28 votes

AWS eIP price change. What's your plan?

Posted by tonyswu
Tags: amazon.web services, ask.survey, prices
https://aws.amazon.com/blogs/aws/new-aws-public-ipv4-address-charge-public-ip-insights/

Link information

This data is scraped automatically and may be incorrect.

Title
New - AWS Public IPv4 Address Charge + Public IP Insights | Amazon Web Services
Published
Jul 28 2023
Word count
678 words

38 comments

  1. [8]
    tonyswu
    Link
    AWS is planning to start charging for eIPs that are in-use, and if my understanding is correct this will increase monthly bill quite a bit for most AWS users, especially for organizations that...

    AWS is planning to start charging for eIPs that are in-use, and if my understanding is correct this will increase monthly bill quite a bit for most AWS users, especially for organizations that have multiple accounts with multiple availability zones and NAT gateways.

    Curious, what's your plan to deal with this, if you are an AWS user?

    9 votes
    1. [6]
      archevel
      Link Parent
      Out of curiosity, anyone here that has trouble connecting to a ipv6 only site? I think https://ipv6.google.com/ is ipv6 only (please correct me if I'm wrong!). I'd imagine most ISPs nowadays...

      Out of curiosity, anyone here that has trouble connecting to a ipv6 only site? I think https://ipv6.google.com/ is ipv6 only (please correct me if I'm wrong!). I'd imagine most ISPs nowadays should have sorted out connections to IPv6 domains. Would be nice to hear if someone has had issues with this. Otherwise a simple solution would be to use IPv6 for your public facing domain...

      4 votes
      1. fractaltheory
        Link Parent
        This didn’t work for me with Bell Canada Home Wireless.

        This didn’t work for me with Bell Canada Home Wireless.

        5 votes
      2. frostycakes
        Link Parent
        I know my ISP (CenturyLink/Quantum Fiber in the US), despite being the largest Tier 1 backbone provider on the damn planet, and said backbone supporting v6 natively, still only has 6rd as an...

        I know my ISP (CenturyLink/Quantum Fiber in the US), despite being the largest Tier 1 backbone provider on the damn planet, and said backbone supporting v6 natively, still only has 6rd as an option to get v6 connectivity as a home or non-enterprise business customer, and it's not enabled by default on their equipment either.

        IIRC Verizon FiOS is also only just rolling out v6 to their customers as of the past year, even though both their backbone and wireless sides have supported v6 for years now.

        2 votes
      3. unkz
        Link Parent
        That url didn’t work for me (novus in Canada).

        That url didn’t work for me (novus in Canada).

        1 vote
      4. [2]
        Artren
        Link Parent
        Worked for me in Canada on Telus Fiber. Testing now on Telus Mobility.

        Worked for me in Canada on Telus Fiber. Testing now on Telus Mobility.

        1 vote
        1. Artren
          Link Parent
          Apparently I can't edit my own post, so confirmed it worked on Telus Mobility as well!

          Apparently I can't edit my own post, so confirmed it worked on Telus Mobility as well!

    2. unkz
      Link Parent
      Probably just going to pay more. If I cared, I guess I would put more stuff behind an ELB and use vhost routing rules — you can put a lot of websites behind a single IP on a single ELB if you want...

      Probably just going to pay more. If I cared, I guess I would put more stuff behind an ELB and use vhost routing rules — you can put a lot of websites behind a single IP on a single ELB if you want to.

      Not much to be done about public facing non-HTTP services.

      In my experience, IPv6 is nowhere near usable.

      1 vote
  2. [3]
    PuddleOfKittens
    Link
    I'm just hoping thiis will speed up IPv6 adoption - getting a static IP for self-hosting is expensive, and IPv6 would completely remove that cost. If all ISPs support IPv6 by default, then home...

    I'm just hoping thiis will speed up IPv6 adoption - getting a static IP for self-hosting is expensive, and IPv6 would completely remove that cost. If all ISPs support IPv6 by default, then home servers will become easier for the average newbie to set up.

    7 votes
    1. FeminalPanda
      Link Parent
      I just use ddns, syncs from my router to dns provider. Enough for my hobby home lab.

      I just use ddns, syncs from my router to dns provider. Enough for my hobby home lab.

