How can I add support for IPv6 to and Azure application Gateway knowing that it does not support it

Question

I am not a system administrator or network administrator thus I having hard time trying to figure it out a work around to support IPv6 on an Azure Service Fabric Cluster without using the Load Balancer.

From here: IPv6 support for Azure other than the load balancer thing

I have checked that IPv6 is only supported by that lb appliances but the entry point of my current cluster is an application gateway.

Is there a recommended work around for adding Ipv6 support for using a Azure App Gateway

Answer 1

Is there a recommended work around for adding Ipv6 support for using a Azure App Gateway

There is no nice way to do that, only work-arounds. Anyway, you can do the following:

• instanciate an Azure back-end server,
• configure this server to establish an IPv6 over IPv4 tunnel to an IPv6 public tunnel broker,
• install a reverse-proxy on your back-end server, listening to an IP address chosen inside the IPv6 prefix offered by your tunnel broker,
• configure this reverse-proxy to translate the accepted IPv6 https connections into outgoing http or https IPv4 requests to your Azure app gateway (the connection stays inside the Azure network, so you may accept not to encrypt it, using http instead of https).

But this will not be very efficient because:

1- this is your back-end server that will terminate and decrypt ssl connections;

2- IPv6 packets from/to your servers in Azure will go through your tunnel broker and Azure, you will not have direct connections between the clients and Azure.

To find a free IPv6 tunnel broker, see for instance Hurricane Electric.