Route 53’s support for IPv6 AAAA records is a surprisingly straightforward way to get your services ready for the next generation of the internet.
Let’s see how this plays out in a real-world scenario. Imagine you have a web server running on an EC2 instance, and you want it to be reachable via both IPv4 and IPv6.
Here’s a simplified view of the Route 53 record set you’d create:
{
"Comment": "Dual-stack A and AAAA records for example.com",
"Changes": [
{
"Action": "UPSERT",
"ResourceRecordSet": {
"Name": "www.example.com.",
"Type": "A",
"TTL": 300,
"ResourceRecords": [
{
"Value": "192.0.2.44"
}
]
}
},
{
"Action": "UPSERT",
"ResourceRecordSet": {
"Name": "www.example.com.",
"Type": "AAAA",
"TTL": 300,
"ResourceRecords": [
{
"Value": "2001:db8::1234"
}
]
}
}
]
}
This JSON snippet, when applied via the AWS CLI’s route53 change-resource-record-sets command, tells Route 53 to manage both an IPv4 (A) and an IPv6 (AAAA) record for www.example.com. The UPSERT action means it will create the record if it doesn’t exist, or update it if it does. Notice how the Name is identical, and the TTL is the same for both.
The problem this solves is ensuring that clients, regardless of whether they are using an IPv4 or IPv6 network, can resolve your domain name to a reachable IP address. Before widespread IPv6 adoption, an A record was sufficient. Now, to be truly accessible to all internet traffic, you need both. When a client makes a DNS query for www.example.com, if the client is IPv6-capable, it will prefer the AAAA record. If it’s only IPv4-capable, it will fall back to the A record.
Internally, Route 53 is a distributed DNS service. When you create these records, you’re essentially telling its authoritative nameservers to store and serve this information. The TTL (Time To Live) of 300 seconds means that DNS resolvers (like your ISP’s or Google’s 8.8.8.8) will cache these records for 5 minutes before needing to ask Route 53 again. This balance between freshness and performance is key.
The exact levers you control are the Name (your domain or subdomain), the Type (A or AAAA), the TTL, and the Value (the actual IP address). For AAAA records, the Value must be a valid IPv6 address in standard notation.
A common misconception is that you need separate DNS zones or complex configurations for dual-stack. In reality, you simply create parallel A and AAAA records with the same name within the same hosted zone. The DNS protocol itself handles the client’s preference.
The most surprising thing about setting up IPv6 with Route 53 is how little changes for the A record itself. You’re not replacing anything; you’re augmenting it. The system gracefully handles clients that only support one protocol by simply not returning the record type they can’t use.
If you’re using Route 53’s Alias records to point to AWS resources like an Application Load Balancer (ALB) or an API Gateway, enabling IPv6 for the underlying resource will automatically provision the corresponding AAAA alias record in Route 53. You don’t manually set the IPv6 address; Route 53 infers it from the resource’s capabilities.
The next concept to explore is how to verify your dual-stack setup is working correctly from various network perspectives.