This topic describes how to create and manage an egress-only rule. You can use egress-only rules to flexibly manage the Internet communication between virtual private clouds (VPCs) with IPv6 CIDR blocks and IPv6 clients.

Prerequisites

Create an egress-only rule

After you create an egress-only rule for an IPv6 address, an Elastic Compute Service (ECS) instance in a VPC for which IPv6 is enabled can use the IPv6 address to access IPv6 clients over the Internet. The ECS instance also denies access from IPv6 clients over the Internet.

  1. Log on to the IPv6 Gateway console.
  2. In the top navigation bar, select the region where the IPv6 gateway is deployed.
  3. On the IPv6 Gateway page, find the IPv6 gateway that you want to manage and click Manage in the Actions column.
  4. On the details page of the IPv6 gateway, click the Egress-only Rule tab and then click Create Egress-only Rule.
  5. In the Create Egress-only Rule panel, select the ECS instance that uses an IPv6 address to communicate with the Internet, and click OK.
    createrule

Delete an egress-only rule

You can delete an egress-only rule anytime. After you delete the egress-only rule that you created for an IPv6 address for which Internet bandwidth is purchased, an ECS instance can use the IPv6 address to access IPv6 clients over the Internet. The ECS instance can also receive requests from IPv6 clients over the Internet.

  1. Log on to the IPv6 Gateway console.
  2. In the top navigation bar, select the region where the IPv6 gateway is deployed.
  3. On the IPv6 Gateway page, find the IPv6 gateway that you want to manage and click Manage in the Actions column.
  4. On the details page of the IPv6 gateway, click the Egress-only Rule tab, find the egress-only rule that you want to delete, and then click Delete in the Actions column. delterule
  5. In the Delete Rule message, click OK.

References