An Introduction to IPv6 on Google Cloud

It is no secret that the Internet Protocol (IP) standard’s IPv4 address scheme will eventually run out of IP addresses. Today’s technological advancements such as 5G, Internet of Things, mobile applications, connected devices, serverless and container-based services are accelerating an industry-wide move to IPv4’s successor, IPv6. 

Many enterprises are increasingly leaning towards IPv6 addressing for their on-premises and cloud environments. Major drivers for adoption include the scarcity of private IPv4 addressing (especially in large private networks), public IPv4 address exhaustion, and the need to reach IPv6-only clients. In addition, regulatory requirements around the use of IPv6 addressing are also increasing demand for IPv6 capabilities.

Earlier this year, Google Cloud began supporting IPv6 addressing for VM instances. You can now use IPv6 addressing on ‘dual-stack’ VM instances running both IPv4 and IPv6, and dual-stack GKE nodes and pods. Using IPv6 addressing, your Google Cloud workloads can access the internet using IPv6 Globally Unique Addresses (GUA), connect privately to other workloads within your VPC using IPv6 Unique Local Addresses (ULA), and access your on-prem/cross-cloud hybrid workloads over HA-VPN.

Specifically, with Google Cloud IPv6, you can use:

• Dual-stack subnets, VM instances, and instances with multiple interfaces (multi-NIC).

• VPC firewall rules and hierarchical firewall policy rules to help secure IPv6 communication between VM instances and the internet

• Either internal IPv6 addresses (with Private Google Access) or external IPv6 addresses to access Google APIs and services from your VPC

• Dual-stack VPC peering to enable private IPv6 connectivity between different VPCs

• HA-VPN tunnels and exchange dynamic IPv6 routes to connect Google Cloud and on-prem or cross-cloud environments

• A backend service-based external network load balancer to distribute external IPv6 traffic among VM instances within a region

• Cloud Load Balancing to terminate IPv6 connections from end-users to:

• Distribute traffic from the internet to a set of web frontend instance groups in various regions with Global external HTTP(S) load balancer

• Distribute SSL traffic from the internet to Google Cloud VM instances in your Google Cloud VPC network with SSL proxy load balancer

• Distribute TCP traffic from the internet to Google Cloud VM instances in your Google Cloud VPC network with TCP proxy load balancer

You can also contact your Google team to take advantage of the following IPv6 products, which are available in Preview.

• Enable end-to-end IPv6 communication with dual-stack networking for GKE VPC-native clusters.

• Reserve static internal or external IPv6 addresses for your Google Cloud VM instances.

• Access Google APIs and services from on-prem using either internal IPv6 addresses (with Private Google Access) or external IPv6 addresses.

• Use IPv6 Static Routes to direct traffic to a specific next-hop VM instance in the same VPC.

• Connect Google Cloud and on-prem/cross-cloud environments using dual-stack dedicated interconnect and exchange dynamic IPv6 routes.

The transition to IPv6 is starting in earnest. You can build your first IPv6 network in the Google Cloud console. Please stay tuned for further updates and announcements about IPv6 on Google Cloud in the coming months.