Connect to an IPv6 subnet
Welcome to CloudAffaire and this is Debjeet.
In the last blog post, we have created a new subnet with IPv4 and IPv6 CIDR block. We have also created a new EC2 instance with IPv6 IP address in this new subnet.
In this blog post, we are going to configure our subnet with IPv6 for internet connection. Below is the configuration diagram for this demo.
Connect to an IPv6 subnet:
Step 1: Login to AWS console and navigate to ‘VPC’.
Step 2: Navigate to ‘Route Tables’ and select the custom route table. Navigate to ‘Subnet Associations’ and click ‘Edit subnet associations’.
Note: Currently our IPv6 subnet is implicitly associated with the main route table which does not have a route for internet gateway required for internet connectivity.
Step 3: Check IPv6 subnet and click ‘Save’.
IPv6 subnet (subnet 3) explicitly associated with the custom route table.
Next, we are going to edit the route entry for our custom route table for IPv6 routing to the internet gateway.
Step 4: Click ‘Edit routes’ located under ‘Routes’.
Step 5: Click ‘Add route’ and from the drop down select internet gateway as the target. The destination will be ‘::/0’. Click ‘Save Routes’.
One success message will be displayed, click ‘Close’.
IPv6 routing successfully added to the custom route table.
Next, create an EC2 instance (Instance2) in the public subnet (subnet 2).
Step 6: Connect to the instance3 from instance2 using putty with agent forwarding and ping www.google.com using ping6.
Note: Outbound internet connection established with the instance.
Next, we will check the inbound internet access
IPv6 address is public address by default and can be accessed from anywhere in the world. But in order to access IPv6 address, you need your own IPv6 address in your host system. Unfortunately, our ISP doesn’t support IPv6 yet. Hence we will test the IPv6 address connectivity form an online site. http://www.ipv6now.com.au/pingme.php
Step 7: Open the above link in your browser. Provide your IPv6 address in the box and click ‘Ping now’.
Note: Inbound internet access established to the EC2 instance.
Cleanup: Delete your EC2 instance and VPC.
Note: We will use this same VPC for the next couple of blogs. If you wish to follow, then do not delete the VPC.
Hope you have enjoyed this blog post. In the next blog post, we are going to create an egress only internet gateway to restrict inbound internet access and enable only outbound internet access to the IPv6 subnet.
To get more details on VPC, please refer below AWS documentation