1 réponse
- Le plus récent
- Le plus de votes
- La plupart des commentaires
2
As of this writing, you cannot create IPv6 mount targets for EFS file systems in an AWS VPC.
As a workaround, you can create a mount target in an IPv4 (or dual-stack) subnet in the same VPC, and use NAT64+DNS64 to perform IPv6-to-IPv4 translation in your subnet so that the instance can access the mount target. To do this, perform the following steps:
- Ensure DNS64 support is enabled for your IPv6-only subnet.
- If you don't have one already, create an IPv4 subnet in the same VPC. This subnet can be private.
- Create a NAT Gateway in your VPC, either in the subnet you created above, or in a different IPv4 subnet in the VPC. (You cannot put it in an IPv6-only subnet.) Many customers place their NAT Gateways in public subnets; the choice is yours.
- In the routing table associated with your IPv6-only subnet, add a route to the destination 64:ff9b::/96, using your NAT Gateway as the target. (The IPv6 prefix 64:ff9b is used for mapping IPv4 names to IPv6 addresses that can be accessed by your IPv6-only instance via the NAT Gateway.)
- Create a Security Group in your VPC. For the ingress rule, allow inbound traffic over the NFS port from the IPv4 subnet in which your NAT Gateway resides (e.g., 10.0.0.0/24).
- Add a mount target to your EFS filesystem. Specify one of the IPv4 subnets as the subnet. It cannot be an IPv6-only subnet. Specify the Security Group you created in the previous step.
Once those steps have been completed, you should be able to mount the filesystem from your IPv6-only EC2 instance. For example:
$ ip addr show eth0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 9001 qdisc mq state UP group default qlen 1000
link/ether 02:62:78:xx:xx:xx brd ff:ff:ff:ff:ff:ff
inet 169.254.29.180/32 scope global dynamic eth0
valid_lft 2356sec preferred_lft 2356sec
inet6 2600:1f14:31b:xxxx:xxxx:xxxx:xxxx:xxxx/128 scope global dynamic
valid_lft 413sec preferred_lft 103sec
inet6 fe80::62:78ff:xxxx:xxxx/64 scope link
valid_lft forever preferred_lft forever
$ sudo mount -t nfs -o nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2,noresvport fs-xxxxxxxxxxx.efs.us-west-2.amazonaws.com:/ /mnt
$ ls /mnt
...
$ $ mount | grep /mnt
fs-xxxxxxxxxxxxxxxxxxxx.efs.us-west-2.amazonaws.com:/ on /mnt type nfs4 (rw,relatime,vers=4.1,rsize=1048576,wsize=1048576,namlen=255,hard,noresvport,proto=tcp6,timeo=600,retrans=2,sec=sys,clientaddr=2600:1f14:31b:2b80:xxxx:xxxx:xxxx:xxxx,local_lock=none,addr=64:ff9b::a00:1d5)
Contenus pertinents
- Réponse acceptéedemandé il y a un an
- demandé il y a 10 mois
- demandé il y a un an
- demandé il y a un an
- AWS OFFICIELA mis à jour il y a un an
- AWS OFFICIELA mis à jour il y a 2 ans
- AWS OFFICIELA mis à jour il y a un an