Updated on 2024-04-15 GMT+08:00

IPv6 EIP

Overview

Both IPv4 and IPv6 EIPs are available. You can assign an IPv6 EIP or map an existing IPv4 EIP to an IPv6 EIP.

After the IPv6 EIP function is enabled, you will obtain both an IPv4 EIP and its corresponding IPv6 EIP. External IPv6 addresses can access cloud resources through this IPv6 EIP.

Application Scenarios of IPv4/IPv6 Dual Stack

If your ECS supports IPv6, you can use the IPv4/IPv6 dual stack. Table 1 shows the example application scenarios.

Table 1 Application scenarios of IPv4/IPv6 dual stack

Application Scenario

Description

Requirement

IPv4 or IPv6 Subnet

ECS

Private IPv4 communication

Your applications on ECSs need to communicate with other systems (such as databases) through private networks using IPv4 addresses.

  • No EIPs have been bound to the ECSs.

IPv4 CIDR Block

Private IPv4 address: used for private IPv4 communication.

Public IPv4 communication

Your applications on ECSs need to communicate with other systems (such as databases) through public IPv4 addresses.

  • EIPs have been bound to the ECSs.

IPv4 CIDR Block

  • Private IPv4 address: used for private IPv4 communication.
  • Public IPv4 address: used for public IPv4 communication.

Private IPv6 communication

Your applications on ECSs need to communicate with other systems (such as databases) through private IPv6 addresses.

  • IPv6 has been enabled for the VPC subnet.
  • The network has been configured for the ECSs as follows:
    • VPC and Subnet: IPv6-enabled subnet and VPC.
    • Shared Bandwidth: Selected Do not configure.
  • IPv4 CIDR Block
  • IPv6 CIDR block
  • Private IPv4 address + IPv4 EIP: Bind an IPv4 EIP to the instance to allow public IPv4 communication.
  • Private IPv4 address: Do not bind any IPv4 EIP to the instance and use only the private IPv4 address to allow private IPv4 communication.
  • IPv6 address: Do not configure shared bandwidth for the IPv6 address to allow private IPv6 communication.

Public IPv6 communication

An IPv6 network is required for the ECS to access the IPv6 service on the Internet.

  • IPv6 has been enabled for the VPC subnet.
  • The network has been configured for the ECSs as follows:
    • VPC and Subnet: IPv6-enabled subnet and VPC.
    • Shared Bandwidth: Selected a shared bandwidth.
  • IPv4 CIDR Block
  • IPv6 CIDR block
  • Private IPv4 address + IPv4 EIP: Bind an IPv4 EIP to the instance to allow public IPv4 communication.
  • Private IPv4 address: Do not bind any IPv4 EIP to the instance and use only the private IPv4 address to allow private IPv4 communication.
  • IPv6 address + shared bandwidth: Allow both private IPv6 communication and public IPv6 communication.

For details, see section "IPv4 and IPv6 Dual-Stack Network" in Virtual Private Cloud User Guide.

Application Scenarios of IPv6 EIP

If you want an ECS to provide IPv6 services but the ECS does not support IPv6 networks or you do not want to build an IPv6 network, you can use IPv6 EIP to quickly address your requirements. For details about application scenarios and resource planning, see Table 2.

Table 2 Application scenarios and resource planning of an IPv6 EIP network (with IPv6 EIP enabled)

Application Scenario

Description

Requirement

IPv4 or IPv6 Subnet

ECS

Public IPv6 communication

You want to allow an ECS to provide IPv6 services for clients on the Internet without setting up an IPv6 network.

  • An EIP has been bound to the ECS.
  • IPv6 EIP has been enabled.

IPv4 CIDR Block

  • Private IPv4 address: used for private IPv4 communication.
  • IPv4 EIP (with IPv6 EIP enabled): used for public network communication through IPv4 and IPv6 addresses.

Enabling IPv6 (Assigning IPv6 EIPs)

  • Method 1:

    Select the IPv6 EIP option when you assign an EIP by referring to Assigning an EIP and Binding It to an ECS so that you can obtain both an IPv4 and an IPv6 EIP.

    External IPv6 addresses can access cloud resources through this IPv6 EIP.

  • Method 2:

    If you want an IPv6 EIP in addition to an existing IPv4 EIP, locate the row that contains the target IPv4 EIP, click More in the Operation column, and select Enable IPv6 EIP. Then, a corresponding IPv6 EIP will be assigned.

    After the IPv6 EIP is enabled, you will obtain both an IPv4 EIP and an IPv6 EIP. External IPv6 addresses can access cloud resources through this IPv6 EIP.

Configuring Security Groups

After IPv6 EIP is enabled, add inbound and outbound security group rules to allow packets to and from the IP address range 198.19.0.0/16. Table 3 shows the security group rules. IPv6 EIP uses NAT64 to convert the source IP address in the inbound direction to an IPv4 address in the IP address range 198.19.0.0/16. The source port can be a random one, the destination IP address is the private IPv4 address of your local server, and the destination port remains unchanged.

For details, see section "Adding a Security Group Rule" in the Virtual Private Cloud User Guide.

Table 3 Security group rules

Direction

Protocol

Source or Destination

Inbound

All

Source: 198.19.0.0/16

Outbound

All

Destination: 198.19.0.0/16

Disabling IPv6 EIP

If you do not need the IPv6 EIP, locate the row that contains its corresponding IPv4 EIP, click More in the Operation column, and select Disable IPv6 EIP. Then, the IPv6 EIP will be released. You will only have the IPv4 EIP.