      4 votes
    2. [2]
      Comment deleted by author
      Link Parent
      1. lucg
        Link Parent
        We're literally out of IPv4 address space New service providers are having to buy them at high cost and other people try to find unused blocks to sell Routing tables are growing ever bigger,...

        massive cost increase for consumers with literally no benefit

        • We're literally out of IPv4 address space
        • New service providers are having to buy them at high cost and other people try to find unused blocks to sell
        • Routing tables are growing ever bigger, causing a need for faster/bigger routers, because people need to use tiny IP address blocks instead of having larger, contiguous blocks available to use
        • ISPs put up carrier-grade NAT and need to add logging for when law enforcement wants to know who used a certain IP address and port at a given time

        This is all cost being forwarded to the consumer today.

        Besides more address space, IPv6 also benefits from other design choices, since it was designed based on a decade of experience with IPv4, such as: having a fixed header length (for faster processing), no checksum in the IP header to be calculated (faster processing) because both the Ethernet layer above and the TCP/UDP layers below already have one, no fragmentation where routers need to break up and reassemble packets based on the MTU (again leading to faster processing), and better multicast support (more efficient than broadcasting, for example when looking for a router instead of just querying every device on a LAN). I am personally also a fan of ::1 (localhost) and :: (bind to any interface) compared to having to type out 127.0.0.1 and 0.0.0.0 in many applications.

        We can also get rid of NAT (in favor of stateful firewalls), which greatly simplifies applications where people want to talk to each other. Think of calls or games, where the data needs to get to another person as quickly as possible and you don't need or want a relay server. Avoiding needing relay servers as fallback also benefits open source projects who don't have a budget for that sort of thing.

        I am quite curious where you got the "literally no advantage" idea from

        There are a crazy number of "reserved" addresses

        I, too, would like to convince the US DoD they don't need all that dead space, as well as wondered out loud why we don't just use those >224.0.0.0 addresses as a stop-gap solution, but until either of those things happen, IPv6 is here and available to implement

        9 votes
  3. [5]
    Tilbilly
    Link
    The charge is going to be ~$4/mo/IP, hardly some dastardly money-making scheme. This has been a long time coming and needs to happen to push IPv6 adoption further. Having tons of public IPs...

    The charge is going to be ~$4/mo/IP, hardly some dastardly money-making scheme.

    This has been a long time coming and needs to happen to push IPv6 adoption further. Having tons of public IPs assigned to EC2 instances and the like isn’t good architecture either, and hasn’t been best practice since AWS inception.

    6 votes
    1. [2]
      tonyswu
      Link Parent
      It's not uncommon for medium sized companies to have a dozen accounts. Let's say you go with two AZs, with 2 NAT gateways each account that's 24 eIPs just for NAT alone. You add on top of any...

      It's not uncommon for medium sized companies to have a dozen accounts. Let's say you go with two AZs, with 2 NAT gateways each account that's 24 eIPs just for NAT alone. You add on top of any other services you might be hosting that might be using public facing ALBs, that's two eIPs each. It can quickly add up.

      I am not saying they are trying to grab more money (I mean I don't think I need to say that), just wondering what other people's general strategy towards this, because I know I will probably have to change our architecture quite a bit.

      3 votes
      1. Tilbilly
        Link Parent
        It’s a drop in the bucket comparatively speaking to the prices for NAT Gateways and ELBs. An immediate solution that comes to mind is to only have EIPs on your front-facing ELBs, which your...

        It’s a drop in the bucket comparatively speaking to the prices for NAT Gateways and ELBs.

        An immediate solution that comes to mind is to only have EIPs on your front-facing ELBs, which your services behind it operate in a private IPv6 subnet, and has an egress-only internet gateway. Now your 2 AZ solution has 2 EIPs only, and ELBs handle v4/v6 translation natively.

        5 votes
    2. [2]
      unkz
      (edited )
      Link Parent
      It’s going to be $240/month for me, or $2880/year which isn’t nothing. https://toonk.io/aws-and-their-billions-in-ipv4-addresses/index.html AWS seems to have over 100m IPs (100,750,168 in 2020)...

      It’s going to be $240/month for me, or $2880/year which isn’t nothing.

      https://toonk.io/aws-and-their-billions-in-ipv4-addresses/index.html

      AWS seems to have over 100m IPs (100,750,168 in 2020) This could theoretically amount to close to half a billion per month in fees? I assume most of those IPs are allocated since they are charging for them to reduce use.

