This topic provides an overview of NAT Gateways. A NAT Gateway is an enterprise-class VPC Internet gateway that provides NAT proxy services (SNAT and DNAT), up to 10 Gbps forwarding capacity and cross-zone disaster tolerance.

NAT Gateway diagram


As an Internet gateway, a NAT Gateway requires public IP addresses to function. After creating a NAT Gateway, you can associate one or more Elastic IP Addresses (EIPs) with the NAT Gateway.
Note If you have created a NAT bandwidth package for a NAT Gateway before 23:59 January 26, 2018, you still need to use the bandwidth package to associate public IP addresses with the NAT Gateway. To associate an EIP with a NAT Gateway, follow the steps in Why am I unable to associate an EIP with a NAT Gateway in the NAT Gateway console.
NAT Gateways support SNAT and DNAT.
  • SNAT allows an Elastic Compute Service (ECS) instance without a public IP address to access the Internet.
  • DNAT maps a public IP address of a NAT Gateway to an ECS instance so that the ECS instance can be accessible from the Internet.

Reduce the Internet costs of a NAT Gateway

You can use Internet Shared Bandwidth and Data Transfer Plan to reduce the Internet costs of a NAT Gateway.
  • Internet Shared Bandwidth provides region-level bandwidth sharing. You can add an EIP associated with a NAT Gateway to an Internet Shared Bandwidth instance so that the EIP can use the bandwidth of the Internet Shared Bandwidth. For more information, see Add EIPs to an Internet Shared Bandwidth instance.
  • A Data Transfer Plan is an affordable traffic package which takes effect immediately upon purchase. The traffic fees generated by ECS instances, EIPs, Server Load Balancers (SLBs) and Internet Shared Bandwidth instances are automatically deducted from the Data Transfer Plan. For more information, see Purchase a Data Transfer Plan.