I’ve gone on long rants about it before right here on HN but I can’t be bothered digging up the old post…

… the quick and dirty bullet points are:

- Enabling IPv6 in one virtual network could break managed PaaS services in other peered networks.

- Up until very recently none of the PaaS services could be configured with IPv6 firewall rules.

- Most core managed network components were IPv4 only. Firewalls, gateways, VPNs, etc… support is still spotty.

- They NAT IPv6 which is just gibbering eldrich madness.

- IPv6 addresses are handed out in tiny pools of 16 addresses at a time. No, not a /16 or anything like that.

Etc…

The IPv6 networking in Azure feels like it was implemented by offshore contractors that did as they were told and never stopped to think if any of it made sense.

References:

- Inbound IPv6 support for App Service was added this week. https://azure.microsoft.com/en-au/updates/?id=499998

- Outbound IPv6 support is "Preview": https://learn.microsoft.com/en-us/azure/app-service/overview...

- Public IP Prefixes support a maximum of 16 consecutive addresses even for IPv6: https://learn.microsoft.com/en-us/azure/virtual-network/ip-s...

- There's an entire page of IPv6 limitations. To understand how nuts this is, just swap IPv6<->IPv4 and see if it still reads like a professional service you'd pay money for! https://learn.microsoft.com/en-us/azure/virtual-network/ip-s...

- You STILL can't use PostgreSQL with IPv6: "Even if the subnet for the Postgres Flexible Server doesn't have any IPv6 addresses assigned, it cannot be deployed if there are IPv6 addresses in the VNet." -- that's just bonkers.

- Just... oh my god:

"Azure Virtual WAN currently supports IPv4 traffic only."

"Azure Route Server currently supports IPv4 traffic only."

"Azure Firewall doesn't currently support IPv6"

"You can't add IPv6 ranges to a virtual network that has existing resource in use."

> They NAT IPv6 which is just gibbering eldrich madness.

Yeah! I'm out.

What a complete lack of competence!