The Virtual Private Cloud (VPC) supports IPv4 and IPv6 dual-stack protocols. The resources in the cloud can build communication with each other through IPv4 and IPv6 protocols.

Configure Ipv6 VPC

Add IPv6 IP address range during VPC creation

1. Log in to the Baidu AI Cloud Console.
2. Select "Product Service > Virtual Private Cloud (VPC)" to display the VPC list page.
3. Click the "Create VPC" button and turn on the switch of "Assign IPv6 IP Address Range" in the pop-up box. The system automatically assigns the IPv6 CIDR block with a mask of 56 to the VPC.

Descriptions:

• The IPv6 IP address range is not assigned by default during the creation of the VPC.
• The IPv6 IP address ranges are assigned uniformly by the system and cannot be customized or modified by users.
• If any IPv6 subnet exists in the VPC, you cannot delete the IPv6 IP address range of the VPC.

Add IPv6 IP Address Range to Existing VPC

1. Log in to the Baidu AI Cloud Console.
2. Select "Product Service > Virtual Private Cloud (VPC)" to display the VPC list page.
3. Click "Assign IPv6 IP Address Range" in the VPC list. The system automatically assigns the IPv6 CIDR block with a mask of 56 to the VPC.

Configure IPv6 Subnet

1. In the VPC console, assign the IPv6 IP address range for the VPC instance.
2. You can assign IPv6 CIDR blocks with a mask of 64 directly in a new subnet or add an IPv6 IP address range to the existing subnet.

IPv6 Gateway

The IPv6 public network gateway is the general outbound port for the virtual private cloud to access the public network through the Ipv6 protocol. You can buy the IPv6 public network bandwidth on demand. Also, you can flexibly configure the outbound bandwidth and inbound bandwidth of the IPv6 Internet by configuring the egress-only policy and IP rate limit.

Before the creation, you need to know about the following aspects:

• You can create only one IPv6 gateway for each VPC.
• The upper limit of the rate limitation rules for the IPv6 gateway is 50.
• The VPC where you create an IPv6 gateway must have IPv6 CIDR.
• The upper limit of the gateway bandwidth is equal to the upper limit of the outbound bandwidth. The minimum gateway bandwidth is 1M, and the maximum gateway bandwidth is 5G.
• The minimum inbound bandwidth is 20M. If you buy a network bandwidth of less than 20M, the inbound bandwidth is 20M. If you buy a network bandwidth of more than 20M, the inbound bandwidth equals the outbound bandwidth.

For example:

If you buy a network bandwidth of 20M, the outbound bandwidth is 10M, and the inbound bandwidth is 20M.

If you buy a network bandwidth of 100M, the outbound bandwidth equals the inbound bandwidth, which is 100M.

Create IPv6 Gateway

1. Log in to the VPC console.
2. Select "IPv6 Gateway" in the left navbar, and click the "Create Gateway".
3. On the "Create Gateway” page, select the public network bandwidth you want to buy.
4. Click "Next” to finish the payment so that creating the gateway is successful.

Change the Upper Limit of Public Network Bandwidth

1. Log in to Baidu AI Cloud and select VPC.
2. Select "IPv6 Gateway" in the left navbar. Then, select "Bandwidth Upgrade" in the operation.
3. Select the bandwidth size which supports upsizing and downsizing, and then complete the payment.

Add Egress-Only Policy

1. Log in to Baidu AI Cloud and select VPC.
2. Select "IPv6 Gateway" in the left navbar, and click the gateway name to enter the gateway details page.
3. In the Egress-only policy, click "Add Policy”.
4. In the “Add Policy ”pop-up box, enter the specified CIDR to finish adding the policy.

Description: If you want to add multiple "Egress-only" policies, the CIDRs cannot overlap.

Add IP Rate Limitation Policy

1. Log in to Baidu AI Cloud and select VPC.
2. Select "IPv6 Gateway" in the left navbar, and click the gateway name to enter the gateway details page.
3. In the "IP Rate Limitation", click "Add IP Rate Limitation Policy".
4. In the "Add Rate Limitation Policy” pop-up box, enter the specified IP, outbound bandwidth, and inbound bandwidth to finish adding the policy.

Description: The bandwidth with an IP speed limit cannot exceed the outbound port bandwidth of the IPv6 public network.

Configure IPv6 Security Group

1. Log in to the VPC console.
2. In the left navigation bar, select "Security Group", find the target security group, and click "Add Rule".
3. In the "Add Rule" pop-up box, select the IPv6 rule type, and configure the Ipv6 access policy.

Configure Ipv6 ACL

1. Log in to the VPC console.
2. In the left navigation bar, select "ACL” and click "Add Rule".
3. In the "Add Rule" pop-up box, select the IPv6 rule type, and configure the Ipv6 access policy.

Configure VPC Route

1. Log in to the VPC console.

2. Select "Route Table" in the navigation bar, and click Route Table Name to enter the details page. Then, click "Add Route".

   

3. In the "Add Route” pop-up box, select the type of IPv6 IP address range, and add an IPv6 route rule.

   If no restriction exists on the target IP address range, you can directly write "::" in the "Target IP Address Range". Select "IPv6 Public Network Gateway" as the route type so that the next-hop instance directs to the created IPv6 gateway.

   

Description: The current IPv6 route type only supports instance routing, IPv6 gateway, and peer-to-peer connection.