All Products
Search
Document Center

NAT Gateway:FAQ about upgrading standard Internet NAT gateways to enhanced Internet NAT gateways

Last Updated:Mar 15, 2024

This topic provides answers to some frequently asked questions about upgrading standard Internet NAT gateways to enhanced Internet NAT gateways.

Does Alibaba Cloud charge an upgrade fee if I upgrade a standard Internet NAT gateway to an enhanced Internet NAT gateway?

No. You can upgrade a standard Internet NAT gateway to an enhanced Internet NAT gateway free of charge.

  • After a pay-as-you-go Internet NAT gateway is upgraded, the billing cycle changes from daily to hourly. However, the total cost does not change. For example, before a small-sized Internet NAT gateway is upgraded, the unit price is USD 2.591/day. After the small-sized NAT gateway is upgraded, the unit price is USD 0.108/hour (USD 0.108/hour × 24 hours = USD 2.591/day).

  • After a subscription Internet NAT gateway is upgraded, the billing remains unchanged.

Do upgrades cause service interruptions?

It takes about 5 minutes to upgrade a standard Internet NAT gateway to an enhanced Internet NAT gateway. During the upgrade process, the NAT gateway may experience one or two transient connections that last a few seconds. The service resumes after your workloads are reconnected.

Can I roll back an upgrade?

  • The system monitors the process when you upgrade a standard Internet NAT gateway to an enhanced Internet NAT gateway. If an exception occurs during the upgrade, the system rolls back the upgrade.

  • If an exception occurs after the upgrade is completed, you can contact your account manager to downgrade the enhanced Internet NAT gateway to a standard Internet NAT gateway.

After a standard Internet NAT gateway is upgraded to an enhanced Internet NAT gateway, are the configurations and public IP addresses of the standard Internet NAT gateway changed?

The elastic IP addresses (EIPs), SNAT rules, and DNAT rules of the standard Internet NAT gateway remain unchanged during the upgrade. You do not need to modify the configurations after the Internet NAT gateway is upgraded.

If the standard Internet NAT gateway to be upgraded is associated with NAT service plans, the public IP addresses provided by the NAT service plans are converted to EIPs. The maximum bandwidth and billing method remain unchanged after the NAT service plans are converted to Internet Shared Bandwidth instances. Only the NAT service plans are converted to Internet Shared Bandwidth instances. The IP addresses, SNAT rules, and DNAT rules remain unchanged. For more information, see Upgrade notes for standard Internet NAT gateways that are associated with NAT service plans.

When does Alibaba Cloud discontinue standard Internet NAT gateways? Can I continue to use my standard Internet NAT gateways after Alibaba Cloud discontinues them?

Alibaba Cloud discontinued standard Internet NAT gateways in November 2020. Standard Internet NAT gateways are no longer updated. However, you can continue to use your purchased standard Internet NAT gateways. Enhanced Internet NAT gateways are highly scalable and provide advanced features. To improve how you can manage your services, we recommend that you use the following methods to upgrade your standard Internet NAT gateways:

How can I upgrade a standard Internet NAT gateway to an enhanced Internet NAT gateway?

You can use one of the following methods:

What are the differences between enhanced Internet NAT gateways and standard Internet NAT gateways?

Feature

Enhanced Internet NAT gateway

Standard Internet NAT gateway

References

Whether a vSwitch must be associated when you create or upgrade an Internet NAT gateway

Yes

No

Create and manage Internet NAT gateways

Whether an IP address must be assigned from a vSwitch to an Internet NAT gateway

Yes

No

Associating a vSwitch with an Internet NAT gateway

Supported

Not supported

Deploying multiple Internet NAT gateways in the same virtual private cloud (VPC)

Supported

Not supported

Deploy multiple Internet NAT gateways in one VPC

Pay-by-CU

Supported

Not supported

Billing of Internet NAT gateways

Billed on an hourly basis

Supported

Not supported

Billed on a daily basis

Not supported

Supported

Processing TCP, UDP, and ICMP fragments

Supported

Not supported

Metric

22

4

Monitor and maintain Internet NAT gateways

Network traffic monitoring (TOP ECS)

Supported

Not supported

View traffic monitoring data collected by NAT gateways

Elastic Compute Service (ECS) instances using SNAT to access services that use DNAT to provide Internet-facing services when the same Internet NAT gateway is used for SNAT and DNAT

Not supported

Supported

N/A

Specifying the same EIP for both SNAT and DNAT entries

Supported

Not supported

Associate an EIP with an Internet NAT gateway

Do enhanced Internet NAT gateways support cross-zone disaster recovery?