      3 votes
      1. Tilbilly
        Link Parent
        ISPs routinely charge $20/mo or more for static allocations, so $4/mo is still hardly a gouge. Just because they have economy of scale doesn’t mean it’s specifically for money; I’d wager if it was...

        ISPs routinely charge $20/mo or more for static allocations, so $4/mo is still hardly a gouge. Just because they have economy of scale doesn’t mean it’s specifically for money; I’d wager if it was about drumming up more money, they could easily charge $10/mo or more and really clean house.

        The low price to me seems to suggest they’re trying to encourage smarter use of a finite resource, and increase adoption of IPv6.

        The price is never going to be nothing, and it’s unfortunate you have to experience that impact, but at the same time it’s amazing they’ve kept them free when assigned for as long as they have, and also it’s the nature of the game in general - systems constantly change and evolve.

        My points and thoughts are more that this is about the unfortunate circumstances of change needing to happen, and much less about it being something nefarious or even egregious on the part of Amazon.

        5 votes
  4. [2]
    CaptainAM
    Link
    Let's say I want to host ipv6 only servers (not necessarily at AWS) what would be a good solution to redirect ipv4 traffic? I am curious how some of you are solving this. When looking on the...

    Let's say I want to host ipv6 only servers (not necessarily at AWS) what would be a good solution to redirect ipv4 traffic? I am curious how some of you are solving this. When looking on the internet the most common answer I find is to just use dual stack.

    2 votes
    1. tonyswu
      Link Parent
      Very true, this is a problem for us as well. Any web services we host has to be dual stack, otherwise you just risk losing traffic.

      Very true, this is a problem for us as well. Any web services we host has to be dual stack, otherwise you just risk losing traffic.

      1 vote
  5. SpinnerMaster
    Link
    We already spend an ungodly amount every month. Whats another papercut compared to the deep wounds?

    We already spend an ungodly amount every month. Whats another papercut compared to the deep wounds?

    1 vote
  6. [2]
    Ren_Hoek
    Link
    You can buy and own ip blocks? I saw something about bringing your own ips, I didn't know that is a thing

    You can buy and own ip blocks? I saw something about bringing your own ips, I didn't know that is a thing

    1. pallas
      Link Parent
      You can, but the prices illustrate the scarcity that is driving moves like these. Prices are around $40 per address and above now, and the smallest block has 256 addresses.

      You can, but the prices illustrate the scarcity that is driving moves like these. Prices are around $40 per address and above now, and the smallest block has 256 addresses.

      4 votes
  7. [17]
    g33kphr33k
    Link
    Get ready for the return to on-prem again! I love watching this cycle. Companies get greedy, they increase their prices claiming costs as the factor, shareholders get massive payouts as profits...

    Get ready for the return to on-prem again!

    I love watching this cycle. Companies get greedy, they increase their prices claiming costs as the factor, shareholders get massive payouts as profits are y-o-y bigger, customers start to leave, so they increase prices again to cover that dip in profit.

    Personally, I kept everything on-prem at work as storing petabytes in cloud is stupid expensive compared to local, let alone speed of access when you need access to a 30GB file. This doesn't affect me so I'm just going to grab my popcorn.

    8 votes
    1. [3]
      Adys
      Link Parent
      This isn’t greed. It’s an incentive to get people to waste less IPs. I wish they’d done this five years ago honestly.

      This isn’t greed. It’s an incentive to get people to waste less IPs. I wish they’d done this five years ago honestly.

      11 votes
      1. flowerdance
        Link Parent
        Mind-blowing how you can just allocate eIP for free currently.

        Mind-blowing how you can just allocate eIP for free currently.

      2. Hazel
        Link Parent
        Eh, it's both really. AWS rarely increases their prices directly and this is certainly a way of making more money from existing customers. A quick back-of-the-envelope calculation based on their...

        Eh, it's both really. AWS rarely increases their prices directly and this is certainly a way of making more money from existing customers. A quick back-of-the-envelope calculation based on their published ip-ranges.json file (and I hope I did the math right on that) tells me they have around 136014718 (136M) usable IPv4 addresses. Hard to say how much of those are unallocated, in use by them internally or effectively billed at a lower rate via enterprise agreements, but given one IP costs $43.8/year under this new pricing, an extra billion or two a year is almost guaranteed.

    2. [3]
      stu2b50
      Link Parent
      You'd still have to acquire a static ipv4 address if you do on-prem - that cost money now, hence the charge. That's not how any of it works. If a company sees demand lowering, they will lower...

