0

I have created:

  • An EC2 instance with IPv6 and IPv4 support, running Ubuntu 16.04 and Apache 2.4
  • A dualstack internet-facing application ELB, with the above EC2 instance in its target group

Accessing the website through the ELB's DNS name works fine under IPv4. But testing IPv6 with different online test providers I get a "web server is unreachable : Connection timed out" error.

Here are the inbound rules for both the ELB and EC2 security group:

enter image description here

Not sure what I did wrong?

Eric
  • 213
  • 1
  • 9
  • Suggest you allow ICMP (all) through and try a ping and a traceroute. They should pass through the ELB ok. You might also try accessing your instances directly rather than through the ELB, which will probably require a few changes to your VPC and security group rules. – Tim Aug 29 '17 at 19:29
  • @Tim ICMP does not pass through an ELB. It's discarded regardless of security group settings. Pings always time out. – Michael - sqlbot Aug 29 '17 at 21:28
  • I guess then it needs to be direct to the instance with a public IP6 address, with an IP6 ping. – Tim Aug 29 '17 at 22:15
  • Wanted to direct it directly to the instance but the EC2 provided IP6 is a private IP6 address (within the defined CIDR for the subnet). Is there a way to request/get a public IP6? Even Elastic IPs seem to be only IPv4 – Eric Aug 30 '17 at 08:04

1 Answers1

1

are security groups also open for ipv6 that are attached to the ELB?

Mike
  • 22,310
  • 7
  • 56
  • 79
  • not sure what you mean? the security group attached to the ELB and the one attached to the instance are both configured as shown in the screenshot. So they seem to be open to all ipv6 IPs – Eric Aug 29 '17 at 15:35