This topic describes how to create a virtual private cloud (VPC) with an IPv6 CIDR block and then create an Elastic Compute Service (ECS) instance that uses an IPv6 address. Then, the ECS instance can access other services over IPv6.

Step 1: Create a VPC and a vSwitch

Before you deploy cloud resources in a VPC, you must plan your networks. For more information, see Plan networks.

  1. Log on to the VPC console.
  2. In the top navigation bar, select the region where you want to create the VPC.
    The VPC and the cloud resources that you want to deploy must be in the same region. In this example, China (Hohhot) is selected.
    Note Regions that support IPv6 CIDR blocks: China (Qingdao), China (Beijing), China (Zhangjiakou), China (Hohhot), China (Ulanqab), China (Hangzhou), China (Shanghai), China (Shenzhen), China (Heyuan), China (Guangzhou), China (Chengdu), China (Hong Kong), Philippines (Manila), Singapore (Singapore), US (Virginia), and Germany (Frankfurt).
  3. On the VPCs page, click Create VPC.
  4. On the Create VPC page, set the following parameters and click OK.
    Note In this example, Assign is selected in the IPv6 CIDR Block section. After you create the VPC, the system automatically assigns an IPv6 CIDR block whose prefix is /56 to the VPC and creates a free IPv6 gateway. You can use the IPv6 gateway to process IPv6 traffic.
    Parameter Description
    VPC
    Region Displays the region where you want to deploy the VPC.
    Name Enter a name for the VPC that you want to create.

    The name must be 2 to 128 characters in length, and can contain digits, underscores (_), and hyphens (-). It must start with a letter.

    IPv4 CIDR Block Enter an IPv4 CIDR block for the VPC.
    • You can specify one of the following CIDR blocks or their subsets as the primary IPv4 CIDR block of the VPC: 192.168.0.0/16, 172.16.0.0/12 and 10.0.0.0/8. These three CIDR blocks are standard private CIDR blocks as defined by Request for Comments (RFC) documents. The subnet mask must be 8 to 24 bits in length. For example, enter 192.168.0.0/24.
    • You can also use a custom CIDR block other than 100.64.0.0/10, 224.0.0.0/4, 127.0.0.0/8, 169.254.0.0/16, or their subnets as the primary IPv4 CIDR block of the VPC.
    • In scenarios where multiple VPCs are used or in hybrid cloud scenarios where data centers and VPCs are used, we recommend that you use standard RFC CIDR blocks as VPC CIDR blocks with subnet masks no more than 16 bits in length. Make sure that the CIDR blocks of the VPCs and data centers do not overlap.
    Note After you create a VPC, you cannot change its primary IPv4 CIDR block. However, you can add a secondary IPv4 CIDR block to the VPC. For more information, see Add a secondary IPv4 CIDR block.
    IPv6 CIDR Block Specify whether to assign an IPv6 CIDR block to the VPC. By default, no IPv6 CIDR block is allocated.

    If you set this parameter to Assign, the system automatically creates a free IPv6 gateway for this VPC, and assigns an IPv6 CIDR block with the subnet mask /56, such as 2xx1:db8::/56. By default, IPv6 addresses can only be used to communicate within private networks. If you want to use the IPv6 address to access the Internet or to be accessed by IPv6 clients over the Internet, you must purchase an Internet bandwidth plan for the IPv6 address. For more information, see Purchase a public bandwidth plan for an IPv6 address.

    Note
    • The following regions support IPv6 CIDR blocks: China (Qingdao), China (Beijing), China (Zhangjiakou), China (Hohhot), China (Ulanqab), China (Hangzhou), China (Shanghai), China (Shenzhen), China (Heyuan), China (Guangzhou), China (Chengdu), China (Hong Kong), Philippines (Manila), Singapore (Singapore), US (Virginia), and Germany (Frankfurt).
    • After you create a VPC, you cannot change its IPv6 CIDR block.
    Description Enter a description for the VPC.

    The description must be 2 to 256 characters in length and cannot start with http:// or https://.

    Resource Group Select the resource group to which the VPC belongs.
    vSwitch
    Name Enter a name for the vSwitch.

    The name must be 2 to 128 characters in length, and can contain digits, underscores (_), and hyphens (-). It must start with a letter.

    Zone Select a zone for the vSwitch. In the same VPC, vSwitches in different zones can communicate with each other.
    Zone Resources Displays the cloud resources that can be created in the specified zone.

