forked from jiandanxinli/jiandanxinli.github.io
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy path2016-08-06.html
74 lines (63 loc) · 7.09 KB
/
2016-08-06.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
<!DOCTYPE html><html lang="zh-CN"><head><meta content="IE=edge;chrome=1" http-equiv="X-UA-Compatible" /><meta content="width=device-width, initial-scale=1" name="viewport" /><title>阿里云 Ubuntu 支持 IPv6 的完整步骤 · 简单心理技术团队</title><meta content="使用 Hurricane Electric Free IPv6 Tunnel Broker 来让阿里云服务器支持 IPv6" name="description" /><link href="/stylesheets/app.css" rel="stylesheet" /><link rel="alternate" type="application/atom+xml" title="Atom Feed" href="/feed.xml" /><link href="/images/favicon.ico" rel="icon" /></head><body><div class="animated fadeInDown"><div class="header container"><a class="logo" href="/"><img src="/images/logo.png" alt="Logo" /></a><h1><a href="/">简单心理 · 技术团队</a></h1><a class="github" href="https://github.com/jiandanxinli">github.com/jiandanxinli</a></div></div><div class="animated_container"><div class="content container animated fadeIn delay"><h2>阿里云 Ubuntu 支持 IPv6 的完整步骤</h2><div class="meta"><span class="date">2016-08-06</span><span class="author">Ben</span></div><blockquote>使用 Hurricane Electric Free IPv6 Tunnel Broker 来让阿里云服务器支持 IPv6</blockquote><p>前几天提交新版 iOS App 被拒,原因是在 IPv6 only 的环境下无法使用。但阿里云的 ECS 并不支持 IPv6,只提供 IPv4 的 IP。好在 Hurricane Electric (下文简称 HE)提供免费的 IPv6 通道,基本够用了。</p>
<p>先说下 ECS 的基本环境:</p>
<ul>
<li>操作系统:Ubuntu</li>
<li>前端服务器:Nginx</li>
</ul>
<p>启用 IPv6 的主要有四步:</p>
<ol>
<li>注册并创建 IPv6 通道</li>
<li>配置 ECS 使其支持 IPv6</li>
<li>配置 Nginx 使其监听 IPv6 端口</li>
<li>配置 DNS 使其支持 IPv6 解析</li>
</ol>
<p>第一步:注册并创建 IPv6 通道</p>
<ol>
<li>注册 <a href="https://www.tunnelbroker.net/">https://www.tunnelbroker.net/</a> (需要邮箱验证)</li>
<li>点击 <a href="https://www.tunnelbroker.net/new_tunnel.php">Create Regular Tunnel</a></li>
<li>在<code>IPv4 Endpoint (Your side)</code>处填上 ECS 的 IPv4 地址</li>
<li>在<code>Available Tunnel Servers</code>中选择<code>Hong Kong, HK</code>(如果你面向海外用户,可以选择更接近目标用户的地区)</li>
<li>点击<code>Create Tunnel</code>后,通道就创建完成了</li>
</ol>
<p>第二步:配置 ECS 使其支持 IPv6</p>
<ol>
<li>编辑<code>/etc/sysctl.conf</code>,将以下三项的配置改成<code>0</code></li>
</ol>
<pre class="highlight conf"><code> <span class="n">net</span>.<span class="n">ipv6</span>.<span class="n">conf</span>.<span class="n">all</span>.<span class="n">disable_ipv6</span> = <span class="m">0</span>
<span class="n">net</span>.<span class="n">ipv6</span>.<span class="n">conf</span>.<span class="n">default</span>.<span class="n">disable_ipv6</span> = <span class="m">0</span>
<span class="n">net</span>.<span class="n">ipv6</span>.<span class="n">conf</span>.<span class="n">lo</span>.<span class="n">disable_ipv6</span> = <span class="m">0</span>
</code></pre>
<ol>
<li>在<code>/etc/network/interfaces</code>底部加上以下内容(注:下面大写的<IPV6>处,需要替换成你在 HE 得到的<code>Server IPv6 Address</code>,但不包括最后的<code>::1/64</code>,如:<code>2001:470:100:100</code>)</li>
</ol>
<pre class="highlight conf"><code> <span class="n">auto</span> <span class="n">he</span>-<span class="n">ipv6</span>
<span class="n">iface</span> <span class="n">he</span>-<span class="n">ipv6</span> <span class="n">inet6</span> <span class="n">v4tunnel</span>
