An existing IPv4 gateway balancer. For more information on creating a gateway load balancer, see Create a gateway load balancer.
Add IPv6 address ranges to an existing subnet
This article assumes you already have a Gateway Load Balancer configured for IPv4 traffic, with a corresponding virtual network and subnet. In this step, you add IPv6 ranges to your Gateway Load Balancer's virtual network and subnet. This range is need when creating an IPv6 frontend configuration for your Gateway Load Balancer using a private IP address from this subnet/virtual network.
#Add IPv6 ranges to the virtual network and subnet#Retrieve the virtual network object$rg = Get-AzResourceGroup -ResourceGroupName"myResourceGroup"$vnet = Get-AzVirtualNetwork -ResourceGroupName$rg.ResourceGroupName -Name"myVNet"#Add IPv6 prefix to the virtual network$vnet.addressspace.addressprefixes.add("fd00:db8:deca::/48")
#Update the running virtual network$vnet | Set-AzVirtualNetwork#Retrieve the subnet object from the local copy of the virtual network$subnet= $vnet.subnets[0]
#Add IPv6 prefix to the subnet$subnet.addressprefix.add("fd00:db8:deca::/64")
#Update the running virtual network with the new subnet configuration$vnet | Set-AzVirtualNetwork
Now that you've added IPv6 prefix ranges to your Gateway Load Balancer's subnet and virtual network, we can create a new IPv6 frontend configuration on the Gateway Load Balancer, with an IPv6 address from your subnet's range.
# Retrieve the load balancer configuration$gwlb = Get-AzLoadBalancer -ResourceGroupName"myResourceGroup"-Name "myGatewayLoadBalancer"# Add IPv6 frontend configuration to the local copy of the load balancer configuration$gwlb | Add-AzLoadBalancerFrontendIpConfig `
-Name"myGatewayFrontEndv6" `
-PrivateIpAddressVersion"IPv6" `
-Subnet$subnet#Update the running load balancer with the new frontend$gwlb | Set-AzLoadBalancer
In order to distribute IPv6 traffic, you need a backend pool containing instances with IPv6 addresses. First, you create a backend pool on the Gateway Load Balancer. In the following step, you create IPv6 configurations to your existing backend NICs for IPv4 traffic, and attach them to this backend pool.
#Retrieve the NIC object$NIC_1 = Get-AzNetworkInterface -Name"myNic1" -ResourceGroupName$rg.ResourceGroupName
$backendPoolv6 = Get-AzLoadBalancerBackendAddressPoolConfig -Name"myGatewayBackendPoolv6" -LoadBalancer$gwlb#Add an IPv6 IPconfig to NIC_1 and update the NIC on the running VM$NIC_1 | Add-AzNetworkInterfaceIpConfig -Name myIPv6Config -Subnet$vnet.Subnets[0] -PrivateIpAddressVersion IPv6 -LoadBalancerBackendAddressPool$backendPoolv6$NIC_1 | Set-AzNetworkInterface
Load balancing rules determine how traffic is routed to your backend instances. For Gateway Load Balancer, you create a load balancing rule with HA ports enabled, so that you can inspect traffic of all protocols, arriving on all ports.
# Retrieve the updated (live) versions of the frontend and backend pool, and existing health probe$frontendIPv6 = Get-AzLoadBalancerFrontendIpConfig -Name"myGatewayFrontEndv6" -LoadBalancer$gwlb$backendPoolv6 = Get-AzLoadBalancerBackendAddressPoolConfig -Name"myGatewayBackendPoolv6" -LoadBalancer$gwlb$healthProbe = Get-AzLoadBalancerProbeConfig -Name"myHealthProbe" -LoadBalancer$gwlb# Create new LB rule with the frontend and backend$gwlb | Add-AzLoadBalancerRuleConfig `
-Name"myRulev6" `
-FrontendIpConfiguration$frontendIPv6 `
-BackendAddressPool$backendPoolv6 `
-Protocol All `
-FrontendPort0 `
-BackendPort0 `
-Probe$healthProbe#Finalize all the load balancer updates on the running load balancer$gwlb | Set-AzLoadBalancer
Chain the IPv6 load balancer frontend to gateway load balancer
In this final step, you'll chain your existing Standard Load Balancer's IPv6 frontend to the Gateway Load Balancer's IPv6 frontend. Now, all IPv6 traffic headed to your Standard Load Balancer's frontend is forwarded to your Gateway Load Balancer for inspection by the configured NVAs before reaching your application.
## Place the existing Standard load balancer into a variable. ##$par1 = @{
ResourceGroupName = 'myResourceGroup'
Name = 'myLoadBalancer'
}
$lb = Get-AzLoadBalancer @par1
## Place the public frontend IP of the Standard load balancer into a variable.$par3 = @{
ResourceGroupName = 'myResourceGroup'
Name = 'myIPv6PublicIP'
}
$publicIP = Get-AzPublicIPAddress @par3
## Chain the Gateway load balancer to your existing Standard load balancer frontend. ### $feip = Get-AzLoadBalancerFrontendIpConfig -Name "myGatewayFrontEndv6" -LoadBalancer $gwlb$par4 = @{
Name = 'myIPv6FrontEnd'
PublicIPAddress = $publicIP
LoadBalancer = $lb
GatewayLoadBalancerId = $feip.id
}
$config = Set-AzLoadBalancerFrontendIpConfig @par4
$config | Set-AzLoadBalancer