title: “gke/WARN/2025_001” linkTitle: “WARN/2025_001” weight: 1 type: docs description: > GKE External LoadBalancer service fails with subnet configured with ipv6 internal access only
Product: Google Kubernetes Engine
Rule class: WARN - Something that is possibly wrong
Description
GKE cluster in a dual-stack subnet with internal IPs allocated for internal load balancers and external IPs for external access.
If you’re using a Google Kubernetes Engine (GKE) cluster with a dual-stack subnet configured for internal IPv6 access, you won’t be able to create or update an external load balancer service. External load balancers need an external IP address. This address is normally taken from the GKE subnet. Internal IPv6 access prevents external IP allocation. When your subnet is set up for internal IPv6 access, the system prioritizes internal IPs, making it impossible to get an external IPv6 address for the load balancer. This limitation applies to services without the annotation “networking.gke.io/load-balancer-type: “Internal” which specifically instructs GKE to create an external load balancer
Remediation
Create a separate subnet within your VPC specifically for external resources and services Configure this subnet with external IPv6 access only. This ensures that external IPv6 addresses are available for your external load balancer When creating your GKE cluster, specify this new subnet for your nodes and external services