The all-new enhanced NAT gateways offer high performance and automatic elasticity with extensive O&M features.Learn More
You can upgrade standard NAT gateways enhanced NAT gateways for free.Learn More
Improved accuracy of NAT gateway billing based on usage (CU capacity)Learn More
NAT Gateway offers high performance, automatic elasticity, and flexible billing options with extensive O&M features.
A NAT gateway supports tens of Gbit/s of throughput and millions of connections. This meets the requirements of large-scale workloads migrated to the cloud.
Provides reliable gateway services that support disaster recovery across data centers with automatic elasticity as the business fluctuates
Supports bandwidth sharing among multiple VPCs and ECS instances to reduce bandwidth costs significantly
The graphic console makes it easy to create custom NAT rules and provides more than 22 monitoring metrics to facilitate operations and maintenance.
Public Address Translation
Flexible SNAT and DNAT management allows you to easily provide Internet access and services for instances in a VPC.
SNAT allows multiple ECS instances in a VPC to use the same EIP to access the Internet. This prevents security risks caused by direct exposure of ECS instances to the Internet.
DNAT allows you to open specified ports on instances in a VPC to the Internet. Multiple instances can use the same EIP to provide Internet-facing services.
You can associate multiple EIPs with a single NAT gateway to easily implement horizontal scale-out of EIPs.
Private Address Translation
Flexible SNAT and DNAT management allows you to implement access between private networks with specified IP addresses. This effectively resolves the IP address conflicts between private networks and implements secure isolation.
SNAT allows multiple ECS instances in a VPC to use the same private IP address to access private networks. This hides the actual IP addresses of the ECS instances, prevents IP address conflicts, and reduces the risk of direct server attacks.
DNAT allows you to open specified ports on instances in a VPC to a connected network. Instances can use the specified private IP address to provide services.
Custom Address Translation
You can flexibly manage the private IP addresses for mutual access to meet the business requirements for mutual access with specified IP addresses.
High Performance and Elasticity
Pay-by-CU instances support auto scaling to a throughput of 15 Gbit/s at most based on your usage.
Dedicated NAT gateways support a throughput capacity of 100 Gbit/s and tens of millions of concurrent connections. This effectively meets Internet access requirements of a large number of instances.
Traffic metrics in multiple dimensions are displayed in a visual manner. You can set alert rules based on each metric to detect and resolve issues at the earliest opportunity.
Top ECS Instances
You can monitor and display the traffic of ECS instances. This allows you to analyze business usage and accurately find ECS instances with abnormal business traffic.
For cloud-deployed services that require Internet access, usually, one ECS instance is associated with one EIP. The EIP cannot handle large numbers of requests when the workload of the ECS instance spikes. In this case, more EIPs and SNAT rules are required.
A NAT gateway allows you to add multiple EIPs to a SNAT IP address pool. When the ECS instance initiates an Internet connection request, the ECS instance randomly selects an EIP from the SNAT IP address pool to access the Internet.
Supports a large number of SNAT connections
Supports up to 2 million connections and allows you to expand the capacity to 10 million connections
Supports a large number of new SNAT connections
Supports up to 100,000 new connections and allows you to expand the capacity to 1 million new connections to meet the requirements of large-scale workloads
Virtual Private Cloud
Helps you build an isolated network environment on Alibaba Cloud.Learn More
When an enterprise expands, more than one ECS instance is necessary to provide external services. Each ECS instance is deployed with an application service, which provides services to the Internet. The ECS instances have different bandwidth requirements at different times. This may waste resources if you purchase bandwidth resources separately for each ECS instance.
In this case, you can purchase a NAT gateway to enable bandwidth sharing with multiple applications to save bandwidth costs.
Supports high throughput capacity
Supports 5 Gbit/s of throughput and allows you to expand the capacity to 100 Gbit/s of throughput to meet the requirements of large-scale Internet services
Provides flexible billing options
Shared bandwidth supports flexible billing options to reduce costs further
When a business expands, different workloads deployed in the same VPC must be securely isolated from one another, and their access to the Internet must be controlled.
In this case, you can create multiple enhanced NAT gateways in the VPC to forward traffic to different destinations. You can also create different access control policies for the NAT gateways to precisely manage access to the Internet.
Supports flexible and fine-grained traffic management
Supports traffic management of individual vSwitches and ECS instances and provides various traffic monitoring metrics.
Supports multiple NAT gateways in one VPC
Supports up to five NAT gateways in one VPC. You can submit a ticket to increase the quota.
How It Works
If an ECS instance in a VPC is assigned a public IP address and other ECS instances in the VPC access the Internet using the SNAT feature of NAT Gateway, the ECS instances in the VPC use different IP addresses to access the Internet.
In this case, you can create a NAT gateway for the ECS instances so they can use the same public IP address to access the Internet. The ECS instances that do not have public IP addresses in the VPC can access the Internet using SNAT.
Easy to Use
NAT Gateway provides detailed configuration guides to help you set up Internet access using one public IP address.
Supports a variety of scenarios
You can configure NAT Gateway to access the Internet using the same public IP address for ECS instances associated with EIPs or ECS instances with IP address mapping configured using DNAT.
How It Works
After the merger and acquisition of enterprises, multiple branches are connected over networks. As a result, IP address conflicts are common on cloud networks and data center networks. The enterprises need a solution to effectively manage IP address conflicts. In addition, they need to implement communication between VPCs and data centers and between VPCs.
IP Address Conflict Prevention
Each enterprise is assigned a private CIDR block. They can communicate with each other based on address translation provided by NAT gateways.
Comprehensive Translation Rules
Each enterprise network can access the private CIDR blocks of other enterprise networks by using SNAT, and expose services to other enterprise networks by using DNAT.
In addition to communication between VPCs, NAT gateways also support a hybrid cloud network architecture.
How It Works
With the development of business, enterprises in the financial industry have gradually migrated their business to the cloud. They connect to the data centers of regulatory agencies by using leased lines. VPC NAT gateways can be deployed to manage leased line traffic. They provide NAT services to allow enterprises to provide services with specified IP addresses. This meets the compliance and regulatory requirements of enterprises. In addition, traceability before and after NAT is provided to meet the needs of regular compliance audits.
Both SNAT and DNAT features are supported to implement mutual access between VPCs and data centers.
Security and Compliance
Enterprises can use specified new IP addresses to communicate with a data center. This meets compliance and regulatory requirements for specific IP addresses.
VPC NAT gateways adopt a cluster design to prevent single point of failure and meet the requirements for highly reliable interconnections.
Upgraded Support For You
1 on 1 Presale Consultation, 24/7 Technical Support, Faster Response, and More Free Tickets.