How to See AWS Public IPv4 Address Costs

On February 1st, AWS implemented a controversial price increase for IPv4 addresses to, in their words, “encourage you to be a bit more frugal with your use of public IPv4 addresses and to think about accelerating your adoption of IPv6 as a modernization and conservation measure.” The problem—compatibility issues and a lack of support for IPv6.

The good news is there are tools you can use to gain visibility on your IPv4 addresses. Skip to the How You Can See AWS Public IPv4 Costs section if you’re already familiar with what’s changing and why.

What’s Changing with AWS Public IPv4 Addresses and Why

Before this month, there was no charge for in-use AWS Public IPv4 addresses. Now, the price is $0.005 an hour, which equates to $43.8 a year. This applies to public IPv4 addresses and Elastic IP addresses (IPv4) assigned to resources within your VPC, Amazon Global Accelerator, and AWS Site-to-Site VPN tunnel. This decision was motivated by the shortage of IPv4 addresses.

As you may already know, there are only 4.3 billion IPv4 addresses. With every device that connects to the internet (e.g., laptops, smartphones, and tablets) needing IP addresses, it was inevitable to run out. This depletion of IPv4 addresses is called IPv4 Address Exhaustion.

Technically, we’ve already run out. History recap: in 2011, the Number Resource Organization (NRO) announced the free pool of available IPv4 addresses to be fully depleted. More specifically, the Internet Assigned Numbers Authority (IANA) had equally distributed the IANA pool between the five Regional Internet Registries (RIRs). After that, the RIRs began to run out of IPv4 addresses to distribute. In 2019, RIPE (Europe’s RIR) was the last to announce that they officially ran out. However, the RIRs continue to recover them, for example, when a company goes out of business or no longer needs them.

Though IPv4 addresses have “run out,” you can still buy them on the private market. That’s what companies like Amazon have done. In 2020, AWS had over 100 million IPv4 addresses with roughly 53 Million allocated. Still, that estimate leaves them with about half of their IPv4 addresses. With all that in mind, their stance to motivate conservation measures checks out.

Maybe You Can Switch to IPv6, Maybe Not

If you were already familiar with IPv4 Address Exhaustion, you’re probably aware that IPv6 was designed to solve the problem. This time, they wanted to ensure that the IP addresses wouldn’t run out. Fortunately, there are so many IPv6 addresses it is hard to type out or put it into words. Steve Leibson does a good job at the atom level, “we could assign an IPV6 address to EVERY ATOM ON THE SURFACE OF THE EARTH, and still have enough addresses left to do another 100+ earths.” As you can see, we’re not running out of IPv6 addresses any time soon.

So, why don’t we switch? As pointed out by members of the community, IPv6 is just not there yet.

End-user incompatibility is a huge factor for hesitation in switching. Many Internet Service Providers (ISPs), devices (e.g., routers, servers, internet-connected TVs, and home security systems), and software (e.g., operating systems and firewalls) are not yet compatible with IPv6.

The lack of tooling support for AWS services is also a major drawback. There are several AWS services not supported, such as Load Balancers, Lambda, CloudFront, and most APIs. Other cloud providers like GCP and Azure also have IPv4-only features and functionalities. They’re not alone, many other services are lacking support as well. GitHub is another popular example of a platform where IPv6 adoption has faced challenges.

Despite the challenges and hesitations surrounding IPv6 adoption, there has been noticeable growth in recent years. A graph by Google shows the percentage of users accessing Google over IPv6 is growing (although it is almost non-existent in some countries). Organizations, governments, and ISPs worldwide are gradually transitioning. Cloud providers are increasing efforts to make their services compatible with IPv6. See this list of AWS services that support IPv6. Still, a lack of tooling support and global adaption could make IPv6 inoperable for your use case.

How You Can See AWS Public IPv4 Costs

There are three tools you can use to see Public IPv4 costs.

Public IP Insights

With this announcement, AWS also announced Public IP Insights as a free tool to monitor, analyze, and audit your public IPv4 addresses. With Public IP Insights, you can see a list of your public IPv4 addresses, their type, EIP usage, a breakdown by regions and accounts, as well as details such as associated service, network interface ID, EC2 Instance ID, Account ID owner, and more.

AWS Public IPv4 Insights graphs from AWS.

AWS Public IPv4 Insights table from AWS.

Follow these steps from Amazon to view Public IP Insights:

1. Open the IPAM console.
2. In the navigation pane, choose Public IP Insights.
3. View details for a public IP address by clicking an IP address.

