request. Moreover, you should see it has a response from the Lambda, which confirms a successful request using an IPv6 address.

Using Amazon CloudWatch with Global Accelerator Dual-stack

Global Accelerator Dual-stack now lets you access Amazon CloudWatch metrics with a global IP dimension, which signals the IP address type (IPv4 or IPv6). That means that all of the metrics available for IPv4 address are now separately available for the IPv6 address. For example, the following figure shows a graph using the NewFlowCount metric, which explicitly shows the IPv4 and IPv6 request volume.

AGA-Dual-stack-CW Figure 4: CloudWatch IPv4 and IPv6 metrics from Dual-stack Global Accelerator

Each request volume is shown separately for each IP – two for the IPv4 and two for IPv6 addresses. To learn more about how to use CloudWatch with Global Accelerator, see Using Amazon CloudWatch with AWS Global Accelerator.

Clean up

To avoid incurring future charges, make sure to delete the CloudFormation stack that you created once you’re done testing. For more details on how to delete a CloudFormation stack, see Deleting a stack on the AWS CloudFormation console.


In this post, you learned about common use cases and the advantages of using IPv6 protocol, as well as the general availability of IPv6 support in AWS Global Accelerator. Then, you learned how to get started and create a new Dual-stack Global Accelerator, in addition to how to modify an existing IPv4 only to Dual-stack. Lastly, you deployed an environment with an end-to-end IPv6 support where Dual-stack Global Accelerator forwarded a request to the ELB over IPv4 and IPv6 protocols. You tested and validated the functionality by making an HTTP request using the cURL tool and passing options to make sure that cURL resolved the Global Accelerator’s Dual-stack DNS name to IPv4 and IPv6, for each of the test cases.

About the authors

Artem Lovan

Artem Lovan is a Technologist and Solutions Architect at AWS. Artem helps guide AWS customers build scalable and sustainable products in the cloud. He has been involved in IT at many levels, including infrastructure, networking, security, DevOps, and software development.

Mohan Pasappulatti

Mohan Pasappulatti is a Technologist and Architect at AWS, based in San Francisco, USA. Mohan helps high profile disruptive startups and strategic customers architect and deploy distributed applications, and other business critical workloads in production on AWS. He has over 20 years of experience leading engineering and architecture teams in several verticals like health care, manufacturing, ecommerce, FinTech, etc. In his spare time, Mohan loves to cheer his college football team (LSU Tigers!), play poker, ski, watch the financial markets, play volleyball and spend time outdoors.