<span class="n">address</span> <<span class="n">IPV6</span>>::<span class="m">2</span>
<span class="n">netmask</span> <span class="m">64</span>
<span class="n">remote</span> <<span class="n">HE</span> 的 <span class="n">Server</span> <span class="n">IPv4</span> <span class="n">Address</span>>
<span class="n">local</span> <阿里云的 <span class="n">IPv4</span> 地址>
<span class="n">endpoint</span> <span class="n">any</span>
<span class="n">ttl</span> <span class="m">255</span>
<span class="n">gateway</span> <<span class="n">IPv6</span>>::<span class="m">1</span>
<span class="n">up</span> <span class="n">ip</span> -<span class="m">6</span> <span class="n">route</span> <span class="n">add</span> <span class="m">2000</span>::/<span class="m">3</span> <span class="n">via</span> ::<<span class="n">HE</span> 的 <span class="n">Server</span> <span class="n">IPv4</span> <span class="n">Address</span>> <span class="n">dev</span> <span class="n">he</span>-<span class="n">ipv6</span>
<span class="n">up</span> <span class="n">ip</span> -<span class="m">6</span> <span class="n">addr</span> <span class="n">add</span> <<span class="n">IPv6</span>>::<span class="m">1</span>:<span class="m">1</span>/<span class="m">128</span> <span class="n">dev</span> <span class="n">he</span>-<span class="n">ipv6</span>
<span class="n">up</span> <span class="n">ip</span> -<span class="m">6</span> <span class="n">addr</span> <span class="n">add</span> <<span class="n">IPv6</span>>::<span class="m">2</span>:<span class="m">1</span>/<span class="m">128</span> <span class="n">dev</span> <span class="n">he</span>-<span class="n">ipv6</span>
<span class="n">down</span> <span class="n">ip</span> -<span class="m">6</span> <span class="n">route</span> <span class="n">flush</span> <span class="n">dev</span> <span class="n">he</span>-<span class="n">ipv6</span>
</code></pre>
<ol>
<li>重启服务器</li>
<li>执行<code>ifup he-ipv6</code>确认 IPv6 已启用</li>
</ol>
<p>第三步:配置 Nginx 使其监听 IPv6 端口</p>
<pre class="highlight conf"><code><span class="n">server</span> {
<span class="n">listen</span> <span class="m">80</span>; // 监听 <span class="n">IPv4</span> 的 <span class="m">80</span> 端口
<span class="n">listen</span> [::]:<span class="m">80</span>; // 监听 <span class="n">IPv6</span> 的 <span class="m">80</span> 端口
}
<span class="n">server</span> {
<span class="n">listen</span> <span class="m">443</span> <span class="n">ssl</span> <span class="n">http2</span>; // 监听 <span class="n">IPv4</span> 的 <span class="m">443</span> 端口
<span class="n">listen</span> [::]:<span class="m">443</span> <span class="n">ssl</span> <span class="n">http2</span>; // 监听 <span class="n">IPv6</span> 的 <span class="m">443</span> 端口
}
</code></pre>
<p>第四步:配置 DNS 使其支持 IPv6 解析</p>
<p>这步最简单,只需给相应的域名加上<code>AAAA</code>解析,值填 HE 里的<code>Client IPv6 Address</code>,去掉最后的<code>/64</code>即可,如<code>2001:470:100:100::2</code></p>
</div></div><a class="top" href="#">Back to Top</a><div class="footer"><div class="container"><a class="logo" href="https://www.jiandanxinli.com"><img src="/images/logo_text.png" alt="简单心理" /></a><div class="links"><a href="/">Home</a><a href="/feed.xml">Feed</a><a href="https://github.com/jiandanxinli">Github</a><a href="https://www.jiandanxinli.com/pages/37">About</a></div><p>© 2014 - 2016 北京竹间科技有限公司 版权所有</p></div></div></body></html>