Cost Explorer

One thing you can’t see in Public IP Insights is cost. You can also view the total cost of Public IP addresses in Cost Explorer by following these steps from Amazon:

1. Open Cost Explorer
2. Use the “Usage type” filter to select all usage types for “PublicIPv4.”
   1. PublicIPv4:IdleAddress: This usage type is for idle public IPv4 addresses ($0.005 per hour).
   2. PublicIPv4:InUseAddress This usage type is for both the first public IPv4 address assigned on an ENI (new charge of $0.005 per hour) and any additional (secondary) public IPv4 address assigned on an ENI ($0.005 per hour).

Vantage

Vantage combines some of the functionalities of Public IP Insights and Cost Explorer for full visibility into IPv4 costs. Vantage supports cost forecasting, views by region, idle and in-use costs, and costs by resource ID.

See Public IPv4 Total Cost and Forecasted Costs

Public IPv4 total cost and forecasted costs in Vantage.

To see Public IPv4 total cost and forecasted costs in Vantage follow these steps:

1. Open the Vantage console.
2. Navigate to the Cost Reporting tab.
3. Click New in the top right.
4. Select Filters:
   1. Choose AWS for the provider.
   2. Click New Rule, then select Category.
   3. Type “Amazon Virtual Private Cloud” in Select a Service.
   4. Select Other in Select a Category.
   5. Click New Rule, then select Subcategory.
   6. Type “Amazon Virtual Private Cloud” in Select a Service.
   7. Change is to contains.
   8. Type “PublicIPv4” in Keyword.
5. Click Save as New and save your report.

Use Terraform to Create the Public IPv4 Report

You can also automate the creation of the previous report using Terraform. See this guide for a tutorial on how to get set up with Terraform in Vantage.

Use the following configuration for your report. The below configuration is also available in this repository. Ensure you have a valid API token created:

terraform {
  required_providers {
    vantage = {
      source = "vantage-sh/vantage"
    }
  }
}

provider "vantage" {
  # this can also be configured with export VANTAGE_API_TOKEN=<YOUR_API_TOKEN>
  # and this block removed entirely:
  api_token = var.api_token
}

resource "vantage_cost_report" "ipv4_report" {
  title               = "IPv4 Report"
  filter = <<FILTER
    (costs.provider = 'aws' AND
    (costs.service = 'Amazon Virtual Private Cloud' AND costs.category = 'Other') AND
    (costs.service = 'Amazon Virtual Private Cloud' AND costs.subcategory LIKE '%PublicIPv4%'))
FILTER
  workspace_token = "<YOUR_WORKSPACE_TOKEN>"
  # optionally, use folder_token instead of workspace_token
  # folder_token = "fldr_12345"
}

This configuration uses the vantage_cost_report resource to create a report that displays your public IPv4 costs. It uses VQL—or Vantage Query Language—to create the report filters. The report will also generate a forecast.

See Public IPv4 Costs by Subcategory: Region, Idle, and In-Use

Public IPv4 costs by Subcategory in Vantage.

You can also group by Subcategory to see a breakdown of costs by region, as well as idle vs in-use (or active) costs. To do this, simply click Group By, then select Subcategory. We also changed the view from Cumulative to Weekly.

See Public IPv4 Costs per Public IPv4 Address

Public IPv4 costs by Resource in Vantage.

Grouping by both Subcategory and Resource will show the costs associated with each Public IPv4 address. Add Resource to the Group By options. We also changed the view back to Cumulative and changed the date range to start before February 1st. As you can see, there were no costs associated with these Public IPv4 addresses before this month.

Reduce AWS Public IPv4 Spend

After using these visibility tools, you can audit your public IPv4 addresses and perform any cost-saving strategies within your scope. Here are a few options:

• Remove Idle IPv4 Addresses: Eliminate unnecessary costs by identifying and removing unused public IPv4 addresses.
• Switch to IPv6: If possible, avoid paying the hourly fee by switching to IPv6.
• Leverage NAT Gateways and Private Subnets: In some cases, it may be cost-effective to utilize NAT Gateways or private subnets, ensuring secure connectivity without unnecessary expenses.
• EC2 Instance Configuration: Audit your EC2 instances to ensure that the auto-assign public IPv4 address setting is disabled for instances where it’s not needed.

Conclusion

As the world makes efforts to transition from IPv4 to IPv6, pain points such as increased costs are inevitable. By using observability tools, you can understand your costs and optimize accordingly. By auditing your Public IP costs, you can consider cost-optimization techniques, such as removing idle addresses, switching to IPv6, leveraging NAT Gateways and private subnets, and configuring your EC2 instances.