Archive for September, 2011

09/04/2011

How to Share Content over IPv6 with AWS EC2

by Jeff Loughridge

Although EC2 instances are not IPv6-capable as of this writing, Amazon has implemented IPv6 for its US East (Northern Virginia) and EU (Ireland) Elastic Load Balancers. I’ll demonstrate how to make IPv6 content available using EC2 and the load balancers. Please note that Amazon is currently offering new customers EC2 micro instances at no charge if you remain under certain thresholds.

Instance Set-up

  1. Install a Linux-based Amazon Machine Instance. If you want to follow along with this tutorial, use a Ubuntu 10.04 LTS instance that Canonical uploaded to the Community AMIs (AMI ID ami-63be790a). Use US East or EU (Ireland) servers. If this is your first time setting up an instance, I recommend viewing Greg Wilson’s tutorial on Youtube.
  2. Log in using the “ubuntu” user name. Use the ssh private key as described in the video.
  3. Install the packages required for a LAMP server. A simple way to do this is to “sudo tasksel --section server”. Select “LAMP server” in the graphical installer. Strangely, the LAMP selection does not install PHP. I did this manually with “sudo apt-get install php5-cli”.

Load Balancer Set-up

  1. Click on “Load Balancer” in the “Network & Security” left panel of the AWS Console. Click the “Create Load Balancer” button.
  2. Give your load balancer a name. I used the default HTTP entry. For the health check, I used the default settings.
  3. Add your instance to the load balancer.
  4. Now that the load balancer is created, place a check next to its entry so that detailed information appears in the bottom panel.
  5. Write down your IPv4, IPv6, and dual stack DNS names.
  6. Click on the Instances tab in the bottom panel. Make sure the instance’s status indicates “In Service”. Note:  I’ve noticed that the time required for the health check to add the instance into service can be 20 – 45 minutes.

Testing DNS and Load Balancer

  1. Use dig or nslookup to verify that you get A (IPv4) and AAAA (IPv6) records. This verification step is primarily for your information.
  2. ubuntu@ip-10-244-171-28:~$ nslookup
    > Jeff-LB-Test-1796974432.us-east-1.elb.amazonaws.com
    Server: 172.16.0.23
    Address: 172.16.0.23#53
    Non-authoritative answer:
    Name: Jeff-LB-Test-1796974432.us-east-1.elb.amazonaws.com
    Address: 50.19.220.184
    > set type=AAAA
    > ipv6.Jeff-LB-Test-1796974432.us-east-1.elb.amazonaws.com
    Server: 172.16.0.23
    Address: 172.16.0.23#53
    Non-authoritative answer:
    ipv6.Jeff-LB-Test-1796974432.us-east-1.elb.amazonaws.com has AAAA address 2406:da00:ff00::3213:dcb8
    Authoritative answers can be found from:
    > dualstack.Jeff-LB-Test-1796974432.us-east-1.elb.amazonaws.com
    Server: 172.16.0.23
    Address: 172.16.0.23#53
    Non-authoritative answer:
    dualstack.Jeff-LB-Test-1796974432.us-east-1.elb.amazonaws.com has AAAA address 2406:da00:ff00::3213:dcb8
    Authoritative answers can be found from:
    >

  3. Create a script called test.php with the following text.
    <?php
    
    $headers = apache_request_headers();
    $ip = $headers["X-Forwarded-For"];
    
    if($ip) {
      print "X-Forwarded-For header is $ip";
    }
    else {
      $ip =  getenv('REMOTE_ADDR');
      print "IP is $ip";
    }
    
    ?>
    

    Amazon’s Elastic Load Balancers will set the X-Forwarded-For header to the IPv6 source address. If the connection is made via IPv4, the X-Forwarded-For variable is undefined. Put this script in /var/www.

  4. Using your web browser, access http://yourIPv4DNS/test.php, http://yourIPv6DNS/test.php, and http://yourDualstackDNS/test.php. Assuming you are accessing from a dual stack IPv4/IPv6 end host that prefers IPv6, you will see an IPv4 address, an IPv6 address, and an IPv6 address respectively.

 

Congratulations! Your content is now available over IPv6. Now you can set the CNAME record for your domain to the dual stack DNS name so that users can type in your domain and reach your site via IPv4 or IPv6. For more information on how to use CNAME’s with Amazon EC2, see Using Domain Names with Elastic Load Balancing.

I hope this post encourages people to make content available over IPv6. The days of assuming all end hosts are reachable via IPv4 are over. Amazon’s EC2 and Elastic Load Balancers make transitioning content to IPv6 simple.