You can use the DNAT function to map a public IP to the private IP of a backend ECS instance in a VPC. By adding a DNAT entry, the Internet traffic received by the public IP is forwarded to the mapped private IP.
You have created a NAT gateway and bound EIPs to it.
Note: If you have purchased a NAT bandwidth package before 23:59, January 26, 2018, open a ticket to bind EIP to NAT Gateway.
Log on to the VPC console.
In the left-side navigation pane, click NAT Gateways.
Click the ID link of the target NAT gateway and enter the page of gateway details.
In the left-side navigation pane, click DNAT Table, and then click Create DNAT Entry.
Configure the DNAT entry according to the following information.
Configuration Description Public IP
Select a public IP to forward the Internet traffic.
Note: You cannot use the IP that is already being used in an SNAT entry.
The private IP that you want to map. You can specify the private IP in the following ways:
- Manually Input: Enter the private IP that you want to map. It must be within the private IP range of the VPC.
- Auto Fill: Select an ECS instance in the VPC from the list. The private IP of the selected ECS instance is automatically entered in the field.
For this tutorial, select Auto Fill.
DNAT supports IP mapping and port mapping. Select a mapping method:
All Ports: Select this option to configure IP mapping. Using this method, the ECS instance with the specified private IP can receive any Internet requests using any protocol on any port. This is the same as binding an EIP to the ECS instance.
You do not need to configure the public port, private port, and IP protocol when configuring IP mapping.
Specific Port: Select this option to configure port mapping. Using this method, the NAT gateway will forward data from [Private IP: Private Port] using the specified protocol to [Public IP: Public Port], and forward data from [Public IP: Public Port] using the specified protocol to [Private IP: Private Port].
You must specify the public port, private port, and IP protocol when configuring port mapping.
For this tutorial, select Specific Port, set the public port and private port to 80, and use the TCP protocol.
The status of the added DNAT entry is Configuring. Click Refresh to refresh the status. When the status is Available, the DNAT entry has been successfully added.