All Products
Search

This Product

    Server Load Balancer:Implement load balancing for IPv6 services

    Document Center

    Server Load Balancer:Implement load balancing for IPv6 services

    Last Updated:Nov 14, 2023

    Application Load Balancer (ALB) can forward IPv6 requests. This topic describes how to configure a dual-stack server group that contains IPv4 and IPv6 Elastic Compute Service (ECS) instances for a dual-stack ALB instance. This way, IPv6 clients can access the backend IPv4 and IPv6 services by using the ALB instance.

    Scenario

    In this example, the scenario shown in the following figure is used. A company wants to use ALB to forward requests from IPv6 clients to the IPv4 and IPv6 services in a virtual private cloud (VPC). To meet this requirement, the company needs to create ECS instances that support IPv4 and IPv6, create a dual-stack ALB instance in the VPC, and create a server group that supports IPv6. After the preceding steps are complete, requests from IPv6 clients can be forwarded to the IPv4 and IPv6 services on the backend ECS instances by using the ALB instance.

    架构图

    Limits

    • For more information about the regions that support dual-stack ALB instances, see ALB instance overview.

    • To use the dual-stack feature, you must enable the IPv6 feature for the vSwitches in the zones of the VPC.

    • Dual-stack ALB instances can forward requests from IPv4 and IPv6 clients to IPv4 and IPv6 backend services.

      • Dual-stack ALB instances can forward requests from IPv6 clients to IPv4 backend services deployed on the following types of backend servers: ECS instances, ENIs, elastic container instances, and IP addresses. Backend servers of the Function Compute type are not supported.

      • Dual-stack ALB instances can forward requests from IPv6 clients to IPv6 backend services deployed on the following types of backend servers: ECS instances. ENIs, and elastic container instances. Backend servers of the IP address or Function Compute type are not supported.

    • IPv4 ALB instances cannot be upgraded to dual-stack instances. You can create dual-stack ALB instances as needed.

    • You cannot add a dual-stack server group to a listener of an IPv4 ALB instance.

    Prerequisites

    • A VPC that supports IPv6 is created in the China (Shanghai) region. For more information, see Enable IPv6 for a VPC.

    • vSwitches that support IPv6 are created in Zone E and Zone G of the China (Shanghai) region. For more information, see Enable IPv6 for a vSwitch.

    Procedure

    配置流程

    Step 1: Create and configure ECS instances

    1. Log on to the VPC console.

    2. In the left-side navigation pane, click vSwitch.

    3. Select the region of the vSwitch. In this example, China (Shanghai) is selected.

    4. On the vSwitch page, find the vSwitch that you want to manage and choose Add Cloud Service > ECS Instance in the Actions column.

    5. On the Custom Launch tab of the Elastic Compute Service page, create an IPv4 ECS instance named ECS01 and an IPv6 ECS instance named ECS02. The security groups to which the ECS instances are added must allow traffic on port 80. For more information, see Create an instance by using the wizard.

      Note

      • In this example, both ECS01 and ECS02 run the Alibaba Cloud Linux operating system.

      • When you create an IPv6 ECS instance, select Assign IPv6 Address Free of Charge in the IPv6 section.

    6. Log on to ECS01 and ECS02. For more information, see Connection method overview.

    7. Run the following command on ECS01 to deploy an NGINX service: 

      yum install -y nginx
systemctl start nginx.service
cd /usr/share/nginx/html/
echo "Hello World ! this is ipv4 rs." > index.html

    8. Run the following command on ECS02 to deploy an NGINX service: 

      yum install -y nginx
systemctl start nginx.service
cd /usr/share/nginx/html/
echo "Hello World ! this is ipv6 rs." > index.html

    9. Assign a static IPv6 address to ECS02.

      1. Log on to ECS02.

      2. Check whether IPv6 is enabled for ECS02.

        Run the ip addr | grep inet6 or ifconfig | grep inet6 command.

        • If the command output contains the information about inet6, IPv6 is enabled for ECS02.

        • If the command output does not contain the information about inet6, IPv6 is disabled for ECS02.

