When you create a virtual private cloud (VPC), you can specify an IPv4 CIDR block and specify whether to assign an IPv6 CIDR block to the VPC. After you enable IPv6 for a VPC, the system automatically creates an IPv6 gateway of Free Edition for the VPC. You can use the IPv6 gateway to manage IPv6 Internet bandwidth and configure egress-only rules.

Background information

The number of IPv4 addresses is limited. In scenarios in which IPv4 addresses are used, it takes much time and effort for network engineers to resolve IP address conflicts. In this case, you can enable IPv6. IPv6 provides significantly more IP addresses than IPv4. IPv6 helps solve the issue of IP address shortage, and allows various types of devices to access the Internet. You can enable IPv6 by using one of the following methods:

Regions that support IPv6 gateways

The following regions support IPv6 gateways: China (Qingdao), China (Beijing), China (Zhangjiakou), China (Hohhot), China (Ulanqab), China (Hangzhou), China (Shanghai), China (Shenzhen), China (Heyuan), China (Guangzhou), China (Chengdu), China (Hong Kong), Philippines (Manila), Singapore (Singapore), US (Virginia), and Germany (Frankfurt).

Prerequisites

Before you deploy cloud resources in a VPC, you must plan your networks. For more information, see Plan networks.

Create a VPC that supports both IPv4 and IPv6

  1. Log on to the VPC console.
  2. In the top navigation bar, select the region where you want to create a VPC.
  3. On the VPCs page, click Create VPC.
  4. On the Create VPC page, set the following parameters and click OK.
    Parameter Description
    VPC
    Region Displays the region where you want to create the VPC.
    Name Enter a name for the VPC.

    The name must be 2 to 128 characters in length and can contain digits, underscores (_), and hyphens (-). The name must start with a letter.

    IPv4 CIDR Block Enter a primary IPv4 CIDR block for the VPC.
    • You can specify one of the following CIDR blocks or their subsets as the primary IPv4 CIDR block of the VPC: 192.168.0.0/16, 172.16.0.0/12, and 10.0.0.0/8. These CIDR blocks are standard private CIDR blocks as defined by Request for Comments (RFC) documents. The subnet mask must be 8 to 24 bits in length. Example: 192.168.0.0/24.
    • You can also use a custom CIDR block other than 100.64.0.0/10, 224.0.0.0/4, 127.0.0.0/8, 169.254.0.0/16, and their subnets as the primary IPv4 CIDR block of the VPC.
    • In scenarios in which multiple VPCs are used or in hybrid cloud scenarios in which you want to connect data centers to VPCs, we recommend that you use standard RFC CIDR blocks as VPC CIDR blocks with subnet masks no more than 16 bits in length. Make sure that the CIDR blocks of the VPCs and data centers do not overlap.
    Note After you create a VPC, you cannot change its primary IPv4 CIDR block. However, you can add a secondary IPv4 CIDR block to the VPC. For more information, see Add a secondary IPv4 CIDR block.
    IPv6 CIDR Block Specify whether to assign an IPv6 CIDR block to the VPC. In this example, Assign (Default) is selected.

    If you set this parameter to Assign (Default), the system automatically creates an IPv6 gateway of Free Edition, and assigns an IPv6 CIDR block with the subnet mask /56 to the VPC, for example, 2001:db8::/56. By default, IPv6 addresses are used only for communication within private networks. If you want to use an IPv6 address to access the Internet or provide services to IPv6 clients over the Internet, you must purchase Internet bandwidth for the IPv6 address. For more information, see Purchase a public bandwidth plan for an IPv6 address.

    Notice After you create a VPC, you cannot change the IPv6 CIDR block.
    Description Enter a description for the VPC.

    The description must be 2 to 256 characters in length. The description cannot start with http:// or https://. You can also leave the parameter empty.

    Resource Group Select the resource group to which the VPC belongs.
    vSwitch
    Name Enter a name for the vSwitch.

    The name must be 2 to 128 characters in length and can contain digits, underscores (_), and hyphens (-). The name must start with a letter.

    Zone Select a zone for the vSwitch. In the same VPC, vSwitches in different zones can communicate with each other.
    Zone Resources Displays the cloud resources that can be created in the specified zone.

    The supported cloud resources vary based on the zone and the time when you create cloud resources. The instances provided in this topic are for reference only. The actual instances on the buy page shall prevail. You can query the status of Elastic Compute Service (ECS) instances, ApsaraDB RDS instances, and Classic Load Balancer (CLB) instances.

    IPv4 CIDR Block Specify an IPv4 CIDR block for the vSwitch. When you specify a CIDR block for the vSwitch, take note of the following limits:
    • The CIDR block of the vSwitch must be a subset of the CIDR block of the VPC.

      For example, if the CIDR block of the VPC is 192.168.0.0/16, you can specify a CIDR block from 192.168.0.0/17 to 192.168.0.0/29 for the vSwitch.

    • The subnet mask of the vSwitch CIDR block must be 16 to 29 bits in length, which provides 8 to 65,536 IP addresses.
    • The first IP address and last three IP addresses of a vSwitch CIDR block are reserved.

      For example, if a vSwitch CIDR block is 192.168.1.0/24, the IP addresses 192.168.1.0, 192.168.1.253, 192.168.1.254, and 192.168.1.255 are reserved.

    • If a vSwitch is required to communicate with vSwitches in other VPCs or with data centers, make sure that the CIDR block of the vSwitch does not overlap with the destination CIDR blocks.
    • The CIDR block of a vSwitch cannot be the same as or larger than the destination CIDR block of a route in the route table of the VPC to which the vSwitch belongs.
    Notice After you create a vSwitch, you cannot change its CIDR block.
    Available IP Addresses Displays the number of available IP addresses.
    IPv6 CIDR Block Specify whether to enable IPv6 for the vSwitch. If you enable IPv6, you must specify an IPv6 CIDR block for the vSwitch. In this example, Enable is selected.

    By default, the subnet mask of the IPv6 CIDR block of a vSwitch is /64. To specify the last 8 bits of the IPv6 CIDR block, enter an integer from 0 to 255.

    For example, if the IPv6 CIDR block of the VPC is 2001:db8::/56, you can enter 255 to define the last 8 bits of the IPv6 CIDR block of the vSwitch. In this case, the IPv6 CIDR block of the vSwitch is 2001:db8:ff::/64. ff is the hexadecimal value of 255.

    Description Enter a description for the vSwitch.

    The description must be 2 to 256 characters in length. The description cannot start with http:// or https://. You can also leave the parameter empty.

Enable IPv6 for an existing VPC

  1. Log on to the VPC console.
  2. In the top navigation bar, select the region where the VPC is created.
  3. On the VPCs page, find the VPC that you want to manage and click Enable IPv6 CIDR Block in the IPv6 CIDR Block column.
    openipv6
  4. In the Enable IPv6 CIDR Block dialog box, select Enable IPv6 CIDR Block of all VSwitches in VPC, and click OK.
    If you do not select Enable IPv6 CIDR Block of all VSwitches in VPC, you must enable IPv6 for each vSwitch. For more information, see Enable IPv6 for a vSwitch.

References