As cloud hosting costs continue to evolve, it’s essential to review and optimize our infrastructure. Recently, I embarked on a journey to transition from IPv4 to IPv6 on my AWS-hosted website, primarily to eliminate the cost associated with AWS Elastic IPs. Here’s a recap of my experience, challenges, and ultimate success.
Why Migrate to IPv6?
AWS charges for Elastic IPs (EIP) even when they are associated with a running EC2 instance, making it a recurring cost that can be avoided. By adopting IPv6, I aimed to:
- Reduce expenses: Stop paying for Elastic IPs.
- Modernize the infrastructure: Future-proof my website’s networking.
- Enhance accessibility: Ensure the website is reachable over both IPv4 and IPv6 as more networks adopt the newer protocol.
Initial Setup: My AWS Environment
My website, hosted on an AWS EC2 instance, runs a LAMP stack on Amazon Linux 2. The setup includes Apache, MariaDB, and PHP, supporting a WordPress-based site. Before the migration, the site was accessible only via IPv4, with an AWS Elastic IP attached.
The Migration Process
Here’s a step-by-step breakdown of how I migrated to IPv6:
- Enable IPv6 in the VPC
- I started by adding an IPv6 CIDR block to the VPC associated with my EC2 instance. AWS offers multiple options, but for simplicity, I chose an Amazon-provided IPv6 CIDR block.
- Configure the Subnet for IPv6
- Next, I allocated an IPv6 CIDR block to the subnet where my instance resides. This assignment allowed the EC2 instance to obtain an IPv6 address.
- Update the Routing Table
- One key step was updating the VPC’s routing table. I added a route for
::/0with the Internet Gateway as the target. While there was already a route for0.0.0.0/0(IPv4), the IPv6 traffic required this new route.
- One key step was updating the VPC’s routing table. I added a route for
- Modify Apache Configuration for IPv6
- I adjusted the Apache
httpd.confsettings:- Replaced
Listen 80withListen [::]:80 - Replaced
Listen 443withListen [::]:443
- Replaced
- However, I retained the
<VirtualHost *:80>and<VirtualHost *:443>blocks, as they worked fine for both IPv4 and IPv6 connections.
- I adjusted the Apache
- Update DNS Settings
- I added an AAAA record in my DNS configuration to ensure that the domain resolves to the server’s IPv6 address. This step was crucial for making the website accessible over IPv6.
- Restart Apache
- After making these changes, I restarted the Apache service. Everything was configured properly, and the web server could now handle requests over IPv6!
Challenges Faced and Lessons Learned
- Routing Table Misconfiguration
- Initially, the IPv6 setup didn’t work. I realized I had missed adding the
::/0route in the routing table, which is crucial for directing IPv6 traffic to the Internet Gateway.
- Initially, the IPv6 setup didn’t work. I realized I had missed adding the
- Firewall and Security Group Settings
- Ensuring security groups allowed IPv6 traffic on ports 80 (HTTP) and 443 (HTTPS) was another important task. Always double-check inbound and outbound rules when dealing with new protocols.
- Understanding Apache’s Dual-Stack Configuration
- Although I only needed to add
Listen [::]:80andListen [::]:443, I was initially unsure if I needed to update<VirtualHost>settings for IPv6. Fortunately, the existing configuration worked without modification.
- Although I only needed to add
The Result: Cost Savings and Modernization
With everything set up correctly, my website is now accessible over both IPv4 and IPv6. More importantly, I no longer need to pay for an AWS Elastic IP, leading to tangible cost savings. The transition has made my website’s networking stack future-proof while ensuring broader accessibility as more users move to IPv6.
Conclusion
Migrating from IPv4 to IPv6 may seem daunting, but with a clear objective, proper planning, and attention to details like routing and DNS configuration, the process is smooth and rewarding. If you’re looking to cut down on cloud costs or modernize your setup, I highly recommend considering an IPv6 migration.