This is mainly applicable if you want to have IPv6-only subnets rather than dual-stack. You might do this because you don't want to have to worry about IPv4 address conflicts or whatever.
You must either have or create a separate IPv4 public subnet from the IPv6-only subnet. Configure a NAT gateway (which must have an IPv4 address) in this subnet.
Destination | Target |
---|---|
<IPv4 CIDR> |
local |
<IPv6 CIDR> |
local |
0.0.0.0/0 |
igw |
::/0 (optional) |
igw or eigw |
Enable DNS64 in this subnet.
Destination | Target |
---|---|
<IPv4 CIDR> |
local |
<IPv6 CIDR> |
local |
::/0 |
igw or eigw |
64:ff9b::/96 |
ngw or eni |
The AWS NAT Gateway is quite expensive so it might be preferable to run an EC2 instance that functions as a NAT gateway.
-
Launch an EC2 instance of type t4g.nano with Ubuntu in a dual-stack subnet. It must have a public IPv4 address.
-
Disable "Source/Destination check" in the instance attribute.
-
Install Jool:
sudo apt update && sudo apt install -y jool-dkms jool-tools
-
Configure Jool with script, create systemd unit and enable it on boot.