Alibaba Cloud Network Address Translation (NAT) gateways are enterprise-class gateways that provide the Source Network Address Translation (SNAT) and Destination Network Address Translation (DNAT) features. Each NAT gateway provides a throughput capacity of up to 10 Gbit/s. NAT gateways also support cross-zone disaster recovery.
Alibaba Cloud NAT Gateway provides Source Network Address Translation (SNAT), Destination Network Address Translation (DNAT), and bandwidth sharing features.
SNAT allows ECS instances without public IP addresses in a VPC to access the Internet. SNAT can also be used as a firewall to prevent unwanted access to backend servers. After you configure SNAT entries to allow backend servers to initiate connections with specific external terminals, only these external terminals will be able to access the backend servers.
DNAT maps a public IP address of a NAT gateway to an ECS instance so that the ECS instance can be accessible from the Internet. DNAT supports port mapping and IP mapping.
You can associate an EIP with a NAT gateway, and then add the EIP to an EIP bandwidth plan. After the EIP is added to an EIP bandwidth plan, the original billing method of the EIP is no longer effective and the EIP incurs only instance fees.
Alibaba Cloud NAT Gateway is flexible and easy to use, has high performance and high availability, and supports Pay-As-You-Go billing.
As an enterprise-class public network gateway for VPC, NAT Gateway provides SNAT and DNAT functions, which means you do not have to build your own SNAT gateway for your servers. NAT Gateway features high flexibility, stability, and reliability, and is easy to use.
NAT Gateway, virtual network hardware, is based on Alibaba Cloud's self-developed distributed gateway and is supported by SDN virtualization technology. With the forwarding capacity of up to 10 Gbps, NAT Gateway supports large-scale Internet applications.
NAT Gateway supports the cross-zone disaster recovery. Failure in a single zone does not affect the service of NAT Gateway.
You can change the gateway specification and the number of EIPs at any time to meet changing service requirements.
You can use NAT gateways to enable Elastic Compute Service (ECS) instances in virtual private clouds (VPCs) to access the Internet and receive requests from the Internet.
You can create a NAT gateway for a VPC, associate an elastic IP address (EIP) with the NAT gateway, and then create a Source Network Address Translation (SNAT) entry on the NAT gateway. This way, the ECS instances in the VPC can access the Internet by sharing the EIP. This saves public IP resources. For more information, see Enable ECS instances to access the Internet through SNAT.
You can also associate multiple EIPs with the NAT gateway. When an ECS instance needs to access the Internet, it randomly selects an EIP from the SNAT IP address pool. If one of the EIPs is under attack, the ECS instance can randomly select another EIP from the SNAT IP address pool to access the Internet. This ensures the high availability of your workloads. We recommend that you associate multiple EIPs with a NAT gateway to avoid service interruption caused by EIP failures.
You can create a NAT gateway for a VPC, associate EIPs with the NAT gateway, and then create a Destination Network Address Translation (DNAT) entry on the NAT gateway. This way, ECS instances in the VPC can receive requests from the Internet through port mapping or IP mapping.
To allow an application that is deployed on an ECS instance to provide services over the Internet, you must purchase Internet bandwidth for the application. Make sure that you have sufficient bandwidth resources to handle traffic fluctuations. When more than one application needs to provide services over the Internet, you may need to purchase Internet bandwidth for each application. However, this increases the cost and causes resource wastes.
To reduce bandwidth cost and optimize bandwidth usage, you can associate EIPs with your NAT gateway and then add the EIPs to an EIP bandwidth plan. This way, you can centrally manage and monitor Internet traffic.
NAT Gateway is an enterprise-class public network gateway, providing proxy services (SNAT and DNAT), up to 10 Gbps forwarding capacity, and cross-zone disaster recovery. NAT Gateway helps you establish an Internet gateway for a VPC by configuring SNAT and DNAT entries, allowing more flexible use of network resources.
Alibaba Clouder - January 9, 2020
AlibabaCloud_Network - November 12, 2018
Alibaba Clouder - June 18, 2020
Alibaba Clouder - May 24, 2019
Alibaba Clouder - February 8, 2021
Alibaba Clouder - June 16, 2020
A public Internet gateway for flexible usage of network resources and access to VPC.Learn More
Power your progress in China by working with the NO.1 cloud provider of this dynamic market.Learn More
A tool product specially designed for remote access to private network databasesLearn More
SmartAG provides an end-to-end cloud deployment solution for connecting hardware and software to Alibaba Cloud.Learn More
More Posts by Alibaba Clouder