How to Share Content over IPv6 with AWS EC2

by Jeff Loughridge

Although EC2 instances are not IPv6-capable as of this writing, Amazon has implemented IPv6 for its US East (Northern Virginia) and EU (Ireland) Elastic Load Balancers. I’ll demonstrate how to make IPv6 content available using EC2 and the load balancers. Please note that Amazon is currently offering new customers EC2 micro instances at no charge if you remain under certain thresholds.

Instance Set-up

  1. Install a Linux-based Amazon Machine Instance. If you want to follow along with this tutorial, use a Ubuntu 10.04 LTS instance that Canonical uploaded to the Community AMIs (AMI ID ami-63be790a). Use US East or EU (Ireland) servers. If this is your first time setting up an instance, I recommend viewing Greg Wilson’s tutorial on Youtube.
  2. Log in using the “ubuntu” user name. Use the ssh private key as described in the video.
  3. Install the packages required for a LAMP server. A simple way to do this is to “sudo tasksel --section server”. Select “LAMP server” in the graphical installer. Strangely, the LAMP selection does not install PHP. I did this manually with “sudo apt-get install php5-cli”.

Load Balancer Set-up

  1. Click on “Load Balancer” in the “Network & Security” left panel of the AWS Console. Click the “Create Load Balancer” button.
  2. Give your load balancer a name. I used the default HTTP entry. For the health check, I used the default settings.
  3. Add your instance to the load balancer.
  4. Now that the load balancer is created, place a check next to its entry so that detailed information appears in the bottom panel.
  5. Write down your IPv4, IPv6, and dual stack DNS names.
  6. Click on the Instances tab in the bottom panel. Make sure the instance’s status indicates “In Service”. Note:  I’ve noticed that the time required for the health check to add the instance into service can be 20 – 45 minutes.

Testing DNS and Load Balancer

  1. Use dig or nslookup to verify that you get A (IPv4) and AAAA (IPv6) records. This verification step is primarily for your information.
  2. ubuntu@ip-10-244-171-28:~$ nslookup
    > Jeff-LB-Test-1796974432.us-east-1.elb.amazonaws.com
    Server: 172.16.0.23
    Address: 172.16.0.23#53
    Non-authoritative answer:
    Name: Jeff-LB-Test-1796974432.us-east-1.elb.amazonaws.com
    Address: 50.19.220.184
    > set type=AAAA
    > ipv6.Jeff-LB-Test-1796974432.us-east-1.elb.amazonaws.com
    Server: 172.16.0.23
    Address: 172.16.0.23#53
    Non-authoritative answer:
    ipv6.Jeff-LB-Test-1796974432.us-east-1.elb.amazonaws.com has AAAA address 2406:da00:ff00::3213:dcb8
    Authoritative answers can be found from:
    > dualstack.Jeff-LB-Test-1796974432.us-east-1.elb.amazonaws.com
    Server: 172.16.0.23
    Address: 172.16.0.23#53
    Non-authoritative answer:
    dualstack.Jeff-LB-Test-1796974432.us-east-1.elb.amazonaws.com has AAAA address 2406:da00:ff00::3213:dcb8
    Authoritative answers can be found from:
    >

  3. Create a script called test.php with the following text.
    <?php
    
    $headers = apache_request_headers();
    $ip = $headers["X-Forwarded-For"];
    
    if($ip) {
      print "X-Forwarded-For header is $ip";
    }
    else {
      $ip =  getenv('REMOTE_ADDR');
      print "IP is $ip";
    }
    
    ?>
    

    Amazon’s Elastic Load Balancers will set the X-Forwarded-For header to the IPv6 source address. If the connection is made via IPv4, the X-Forwarded-For variable is undefined. Put this script in /var/www.

  4. Using your web browser, access http://yourIPv4DNS/test.php, http://yourIPv6DNS/test.php, and http://yourDualstackDNS/test.php. Assuming you are accessing from a dual stack IPv4/IPv6 end host that prefers IPv6, you will see an IPv4 address, an IPv6 address, and an IPv6 address respectively.

 

Congratulations! Your content is now available over IPv6. Now you can set the CNAME record for your domain to the dual stack DNS name so that users can type in your domain and reach your site via IPv4 or IPv6. For more information on how to use CNAME’s with Amazon EC2, see Using Domain Names with Elastic Load Balancing.

I hope this post encourages people to make content available over IPv6. The days of assuming all end hosts are reachable via IPv4 are over. Amazon’s EC2 and Elastic Load Balancers make transitioning content to IPv6 simple.

Advertisements

10 Responses to “How to Share Content over IPv6 with AWS EC2”

  1. Great post and information …. :)

    Also like to know if Amazon has started IPV6 on all regions now or not , and if yes then what are the procedure to get the instance ready to support IPV6.

    Like :

    What are the DNS changes we have to do ?
    What are the Firewall chnages has to be made ?
    What are all system wide changes we have to do (like network/kernel etc …)

  2. Koresh,

    I’m glad you enjoyed the post. I’d also like to know when the regions will support IPv6. Let’s hope it is soon.

    Most recent operating systems support IPv6 by default. If you’ve already implemented what I’ve described in this post, the load balancer might switch to IPv6 to communicate with the instances without manual intervention. We won’t know for certain until AWS makes an announcement about IPv6.

    Jeff L.

  3. Every time the script returns my ip address. I followed all the steps

    • Vinay,

      You are probably accessing the site using IPv4 transport. Try to ping 2600:: to see if you are connected to the IPv6 Internet. If you are, make sure you get a AAAA record for the ELB.

  4. Hi Jeff,

    Is it still possible to create loadbalancers that have an IPv6 address using the new EC2 Management Console? The new console seems to require users to assign load balancers to a Virtual Private Cloud (VPC), and the documentation (http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-internet-facing-load-balancers.html#Public DNS Names for Your Load Balancer) seems to imply that VPC load balancers are not assigned IPv6 addresses. Do you know of a work-around?

    Thanks

  5. Hi Jeff,

    I am trying to enable ipv6 support over aws ec2 instance.
    I have done all basic settings but not able to set ipv6.
    i have created ipv6 ip address, enabled ipv4 over nginx, created scrurity group to accept ipv6.
    Still when my android app fails to connect with server from ipv6 wifi connection.
    Thanks in advance.

Trackbacks

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: