NAT gateways support Destination Network Address Translation (DNAT). You can create DNAT entries to map public IP addresses to Elastic Compute Service (ECS) instances in a Virtual Private Cloud (VPC) network. This way, the ECS instances can receive requests from the Internet.
You can configure port mapping when you create a DNAT entry. After the DNAT entry is created, requests destined for the specified public IP address are forwarded to the ECS instances in a VPC network based on the port mapping rule.
- Public IP address: the elastic IP address (EIP) associated with the NAT gateway.
Note If your NAT service plan was purchased before January 26, 2018, static public IP addresses in the NAT service plan are used in the DNAT entry.
- Private IP address: the private IP address assigned to the ECS instance in the VPC network.
- Public port: the external port where requests from the Internet are received.
- Private port: the internal port to which the requests received on the external port are forwarded.
- Protocol type: the protocol used by the ports.
Port mapping and IP mapping
The DNAT feature supports port mapping and IP mapping:
- Port mapping
After port mapping is configured, a NAT gateway forwards requests destined for a public IP address to the specified ECS instance based on the specified protocol and ports. The following DNAT entries are used as examples:
- Entry 1: The NAT gateway forwards requests destined for TCP port 80 of ECS instance 188.8.131.52 to TCP port 80 of ECS instance 192.168.1.1.
- Entry 2: The NAT gateway forwards requests destined for UDP port 8080 of ECS instance 184.108.40.206 to UDP port 8000 of ECS instance 192.168.1.2.
DNAT entry Public IP address Public port Private IP address Private port Protocol Entry 1 220.127.116.11 80 192.168.1.1 80 TCP Entry 2 18.104.22.168 8080 192.168.1.2 8000 UDP
- IP mapping
After IP mapping is configured, a NAT gateway forwards all requests destined for a public IP address to the specified ECS instance. The following entry is used as an example:
Entry 3: The NAT gateway forwards requests destined for ECS instance 22.214.171.124 to ECS instance 192.168.1.3.
DNAT entry Public IP address Public port Private IP address Private port Protocol Entry 3 126.96.36.199 Any 192.168.1.3 Any Any