|
On Friday, July 28, 2023, AWS announced they would begin charging for every IPv4 address an account is allocated or using on the platform, starting February 1, 2024. That’s a change from the current scheme, which only charges you for addresses you reserve, but aren’t using, or if you reassign the same address over a hundred times a month.
The rate is $0.005 per hour per IP. Assuming 30 ½ days per month, the cost of a single IP is $3.66 per month. If you only have one address, that’s a minor increase to your monthly AWS bill. However, some enterprises and universities have moved hundreds of systems to the cloud. With current IPv4 prices for small blocks in the low $30s per address, buying a /24 (256 addresses) pays for itself in less than a year.
AWS also encouraged users to consider, “accelerating your adoption of IPv6.”
To see how many IPv4 addresses you’re using on AWS, log into the console, under your name on the top right choose Billing > Cost & usage reports > Create Report, enter a Report name, check Include resource IDs, Next. Choose an S3 bucket or create a new one. You may have to wait up to 24 hours to see your report under “Cost and Usage Reports.”
Warning: scary technical content follows!
After you buy your /24, here’s how you get started using it. AWS has a free way to Bring Your Own IP (BYOIP):
$ openssl genpkey -aes256 -algorithm RSA -pkeyopt rsa_keygen_bits:2048 -out private-key.pem
$ openssl rsa -in private-key.pem -pubout > public-key.pem
$ openssl req -new -x509 -key private-key.pem -days 365 | tr -d “n” > certificate.pem,/code>
——BEGIN CERTIFICAT——
and ——END CERTIFICAT——
Using the AWS Command Line Interface (AWS CLI) there’s no other way, so install aws-cli if you need to provision the block:
text_message=“1|aws|
123456789012|192.0.2.0/24|20241201|SHA256|RSAPSS”
signed_message=$( echo -n $text_message | openssl dgst -sha256 -sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:-1 -sign private-key.pem -keyform PEM | openssl base64 | tr—‘+=/’ ‘-_~’ | tr -d “n”)
aws ec2 provision-byoip-cidr—cidr
192.0.2.0/24 —cidr-authorization-context Message=”$text_message”,Signature=”$signed_message”—region
us-east-1aws ec2 describe-byoip-cidrs—max-results 5—region
us-east-1 to look for the block.aws ec2 advertise-byoip-cidr—cidr
192.0.2.0/24—region us-east-1The whole process, except waiting for AWS to provision, should take less than 20 minutes. Text in consolas span
above should be pasted exactly, after replacing text in bold with your specific values.
To download a Word file of the above, click here.
Sponsored byVerisign
Sponsored byVerisign
Sponsored byWhoisXML API
Sponsored byCSC
Sponsored byIPv4.Global
Sponsored byRadix
Sponsored byDNIB.com