You can use NAT gateways to enable Elastic Compute Service (ECS) instances in virtual private clouds (VPCs) to access the Internet and receive requests from the Internet.
Create a SNAT gateway to enable ECS instances to access the Internet
You can create a NAT gateway for a VPC, associate an elastic IP address (EIP) with the NAT gateway, and then create a Source Network Address Translation (SNAT) entry on the NAT gateway. This way, the ECS instances in the VPC can access the Internet by sharing the EIP. This saves public IP resources. For more information, see Enable ECS instances to access the Internet through SNAT.
Create a DNAT gateway to enable ECS instances to receive requests from the Internet
- Port mapping: A NAT gateway forwards requests destined for an EIP to the specified ECS instance. Requests are forwarded based on the specified source and destination ports and the specified protocols used by both ports.
- IP mapping: A NAT gateway forwards all requests destined for an EIP to the specified ECS instance.
EIP bandwidth plan
To allow an application that is deployed on an ECS instance to provide services over the Internet, you must purchase Internet bandwidth for the application. Make sure that you have sufficient bandwidth resources to handle traffic fluctuations. When more than one application need to provide services over the Internet, you may need to purchase Internet bandwidth for each application. However, this increases the cost and causes resource wastes.