        The following figure shows that IPv6 is enabled for ECS02.ipv6

      3. Optional. If IPv6 is disabled for ECS02, configure an IPv6 address for ECS02. In this example, a static IPv6 address is manually assigned to ECS02. For more information, see Step 4: Configure an IPv6 address.

        1. Run the vi /etc/sysconfig/network-scripts/ifcfg-eth0 command to open the configuration file of the network interface controller (NIC). Replace eth0 in the command with the actual identifier of the NIC. Add the following configurations to the file:

          DHCPV6C=yes
IPV6INIT=yes

          After you add the configurations, press the Esc key, enter :wq, and then press the ENTER key to save the file and exit.

        2. Restart ECS02. 

          reboot

    Step 2: Configure a security group rule for ECS02

    Configure a security group rule for ECS02 to allow inbound IPv6 traffic.

    1. Log on to the ECS console.

    2. In the left-side navigation pane, choose Network & Security > Security Groups.

    3. In the top navigation bar, select the region of the security group. In this example, China (Shanghai) is selected.

    4. On the Security Groups page, find the security group that you want to manage and click Add Rules in the Actions column.

    5. On the Security Group Rules page, click the Inbound tab in the Access Rule section.

    6. Click Add Rule and configure the parameters. Then, click Save in the Actions column. The following table describes the parameters.

      Parameter

      Description

      Action

      The action of the rule. In this example, Allow is selected.

      Priority

      The priority of the rule. A smaller value indicates a higher priority. Valid values: 1 to 100.

      In this example, the default value 1 is used.

      Protocol Type

      The type of allowed requests. In this example, All ICMP (IPv6) is selected.

      Port Range

      The range of ports to accept requests from IPv6 clients.

      If you set the Protocol Type parameter to All ICMP (IPv6), -1/-1 is automatically selected from the Dest drop-down list and cannot be modified.

      Authorization Object

      The IPv6 CIDR block to which the rule applies.

      In this example, ::/0 is used, which indicates that the rule applies to all IPv6 addresses.

      Note

      You can specify IPv6 addresses based on your business requirements.

      Description

      The description of the rule.

    Step 3: Create an ALB instance

    1. Log on to the ALB console.

    2. On the Instances page, click Create ALB.

    3. On the buy page, configure the parameters, click Buy Now, and then complete the payment as prompted. The following table describes the parameters.

      Parameter

      Description

      Region

      The region in which you want to create the ALB instance. In this example, China (Shanghai) is selected.

      Network Type

      The network type of the ALB instance. The system assigns a public or private IP address to the ALB instance based on the selected network type. In this example, Internet is selected.

      VPC

      The VPC in which you want to deploy the ALB instance.

      Note

      Make sure that the IPv6 feature is enabled for the VPC.

      Zone

      1. Select at least two zones. In this example, Shanghai Zone E and Shanghai Zone G are selected.

      2. Select a vSwitch for each zone. In this example, a vSwitch in Zone E and a vSwitch in Zone G are selected.

      IP Mode

      The IP mode of the ALB instance. In this example, Static IP is selected.

      Edition

      The edition of the ALB instance. In this example, Standard is selected.

      IP Version

      The IP version of the ALB instance. In this example, Dual-stack is selected.

      Instance Name

      The custom name of the ALB instance.

      Resource Group

      The resource group to which the ALB instance belongs.

    4. After the Internet-facing dual-stack ALB instance is created, a private IPv6 address is assigned to the ALB instance by default. If you want to enable a dual-stack ALB instance to provide IPv6 services that are accessible over the Internet, perform the following steps to change the private IPv6 address to a public IPv6 address. For more information, see the IP versions section of the "Change the network type of an ALB instance" topic.

      1. Return to the Instances page and click the ID of the ALB instance.

      2. On the Instance Details tab, navigate to the Basic Information section and find the Network parameter. Then, click Change Network Type next to IPv6:Private.

      3. In the Change Network Type message, click OK.

        After the change takes effect, you can verify that the IPv6 network type changes to Public.

