This topic describes the limits on NAT gateways and Elastic IP addresses that are associated with NAT gateways.

Limits on NAT gateways

Item Limit Quota increase supported
The number of NAT gateways that can be configured for a Virtual Private Cloud (VPC) 1 No.
Support for a public IP address to use in both a SNAT table and a DNAT table Not supported No.
The number of DNAT entries that can be added to a NAT gateway 100 Yes. You can apply for an increase on the Quota Management page in the console. For more information, see Manage quotas.
The number of SNAT entries that can be added to a NAT gateway 40 Yes. You can apply for an increase on the Quota Management page in the console. For more information, see Manage quotas.
The number of public IP addresses that can be associated with a SNAT entry 64 No.
Support for creating a NAT gateway for a VPC that contains a custom route entry whose destination CIDR block is 0.0.0.0/0 Not supported
Note You must delete the custom route entry 0.0.0.0/0 before you can create a NAT gateway for the VPC.
No.
Limits on the VSwitch by the peak bandwidth of the associated Elastic IP address after a SNAT entry is added to the VSwitch Yes
Note If the Elastic IP address is added to a shared bandwidth, the VSwitch is limited by the peak bandwidth of the shared bandwidth.
No.

Limits on associating Elastic IP addresses with NAT gateways

Item Limit Quota increase supported
The number of Elastic IP addresses that can be associated with a NAT gateway 20 Yes. You can apply for an increase on the Quota Management page in the console. For more information, see Manage quotas.
The number of pay-by-data-transfer Elastic IP addresses that can be associated with a NAT gateway 10 Yes. You can apply for an increase on the Quota Management page in the console. For more information, see Manage quotas.
The peak bandwidth supported by an Elastic IP address that is associated with a NAT gateway 200 Mbit/s No.

Additional limits:

Additional limits on NAT gateways are described as follows:
  • When ECS instances without public IP addresses in a VPC access the same destination IP address and port on the Internet by using a NAT gateway, the maximum connections for the NAT gateway is limited based on the number of Elastic IP addresses configured for the SNAT entries of a NAT gateway.
    • If one Elastic IP address is configured for the SNAT entries of a NAT gateway, the Max Connections for a NAT gateway is 55,000.
    • If multiple Elastic IP addresses are configured for the SNAT entries of a NAT gateway, the maximum connections for a NAT gateway is calculated based on the formula: n x 55,000 (n refers to the number of Elastic IP addresses).
  • The maximum bandwidth for each public IP address in a SNAT IP address pool is 200 Mbit/s. To make full use of the shared bandwidth and avoid port conflicts caused by insufficient public IP addresses, we recommend that you add public IP addresses in a SNAT rule as follows:
    • If the peak bandwidth of the shared bandwidth is 1024 Mbit/s, configure at least five public IP addresses in the SNAT rule.
    • For each additional 200 Mbit/s of the peak bandwidth of the shared bandwidth, at least one public IP address must be added in the SNAT rule.
  • If you have created a NAT bandwidth package for a NAT Gateway before 23:59 January 26, 2018, you must use the bandwidth package to associate public IP addresses with the NAT gateway. For more information about how to associate an EIP with a NAT gateway, see Why am I unable to associate an EIP with a NAT Gateway in the NAT Gateway console?
  • If you use the SNAT function and the SNAT IP address is added to a shared bandwidth, your business may be interrupted intermittently when you change the peak bandwidth of the shared bandwidth as follows:
    • Change the peak bandwidth that is smaller than 1 Gbit/s to a value greater than 1 Gbit/s.
    • Change the peak bandwidth that is greater than 1 Gbit/s to a value smaller than 1 Gbit/s.

    We recommend that you set up an automatic reconnection mechanism to minimize the impact of transient disconnections on your business.