      You'd still have to acquire a static ipv4 address if you do on-prem - that cost money now, hence the charge.

      Companies get greedy, they increase their prices claiming costs as the factor, shareholders get massive payouts as profits are y-o-y bigger, customers start to leave, so they increase prices again to cover that dip in profit.

      That's not how any of it works. If a company sees demand lowering, they will lower prices. Not to be benevolent, to make the most money. Not to mention that tech companies famously have shareholders over a barrel, with most of them not making a profit and having share classes that mean the founder has full voting power despite having a minority of shares.

      3 votes
      1. [2]
        g33kphr33k
        Link Parent
        I get 5 for free from VM, or BT or any other UK vendor with a business fibre account, which costs about £1300 a quarter these days. To get more in a block it's still like £20 a year each. Getting...

        I get 5 for free from VM, or BT or any other UK vendor with a business fibre account, which costs about £1300 a quarter these days. To get more in a block it's still like £20 a year each.

        Getting IPv4 isn't that much of an issue. I get that when a massive org like AWS has 136m IPv4s and people waste them by not ever provisioning what they've asked for, but they could do a return to bucket if not used system if it truly was a case of waste. Instead, they're monetising them and that is because they hope people just don't bother to return the unused ones still, lining their pockets.

        Let's be honest, pushing IPv6 is the true way to go, but they're not going to do that.

        You say it's not about money? It's always about money when there are shareholders. Hopefully I'm just a cynical old IT guy but let's wait for profits to be posted once implemented and we can continue this conversation.

        1. stu2b50
          Link Parent
          I’m not saying it’s not about the money, I’m saying it’s not because they’re seeing demand drop. If demand is dropping and you raise prices, you make LESS profit. Raising prices all other things...

          I’m not saying it’s not about the money, I’m saying it’s not because they’re seeing demand drop. If demand is dropping and you raise prices, you make LESS profit. Raising prices all other things held constant is a sign of strength for the company, that you think your demand curve is strong enough to sustain higher prices.

          Of course, all things aren’t equal. Interest rates are higher. Money is no longer free, so prices that were below their actual optimal point for market share reasons are being reigned in.

          3 votes
    3. [10]
      teaearlgraycold
      Link Parent
      I like cloud for PaaS stuff. AWS and similar levels of complexity aren't worth the effort for the stuff I do professionally and personally.

      I like cloud for PaaS stuff. AWS and similar levels of complexity aren't worth the effort for the stuff I do professionally and personally.

      2 votes
      1. [9]
        unkz
        (edited )
        Link Parent
        It’s funny, from my perspective using AWS is the exact opposite of complexity. I used to run a private data center and dealing with hardware and routers is way harder than just clicking some...

        It’s funny, from my perspective using AWS is the exact opposite of complexity. I used to run a private data center and dealing with hardware and routers is way harder than just clicking some buttons to provision servers.

        1. [8]
          teaearlgraycold
          Link Parent
          But even better is when you don’t have any “server”. Having an actual stateful filesystem is horrifying to me. I want to go from a git repository to a load balanced multi availability zone...

          But even better is when you don’t have any “server”. Having an actual stateful filesystem is horrifying to me. I want to go from a git repository to a load balanced multi availability zone service/database/redis/CDN in a click.

          1 vote
          1. [7]
            unkz
            Link Parent
            You mean like CloudFormation?

            You mean like CloudFormation?

            1. [6]
              teaearlgraycold
              Link Parent
              I'm not familiar with it. A cursory look at the docs tell me that it's similar to what I'm thinking of. But it's actually still too low level for my work (web apps): { "AWSTemplateFormatVersion":...

              I'm not familiar with it. A cursory look at the docs tell me that it's similar to what I'm thinking of. But it's actually still too low level for my work (web apps):

              {
    "AWSTemplateFormatVersion": "2010-09-09",
    "Description": "A sample template",
    "Resources": {
        "MyEC2Instance": {
            "Type": "AWS::EC2::Instance",
            "Properties": {
                "ImageId": "ami-0ff8a91507f77f867",
                "InstanceType": "t2.micro",
                "KeyName": "testkey",
                "BlockDeviceMappings": [
                    {
                        "DeviceName": "/dev/sdm",
                        "Ebs": {
                            "VolumeType": "io1",
                            "Iops": 200,
                            "DeleteOnTermination": false,
                            "VolumeSize": 20
                        }
                    }
                ]
            }
        },
        "MyEIP": {
            "Type": "AWS::EC2::EIP",
            "Properties": {
                "InstanceId": {
                    "Ref": "MyEC2Instance"
                }
            }
        }
    }
}

              This is just the most basic sample template available. But it still includes details I don't want to think about:

              • Filesystem mount points
              • Disk iops
              • IP allocations

              Also it looks like it's built to operate on AWS's own image system and not Docker.

