Updates over IPv6 in the public clouds

SUSE provides an update infrastructure, enabling timely updates for SUSE instances in Amazon Web Services, Google Compute Platform, and Microsoft Azure.  We have recently completed upgrades to this infrastructure to support IPv6. All update servers globally will now respond to both IPv6 and IPv4 requests.

Since cloud-regionsrv-client v9.2.0, released way back in June 2021, we have been incrementally improving client-side support for IPv6 registrations, and stabilized support with v10.1.6, released in February 2024. With final integration testing completed we have updated all configurations such that clients can start using IPv6. An update to cloud-regionsrv-client >= version 10.1.6 on the instance is required to use IPv6. This version of the client is built in to all SLE 15 and newer images with a timestamp date greater than 20240227. SUSE Linux Enterprise 12 is reaching the end of general support in October 2024, and therefore no new features are enabled for images or instances from SLE 12 based images. All instances started from SLE 15 images can be updated to use IPv6.

In accordance with RFC 6724, IPv6 is given preference over IPv4. The initial request to region servers, returning data about region local update servers, will be attempted first via the region servers’ IPv6 addresses. This requires that you have the latest version of regionServiceClientConfigEC2 >= 4.3, regionServiceClientConfigGCE >= 4.2, or regionServiceClientConfigAzure >= 2.2, respectively installed. The response will now include both IPv6 and IPv4 addresses for the update servers. Registration will then be attempted via IPv6, if enabled for the client instance and network constructs, with a fallback to IPv4 addresses. As a result, any instance with IPv6 enabled will register via IPv6, and only instances within network constructs (e.g. VPCs or subnets) with IPv6 disabled will register via IPv4. If you have an instance already registered to our infrastructure via IPv4, you can switch to IPv6 by re-registering:

registercloudguest --clean && registercloudguest

Both addresses for all servers are included in pint data. We at SUSE hope the full support of IPv6 will provide you with the network configuration options needed.

Special instructions for IPv6-only instances

At the time of this writing AWS offers IPv6 only, IPv4 only and dual stack subnet setup. See the AWS blog for setup instructions. When launching an instance inside a subnet that has IPv6 only, it is necessary to enable IMDS (Instance Metadata Service) access via IPv6 as well or your instance will not be able to register with the update infrastructure. Enable IMDS access over IPv6 as follows:

aws --region <region> ec2 run-instances \
  --instance-type <instance-type> \
  --image-id <ami-id> \
  --subnet-id <your-ipv6-only-subnet-id> \
  --key-name <your-keyname> \
  --security-group-ids <your-security-group-id>\
  --ipv6-address-count 1 \
  --metadata-options "HttpEndpoint=enabled,HttpProtocolIpv6=enabled"

In Azure and GCE the network constructs are dual stack or IPv4 only.

Edit 2025-01-16: Azure support is now available.