    The supported cloud resources vary based on the zone and the time when you create cloud resources. The instances provided in this topic are for reference only. The actual instances on the buy page shall prevail. Only Elastic Compute Service (ECS), RDS, and Server Load Balancer (SLB) instances can be queried on the buy page.

    IPv4 CIDR Block Specify an IPv4 CIDR block for the vSwitch.
    When you specify an IPv4 CIDR block for the vSwitch, take note of the following limits:
    • The CIDR block of a vSwitch must be a subset of the CIDR block of the VPC to which the vSwitch belongs.

      For example, if the CIDR block of a VPC is 192.168.0.0/16, the CIDR block of a vSwitch in the VPC must be a subset of 192.168.0.0/16. In this example, the CIDR block of the vSwitch can range from 192.168.0.0/17 to 192.168.0.0/29.

    • The first IP address and last three IP addresses of a vSwitch CIDR block are reserved.

      For example, if a vSwitch CIDR block is 192.168.1.0/24, the IP addresses 192.168.1.0, 192.168.1.253, 192.168.1.254, and 192.168.1.255 are reserved.

    • If a vSwitch is required to communicate with vSwitches in other VPCs or with data centers, make sure that the CIDR block of the vSwitch does not overlap with the destination CIDR blocks.
    Note After you create a vSwitch, you cannot modify its CIDR block.
    Available IP Addresses Displays the number of available IP addresses.
    IPv6 CIDR Block Enter an IPv6 CIDR block for the vSwitch.

    By default, the subnet mask for the IPv6 CIDR block of a vSwitch is /64. You can enter a decimal number from 0 to 255 to define the last 8 bits of the IPv6 CIDR block.

    For example, if the IPv6 CIDR block of the VPC is 2xx8:4004:c0:b900::/56, you can specify 255 to define the last 8 bits of the IPv6 CIDR block. In this case, the IPv6 CIDR block of the vSwitch is 2xx8:4004:c0:b9ff::/64. ff is the hexadecimal value of 255.

    Description Enter a description for the vSwitch.

    The description must be 2 to 256 characters in length and cannot start with http:// or https://.

Step 2: Create an ECS instance

After you create a VPC with an IPv6 CIDR block and a vSwitch, create an ECS instance and assign an IPv6 address to the ECS instance. You must allocate the IPv6 address to the network interface controller (NIC) of the ECS instance.

  1. Log on to the VPC console.
  2. In the left-side navigation pane, click vSwitch.
  3. In the top navigation bar, select the region where the vSwitch is deployed. In this example, China (Hohhot) is selected.
  4. On the vSwitch page, find the vSwitch that you want to manage, and choose Create > ECS Instance in the Actions column.
  5. On the Custom Launch tab, set the parameters of the ECS instance.
    In this example, the following parameters are set for Networking:
    • Public IP Address: Assign Public IPv4 Address and Pay-By-Bandwidth are selected and the bandwidth limit is set to 1 Mbit/s. You can also use an elastic IP address (EIP) instead of assigning a public IP address to the ECS instance.
    • IPv6: Assign IPv6 Address Free of Charge is selected.
  6. Return to the Instances page and click the ID of the ECS instance that you created to view the IPv6 address that is assigned to the ECS instance.
  7. Assign a static IPv6 address to the ECS instance.

Step 3: Purchase an IPv6 public bandwidth plan

By default, IPv6 addresses are used only for communication within private networks. If you want to allow an ECS instance that is assigned an IPv6 address to access the Internet or receive requests from IPv6 clients over the Internet, you must purchase a public bandwidth plan.

  1. Log on to the IPv6 gateway console.
  2. In the top navigation bar, select the region of the IPv6 gateway. In this topic, China (Hohhot) is selected.
  3. On the IPv6 Gateway page, find the IPv6 gateway that you want to manage and click Manage in the Actions column.
  4. On the IPv6 Internet Bandwidth tab, find the IPv6 address that you want to manage and click Enable IPv6 Internet Bandwidth in the Actions column.
  5. Specify the billing method and a bandwidth limit, click Buy Now, and then complete the payment.

Step 4: Configure security group rules

Services that are assigned IPv4 addresses and services that are assigned IPv6 addresses cannot communicate with each other. If the current security group rules do not support your IPv6 services, you must configure IPv6 security group rules for the ECS instance.

For more information, see Add security group rules.

Step 5: Verify network connectivity

Log on to the ECS instance and run the ping command to ping an IPv6 service over the Internet to verify network connectivity. If the ECS instance can receive echo reply packets, it indicates that the connection is reachable.

The test result shows that the ECS instance can access the Internet over IPv6. Verify network connectivity