This topic describes the limits on NAT Gateway and how to apply for a quota increase.
Internet NAT gateways
|Number of enhanced Internet NAT gateways that you can create for a virtual private cloud (VPC)||5||Submit a ticket.|
|Number of standard Internet NAT gateways that you can create for a VPC||1||N/A|
|Number of elastic IP addresses (EIPs) that you can associate with an Internet NAT gateway||20. You can associate at most 10 pay-by-data-transfer EIPs with an Internet NAT gateway.|
|Number of pay-by-data-transfer EIPs that you can associate with an Internet NAT gateway||10|
|Creating an Internet NAT gateway for a VPC that contains a custom route entry whose destination CIDR block is 0.0.0.0/0||
|Number of SNAT entries that you can add to an Internet NAT gateway||40|
|Number of EIPs that you can specify in a SNAT entry||64||N/A|
|Whether the bandwidth of a vSwitch is limited by the bandwidth limit of the EIPs in the SNAT entry that is created for the vSwitch||Yes
Note If the EIPs are associated with an EIP bandwidth plan, the bandwidth of the vSwitch is limited by the bandwidth limit of the EIP bandwidth plan.
|Whether the number of concurrent connections is limited by the number of EIPs specified in a SNAT entry||When ECS instances that are not assigned public IP addresses or EIPs use an Internet NAT gateway to access an IP address and port over the Internet, the number of concurrent connections supported by the Internet NAT gateway is N × 55,000. N is the number of EIPs specified in the SNAT entry.|
|The bandwidth limit of each EIP in a SNAT entry||If you specify multiple EIPs when you create a SNAT entry, network traffic is distributed to the EIPs based on a specific hashing algorithm instead of evenly distributed across the EIPs. This may cause bandwidth overage of individual EIPs and result in service interruptions. To solve this problem, we recommend that you associate the EIPs with an EIP bandwidth plan so that bandwidth can be evenly allocated to each EIP.
For more information, see Create a SNAT IP address pool.
- Change the bandwidth limit from a value lower than 1 Gbit/s to a value greater than 1 Gbit/s.
- Change the bandwidth limit from a value greater than 1 Gbit/s to a value lower than 1 Gbit/s.
We recommend that you enable automatic reconnection for your workloads to minimize the impact of service interruptions.
|Number of DNAT entries that you can add to an Internet NAT gateway||100|
|Creating DNAT entries for ECS instances with which EIPs are associated||Not supported.
Before you can create DNAT entries for the ECS instances, you must disassociate the EIPs from the ECS instances. For more information, see Disassociate an EIP from a cloud resource and Configure DNAT to provide Internet-facing services.
Note If you create a DNAT entry for an ECS instance that is associated with an EIP, the ECS instance preferentially uses the EIP to communicate with the Internet.
VPC NAT gateways
|Number of VPC NAT gateways that you can create for a VPC||5||Submit a ticket.|
|Number of NAT CIDR blocks that you can create for a VPC NAT gateway||50 (default NAT CIDR block included)||N/A|
|Number of IP addresses that can be included in a NAT CIDR block||50||N/A|
|Number of SNAT entries that you can add to a VPC NAT gateway||40|
|Number of IP addresses that you can specify in a SNAT entry||1||N/A|
|Number of DNAT entries that you can add to a VPC NAT gateway||100|