Community Blog Alibaba Cloud Enhanced NAT Gateway Roll Out

Alibaba Cloud Enhanced NAT Gateway Roll Out

This article introduces the newly launched enhanced NAT Gateway and its benefits.

Alibaba Cloud's enhanced NAT Gateway is a Network Address Translation (NAT) gateway for enterprises with two-way NAT capability. An enhanced NAT Gateway is compatible with all of the standard functions NAT Gateways and also has comprehensive upgrades on its technical architecture. It provides more than 22 metrics, flexible pay-per-use billing, high performance, high availability, elasticity, security protection, and various O&M capabilities.

NAT Gateway is mainly used for SNAT/DNAT operations at the public Internet egress. Many users from various industries are using Alibaba Cloud's NAT Gateway to manage public IP addresses and traffic. However, with the tidal change of business scale, traffic analysis has become more difficult, and costs brought by the sharp increases in traffic are also getting higher. Businesses with sudden traffic increases, such as the Internet, new finance, livestream, e-commerce, popular games, online education, short videos, and telecommuting, require more valuable and various NAT Gateway products. For this reason, Alibaba Cloud has been considering the following three points:

1. What are the biggest demands of users for NAT products?

2. What new strengths do users expect from NAT products?

3. What kind of NAT products can Alibaba Cloud provide to users?

After many discussions and investigations, Alibaba Cloud has summarized several practical issues and concerns and upgraded its standard NAT Gateway in an all-round way. Alibaba Cloud will continue to evolve and iterate its NAT products based on the new architecture of the enhanced NAT Gateway to meet new requirements of users.

What Are the New Features of the Enhanced NAT Gateway?

Flexible Billing: The flexible billing method (CU billing per hour)

Multiple EIPs are associated with NAT. In the past, the NAT fee was charged daily regardless of usage specifications. On the contrary, the enhanced NAT Gateway fees are charged hourly. Statistics on CU values (newly created instances, concurrent instances, and traffic) are collected every hour. The average cost is reduced by about 20% while using the enhanced NAT Gateway.


Easy O&M: The enhanced NAT Gateway provides full-service traffic O&M, monitoring, and dashboard displaying capabilities for business traffic with 22 metrics.

Almost all NAT users are exposed to high O&M pressure. Traffic is the most intuitive response in daily failure. The enhanced NAT Gateway can locate the inbound and outbound traffic of TOP ECS instances and the information about newly created gateways, as well as the concurrency and the packet loss of a NAT gateway. It can also the show packet loss and total volume between VPCs and the public Internet.


Elasticity: Changing with users' business, the elasticity of the enhanced NAT Gateway can meet the high concurrency demands of users, such as sharp traffic increases.

In businesses, such as e-commerce promotion, game releases, financial services, and livestreams, users used to estimate the traffic in advance to purchase corresponding NAT instances. Although the purchase cost is low, the underestimated traffic may affect the business, while the overestimated traffic may increase users' costs and waste resources. An enhanced NAT Gateway provides flexible elasticity without resource estimation. Users are charged based on the hourly usage. Therefore, it is more flexible, stable, and cost-effective for users.

High Performance: The enhanced NAT Gateway meets the needs of various scenarios in all industries with support for up to 100 Gbps forwarding, 20 million concurrent connections, and 2.5 million new connections.

Traditional NAT gateways are prone to performance bottlenecks. In the hybrid cloud scenario with large bandwidth access, high-performance NAT services are required. Businesses with tidal changes also need high-performance NAT services to meet the business requirements, such as the Internet, e-commerce promotion, game releases, financial services, and livestreams.

High Availability: The enhanced NAT Gateway supports multi-zone disaster recovery to meet the requirements of high business continuity.

Multi-zone disaster recovery is essential for businesses that have high real-time requirements, such as finance, retail, and the Internet. It is supported by the architecture of the enhanced NAT Gateway.

New Features: Multiple NAT gateways can be contained in one VPC. A single IP address can support both SNAT and DNAT.


An Introduction to the NFV Architecture of Enhanced NAT Gateway

The next-generation NFV platform architecture of Alibaba Cloud Network and its advantages:

Alibaba Cloud Network products are supported by the Apsara Luoshen system. It was named after a classic Chinese myth. Alibaba Cloud wishes its network products can smoothly connect resources like river channels. The Apsara Luoshen system recently launched the next-generation open and elastic Network Function Virtualization (NFV) platform. This platform provides universal network forwarding and control capabilities based on the ECS environment on the cloud. It also supports NATGW, SLB, PrivateLink, VPN, and many other network products. The NFV platform features elastic scaling, disaster recovery, multitenancy, and ecosystem friendliness.

  1. Depending on the NFV orchestration and resource pool management of ECS network elements, the NFV platform provides minute-level delivery and unlimited expansion capability to meet the elastic needs of different businesses. In addition, the platform can unload hardware with massive traffic or elephant flow based on a forwarding architecture that combines software with hardware.
  2. In terms of reliability, the platform is capable of multi-path access, supporting multi-zone and multi-instance disaster recovery. It also implements load balancing and can recover a single abnormal node automatically.
  3. The NFV platform supports multitenancy, which separates the VPCs of service providers from those of service consumers. The platform also supports third-party ecosystem access while providing various business network elements.


The enhanced NAT Gateway is built on the next-generation NFV architecture, which provides super performance, high elasticity, flexibility, and various features. In the future, more features will be built and evolved based on the next-generation NFV architecture.

0 0 0
Share on


19 posts | 11 followers

You may also like