              Compare that to Render.com's Blueprint files.

              Here's an excerpt:

              services:
  # A Docker web service
  - type: web
    name: webdis
    runtime: docker
    repo: https://github.com/render-examples/webdis.git # optional
    region: oregon # optional (defaults to oregon)
    plan: standard # optional (defaults to starter instance type)
    branch: master # optional (defaults to master)
    rootDir: webdis
    dockerCommand: ./webdis.sh # optional (defaults to Dockerfile command)
    numInstances: 3 # optional (defaults to 1)
    healthCheckPath: /
    envVars:
      - key: REDIS_HOST
        fromService:
          type: redis
          name: lightning
          property: host # available properties are listed below
      - key: REDIS_PORT
        fromService:
          type: redis
          name: lightning
          property: port
      - fromGroup: conc-settings

              It's only what you care about and nothing more. And everything in your blueprint is automatically in a VPN.

              Render can also host non-web services (something not possible with the biggest PaaS incumbent, Heroku). Although I believe you can only expose web services to the open internet.

              1 vote
              1. [3]
                bravemonkey
                Link Parent
                You make some good points about things like IOPs and mount points not things you want to think about. You're wrong in comparing CloudFormation to Docker though - CloudFormation is for deploying...

                You make some good points about things like IOPs and mount points not things you want to think about.

                You're wrong in comparing CloudFormation to Docker though - CloudFormation is for deploying services in AWS like servers, load balancers, and many other things - like Terraform, where with Docker you still need a server to run the docker files on to begin with.

                Render.com looks like it just abstracts the infrastructure layer away from Docker.

                1. [2]
                  teaearlgraycold
                  Link Parent
                  I was referring to this line: "ImageId": "ami-0ff8a91507f77f867", Aren't EC2 images similar in functionality to Docker images? The rest of the file is doing non-Docker things. I was just...

                  I was referring to this line:

                  "ImageId": "ami-0ff8a91507f77f867",

                  Aren't EC2 images similar in functionality to Docker images? The rest of the file is doing non-Docker things. I was just complaining about the proprietary image format.

                  1. bravemonkey
                    Link Parent
                    EC2 images are full operating systems, like a customised ISO file - really a vm image for installing the OS. Docker containers run on top of the OS using its components in a sandboxed environment

                    EC2 images are full operating systems, like a customised ISO file - really a vm image for installing the OS. Docker containers run on top of the OS using its components in a sandboxed environment

              2. [2]
                unkz
                Link Parent
                Yeah, that's a sample config for starting a standalone instance. You'd probably use ECS on Fargate if you want to deploy containerized apps -- AWS has a docker registry where you can store the...

                Yeah, that's a sample config for starting a standalone instance. You'd probably use ECS on Fargate if you want to deploy containerized apps -- AWS has a docker registry where you can store the images, or you can have AWS build them for you using CodeBuild. The config is similar, eg.

                  taskdefinition:
    Type: AWS::ECS::TaskDefinition
    Properties:
      ContainerDefinitions:
        - Name: !Ref AppName
          MountPoints:
            - SourceVolume: my-vol
              ContainerPath: /var/www/my-vol
          Image: amazon/amazon-ecs-sample
          Cpu: '10'
          PortMappings:
            - ContainerPort: !Ref AppContainerPort
              HostPort: !Ref AppHostPort
          EntryPoint:
            - /usr/sbin/apache2
            - '-D'
            - FOREGROUND
          Memory: '500'
          Essential: true
        - Name: busybox
          Image: busybox
          Cpu: '10'
          EntryPoint:
            - sh
            - '-c'
          Memory: '500'
          Command:
            - >-
              /bin/sh -c "while true; do /bin/date > /var/www/my-vol/date; sleep
              1; done"
          Essential: false
          VolumesFrom:
            - SourceContainer: !Ref AppName
      Volumes:
        - Host:
            SourcePath: /var/lib/docker/vfs/dir/
          Name: my-vol