How to only allow IPv6 traffic between compute instances within the same data center?
I'm currently investigating on how to create a service that can only be reached by another service/s running on compute instances that are deployed by many other entities within the same data center.
How do I configure my compute instance/s to only allow IPv6 traffic from the same data center since the SLAAC IPv6 address is also a public address?
I'm currently thinking of just configuring UFW with ufw allow from 2400::8901::/48
but I'm not sure if it's correct (and wise). I'm not even sure if it's the correct prefix length.
I've also considered private IPv4 addresses but I'm assuming there are more subnets out there other than 192.168.0.0/18 and managing UFW rules for all of them would be challenging, especially if they're discontiguous.
I'm not well-versed in networking, especially IPv6; insight from much more knowledgable people are very much appreciated.
1 Reply
It sounds like you could probably benefit from using a VPC:
https://www.linode.com/content/using-linode-vlan-as-a-vpc-isolate-and-protect-your-infrastructure/
You basically have a private subnet that only you'd have access to.
More information can also be found here:
https://www.linode.com/blog/networking/go-private-with-vlans-and-vpcs/
Our documentation on getting started with VPC:
https://techdocs.akamai.com/cloud-computing/docs/getting-started-with-vpc
I hope that helps!
-Micah