    Step 4: Create a server group

    1. Log on to the ALB console.

    2. In the top navigation bar, select the region in which you want to create a server group. In this example, China (Shanghai) is selected.

    3. In the left-side navigation pane, choose ALB > Server Groups.

    4. On the Server Groups page, click Create Server Group.

    5. In the Create Server Group dialog box, configure the parameters described in the following table and click Create.

      The following table describes only some of the parameters. Use the default values for other parameters. For more information, see Create and manage a server group.

      Parameter

      Description

      Server Group Type

      The type of the server group. In this example, Server Type is selected.

      Server Group Name

      The custom name of the server group.

      VPC

      The VPC from which you want to add servers to the server group. Only servers in the VPC can be added to the server group.

      Note

      Select the VPC in which the ALB instance is created. Make sure that IPv6 is enabled for the selected VPC.

      Backend Server Protocol

      The backend protocol. In this example, HTTP is selected.

      Scheduling Algorithm

      The scheduling algorithm. In this example, Weighted Round-robin is selected.

      IPv6 Support

      Specifies whether to enable IPv6. In this example, IPv6 Support is turned on.

      Session Persistence

      Specifies whether to enable session persistence. In this example, the default value is used. Session persistence is disabled.

      Configure Health Check

      Specifies whether to enable the health check feature. In this example, Health Check is turned on.

      Advanced Settings

      After you enable the health check feature, you can click Modify next to Advanced Settings to configure advanced settings.

    6. On the Server Group page, click the ID of the server group that you created.

    7. Click the Backend Servers tab and then click Add Backend Server.

    8. In the Add Backend Server panel, select ECS01 and ECS02. In the IP column, select the IPv4 address of ECS01 and the IPv6 address of ECS02, and click Next.

    9. In the Ports/Weights step, set the ports and weights of ECS01 and ECS02, and click OK.

      In this example, both ECS instances use the port number 80 and the default weight 100.

    Step 5: Configure a listener

    1. Log on to the ALB console.

    2. On the Instances page, click the ID of the ALB instance that you want to manage.

    3. Click the Listener tab and then click Create Listener.

    4. In the Configure Listener step, configure the parameters described in the following table and click Next.

      The following table describes only some of the parameters. Use the default values for other parameters. For more information, see Add an HTTP listener.

      Parameter

      Description

      Listener Protocol

      The listener protocol. In this example, HTTP is selected.

      Listener Port

      The listener port that is used to receive requests and forward them to backend servers. In this example, 80 is used.

      Listener Name

      The custom name of the listener.

      Advanced Settings

      In this example, the default settings are used. You can click Modify to modify the settings.

    5. In the Server Group step, configure the Server Type parameter, select a server group based on the specified server type, confirm the backend servers, and then click Next.

    6. In the Confirm step, confirm the configurations and click Submit.

    7. Click OK to return to the Listener tab. If the listener status in the Health Check Status column is Healthy, ECS01 and ECS02 can process requests forwarded by the ALB instance.

    Step 6: Test the connectivity

    After you complete the preceding steps, IPv6 clients can access the IPv4 and IPv6 services in the VPC by using the ALB instance. You can perform the following steps to test the connectivity between an IPv6 client and the ECS instances in the VPC.

    Note

    Before you perform the test, make sure that your client supports IPv6. To check whether your client supports IPv6, visit http://test-ipv6.com/ to run a test.

    Use an IPv6 client to test the connectivity.

    1. Test the connectivity between the IPv6 client and ECS01.

      1. Open the CLI of the client.

      2. Run the following command to check whether the IPv6 client can access the IPv4 services on ECS01: 

        curl -6 http://<ALB domain name> -v

        If the message shown in the following figure is returned, the IPv6 client can access the IPv4 services on ECS01.6-4

    2. Test the connectivity between the IPv6 client and ECS02.

      1. Open the CLI of the client.

      2. Run the following command to check whether the IPv6 client can access the IPv6 services on ECS02: 

        curl -6 http://<ALB domain name> -v

        If the message shown in the following figure is returned, the IPv6 client can access the IPv6 services on ECS02.6-6