Public Cloud – Flexible Engine
NAT Gateway – Translate network address gateway to connect internet to your network
Allows ECSs to access the Internet using elastic IP addresses (EIPs) or to provide services for external networks
The NAT Gateway service offers the Network Address Translation (NAT) function for Elastic Cloud Servers (ECSs) in a Virtual Private Cloud (VPC), allowing these ECSs to access the Internet using elastic IP addresses (EIPs) or to provide services for external networks.
NAT Gateway : types and performances
The NAT Gateway service provides different types for different application scenarios.
- SNAT
The NAT gateway type determines two elements of the source network address
Translation function (SNAT), the maximum number of connections and the number of new connections per second.
The data rate is determined by the bandwidth of the EIPs.
Types |
Maximum Number of SNAT Connections |
Number of New SNAT Connections per Second |
Small |
10 000 |
1 000 |
Medium |
50 000 |
5 000 |
Large |
200 000 |
10 000 |
Extra-large |
1 000 000 |
30 000 |
Benefits
Flexible deployment
The NAT Gateway service can be deployed flexibly across subnets and across AZs. Any fault in a single AZ does not affect the service continuity of NAT Gateway. The types and public IP address of a NAT gateway can be adjusted at any time.
Diversified and easy-to-use
Multiple types of NAT gateways are available. User can use them after simply configuring them. NAT gateways support easy operation and maintenance (O&M) and quick provisioning. They can run stably and reliably.
Cost-effective
Multiple ECSs share an elastic IP address. When you send data through a private IP address or provide services for the Internet using a NAT gateway, the NAT Gateway service translates the private IP address to a public IP address. Users do not need to purchase additional EIPs and bandwidth resources for their ECSs to access the Internet.
Scenarios
- The NAT Gateway service supports ECSs and Bare Metal Servers (BMSs).
- Tenants in the VPC can use shared EIPs to access the Internet. Multiple types of NAT gateways are available.
- Access to the public network is implemented by the SNAT function of the NAT Gateway service. SNAT allows resources that are not assigned EIPs in a VPC to access the public network directly and supports a huge number of concurrent connections. Therefore, the NAT Gateway service can be used in the scenarios with a large number of requests and connections.
- The DNAT function enables multiple ECSs in a VPC to share the same EIP and bandwidth to provide services for the Internet. Users can control bandwidth resources more precisely.
Usage restrictions
Observe the following constraints when using the NAT Gateway service:
- Multiple rules for one NAT gateway can reuse the same EIP, but the rules for different NAT gateways must use different EIPs.
- Each VPC can have only one NAT gateway.
- Users cannot manually add the default route in a VPC.
- Only one SNAT rule can be added to a subnet in a VPC.
- SNAT and DNAT cannot share the same EIP.
- When the EIP and NAT Gateway services are configured on the ECS, data is forwarded through the EIP.