IPv6 for Azure VMs
At the Ignite Conference, the Microsoft Azure product team announced support for Internet Protocol version 6 (IPv6) for Azure virtual machines (VMs). What this means is that Azure VMs can now send and receive native IPv6 traffic, provided they:
- Have network interfaces configured to request private IPv6 addresses.
- Are members of an external load balanced set that has been configured with a public IPv6 address.
Here is the basic configuration:
For additional information, see Overview of IPv6 for Azure Load Balancer.
To ensure that a VM has this new capability, you must first create an external load balancer that has:
- A front-end public IPv6 address
- A backend IPv6 address pool
- Rules that allow specified types of IPv6 traffic (such as unsolicited inbound traffic to TCP port 80)
- NAT rules to map ports from external to internal port numbers (as needed)
Here is an example Azure PowerShell code block that accomplishes this with the IPv6-specific code bolded:
$ipv4DomainName="<unique DNS name for the IPv4 endpoint>"
$ipv6DomainName="<unique DNS name for the IPv6 endpoint>"
# Create the Azure Public IP address resources for the front-end IP address pool
$publicIPv4 = New-AzureRmPublicIpAddress -Name "pub-ipv4" -ResourceGroupName $rgName -Location $locName -AllocationMethod Static -IpAddressVersion IPv4 -DomainNameLabel $ipv4DomainName
$publicIPv6 = New-AzureRmPublicIpAddress -Name "pub-ipv6" -ResourceGroupName $rgName -Location $locName -AllocationMethod Dynamic -IpAddressVersion IPv6 -DomainNameLabel $ipv6DomainName
# Create front-end address configurations that use the public IP addresses.
$FEIPConfigv4 = New-AzureRmLoadBalancerFrontendIpConfig -Name "LB-Frontendv4" -PublicIpAddress $publicIPv4
$FEIPConfigv6 = New-AzureRmLoadBalancerFrontendIpConfig -Name "LB-Frontendv6" -PublicIpAddress $publicIPv6
# Create back-end address pools.
$backendpoolipv4 = New-AzureRmLoadBalancerBackendAddressPoolConfig -Name "BackendPoolIPv4"
$backendpoolipv6 = New-AzureRmLoadBalancerBackendAddressPoolConfig -Name "BackendPoolIPv6"
# Create load balancer rules for Web and RDP traffic
$lbrule1v4 = New-AzureRmLoadBalancerRuleConfig -Name "HTTPv4" -FrontendIpConfiguration $FEIPConfigv4 -BackendAddressPool $backendpoolipv4 -Protocol Tcp -FrontendPort 80 -BackendPort 8080
$lbrule1v6 = New-AzureRmLoadBalancerRuleConfig -Name "HTTPv6" -FrontendIpConfiguration $FEIPConfigv6 -BackendAddressPool $backendpoolipv6 -Protocol Tcp -FrontendPort 80 -BackendPort 8080
$RDPrule = New-AzureRmLoadBalancerRuleConfig -Name "RDPrule" -FrontendIpConfiguration $FEIPConfigv4 -BackendAddressPool $backendpoolipv4 -Protocol Tcp -FrontendPort 3389 -BackendPort 3389
# Create the load balancer
$NRPLB = New-AzureRmLoadBalancer -ResourceGroupName $rgName -Name "myNrpIPv6LB" -Location $locName -FrontendIpConfiguration $FEIPConfigv4 ,$FEIPConfigv6 -BackendAddressPool $backendpoolipv4 ,$backendpoolipv6 -LoadBalancingRule $lbrule1v4 ,$lbrule1v6,$RDPrule
When you create the VMs, you must:
- Request a private IPv6 address configuration from the backend IPv6 address pool of the load balancer.
- For the VMs network interface, specify two IP configurations: one for the IPv4 endpoint and one for the IPv6 endpoint. You must still configure IPv4 connectivity to ensure that Azure VMs can get to Azure and Internet resources that are currently only available over IPv4.
Here are example Azure PowerShell commands that accomplish this with the IPv6-specific code bolded:
# Request IPv4 and IPv6 private address configurations
$vm1nicIPv4 = New-AzureRmNetworkInterfaceIpConfig -Name "IPv4IPConfig" -PrivateIpAddressVersion "IPv4" -Subnet $backendSubnet -LoadBalancerBackendAddressPool $backendpoolipv4
$vm1nicIPv6 = New-AzureRmNetworkInterfaceIpConfig -Name "IPv6IPConfig" -PrivateIpAddressVersion "IPv6" -LoadBalancerBackendAddressPool $backendpoolipv6
# Create the network interface
$vm1nic = New-AzureRmNetworkInterface -Name "vm1nic" -IpConfiguration $vm1nicIPv4 ,$vm1nicIPv6 -ResourceGroupName $rgName -Location $locName
NOTE: These code blocks are just examples and are not complete or intended to run successfully from the command line or in the Integrated Script Environment (ISE). They rely on previously-defined variables (such as $rgName, $locName, and $backendsubnet).
IPv6 for Azure VMs and Office 365
IPv6 connectivity to Azure VMs enables integration between Office 365 services and apps that also support IPv6 and apps or storage located on Azure VMs. The network path from the client computer or device to the app or storage on an Azure VM and Office 365 can be a native IPv6 path, without having to translate IPv6 traffic to IPv4 or tunnel it across an IPv4 network.
Here is the basic configuration:
For more information, see IPv6 support in Office 365 services.