Home Blog Talks

Complete Steps for Ubuntu on Alibaba Cloud to Support IPv6

2016-08-06

Use Hurricane Electric Free IPv6 Tunnel Broker to enable IPv6 support on Alibaba Cloud servers.

A few days ago, my new version of the iOS App was rejected because it couldn’t be used in an IPv6-only environment. However, Alibaba Cloud’s ECS does not support IPv6 and only provides IPv4 IPs. Fortunately, Hurricane Electric (hereinafter referred to as HE) offers a free IPv6 tunnel which is basically sufficient.

Let’s talk about the basic environment of ECS:

There are mainly four steps to enable IPv6:

  1. Register and create an IPv6 tunnel
  2. Configure ECS to support IPv6
  3. Configure Nginx to listen to IPv6 ports
  4. Configure DNS to support IPv6 resolution

Step 1: Register and create an IPv6 tunnel

  1. Register at https://www.tunnelbroker.net/ (email verification required)
  2. Click on Create Regular Tunnel
  3. Fill in the ECS’s IPv4 address at IPv4 Endpoint (Your side)
  4. Choose Hong Kong, HK from Available Tunnel Servers (if you are targeting overseas users, you can choose a region closer to your target audience)
  5. After clicking Create Tunnel, the tunnel is created

Step 2: Configure ECS to support IPv6

  1. Edit /etc/sysctl.conf and change the following three settings to 0
net.ipv6.conf.all.disable_ipv6 = 0
net.ipv6.conf.default.disable_ipv6 = 0
net.ipv6.conf.lo.disable_ipv6 = 0
  1. Add the following content at the bottom of /etc/network/interfaces (Note: Replace the uppercase below with the Server IPv6 Address you got from HE, excluding the last ::1/64, e.g., 2001:470:100:100)
auto he-ipv6
iface he-ipv6 inet6 v4tunnel
address <IPV6>::2
netmask 64
remote <HE's Server IPv4 Address>
local <Alibaba Cloud's IPv4 Address>
endpoint any
ttl 255
gateway <IPv6>::1
up ip -6 route add 2000::/3 via ::<HE's Server IPv4 Address> dev he-ipv6
up ip -6 addr add <IPv6>::1:1/128 dev he-ipv6
up ip -6 addr add <IPv6>::2:1/128 dev he-ipv6
down ip -6 route flush dev he-ipv6
  1. Restart the server
  2. Execute ifup he-ipv6 to confirm that IPv6 has been enabled

Step 3: Configure Nginx to listen to IPv6 ports

server {
  listen 80; // Listen to IPv4 port 80
  listen [::]:80; // Listen to IPv6 port 80
}

server {
  listen 443 ssl http2; // Listen to IPv4 port 443
  listen [::]:443 ssl http2; // Listen to IPv6 port 443
}

Step 4: Configure DNS to support IPv6 resolution

This step is the easiest; just add an AAAA record for the corresponding domain name, and fill in the Client IPv6 Address from HE, removing the last /64, e.g., 2001:470:100:100::2.

Back to all posts