Yes, enhanced Internet NAT gateways support cross-zone disaster recovery.

When you create an enhanced Internet NAT gateway or upgrade a standard Internet NAT gateway to an enhanced Internet NAT gateway, you need to specify only the vSwitch for the primary zone. You do not need to specify the vSwitch for the secondary zone. When the primary zone is down, the enhanced Internet NAT gateway automatically performs cross-zone disaster recovery.

How can I upgrade a standard Internet NAT gateway that is associated with NAT service plans?

NAT service plans cannot be associated with enhanced Internet NAT gateways. You can create a schedule to upgrade a standard Internet NAT gateway that is associated with NAT service plans in the console. You can also convert the NAT service plans to Internet Shared Bandwidth instances before you upgrade the standard Internet NAT gateway. For more information, see How can I upgrade a standard NAT gateway to an enhanced NAT gateway?

Why am I unable to find the upgrade option for upgrading my standard Internet NAT gateway in the console?

The upgrade option is unavailable in the console if your standard Internet NAT gateway is included in an upgrade blacklist due to one of the following reasons:

  • DNAT IP mapping or SNAT is configured on your standard Internet NAT gateway for accessing an EIP in a DNAT entry on the same gateway.

  • An ECS instance in the VPC where your standard Internet NAT gateway is deployed has multiple ENIs and EIPs are associated with the ENIs.

  • The total bandwidth of the NAT service plans and the EIPs that are associated with your standard Internet NAT gateway exceeds the limit, which is 5 Gbit/s.

If your standard Internet NAT gateway does not meet the preceding conditions, you can contact your account manager to remove your Internet NAT gateway from the blacklist. Then, you can upgrade the Internet NAT gateway in the console. If your standard Internet NAT gateway meets one of the preceding conditions, you can also contact your account manager to assist you with the upgrade.

Multiple ENIs are attached to an ECS instance, and an EIP is associated with one of the ENIs. Why do I fail to access the EIP of the ECS instance after I upgrade my standard Internet NAT gateway to an enhanced Internet NAT gateway?

Multiple ENIs are attached to an ECS instance, and an EIP is associated with one of the ENIs. Different ENIs are used to forward the inbound and outbound traffic of the ECS instance. After you upgrade your standard Internet NAT gateway to an enhanced Internet NAT gateway, the network traffic of the ECS instance is blocked. To resolve this issue, you must modify the route of the ECS instance before you upgrade the standard Internet NAT gateway to an enhanced Internet NAT gateway. Make sure that the inbound and outbound traffic of the ECS instance are forwarded by using the same ENI. For more information, see Configure routes for a secondary ENI that is bound to an instance that runs an Alibaba Cloud Linux 2 or CentOS 7 operating system.

Why am I unable to obtain monitoring data by calling the CloudMonitor API after I upgrade a standard Internet NAT gateway to an enhanced Internet NAT gateway?

Enhanced Internet NAT gateways support more metrics than standard Internet NAT gateways and some metrics use different names from those supported by standard Internet NAT gateways. Therefore, you cannot collect monitoring data from an enhanced Internet NAT gateway if you specify the names of metrics supported by standard Internet NAT gateways when you call the DescribeMetricList operation. You must specify the names of metrics supported by enhanced Internet NAT gateways when you collect monitoring data from an enhanced NAT gateway. For more information, see Monitoring metrics of Enhanced NAT gateways.

After I convert a NAT service plan to an Internet Shared Bandwidth, why am I unable to collect the original metrics?

After you convert a NAT service plan to an Internet Shared Bandwidth, the metrics supported by the NAT service plan become invalid. You can view the metrics supported by the Internet Shared Bandwidth. For more information, see Metrics for Internet Shared Bandwidth instances.