If you want to use the IPv4 address of a virtual private cloud (VPC) to access the Internet, you can use an IPv4 gateway to implement routing and map private IP addresses to public IP addresses. This topic describes how to create an IPv4 gateway and configure routes to complete the preceding task.
Limits and quotas
Instances in a VPC can access the Internet only when an IPv4 gateway in the VPC is activated and routes that point to the IPv4 gateway are added to a route table of the VPC.
A VPC that uses an IPv4 gateway cannot contain elastic IP addresses (EIPs) in cut-through mode.
After you enable an IPv4 gateway for a VPC, you must configure the IPv4 gateway. Resources in the VPC cannot access the Internet until the configuration of the IPv4 gateway is complete.
Create an IPv4 gateway and associate it with a VPC
For more information about the regions that support IPv4 gateways, see Feature release and supported regions.
The IPv4 gateway can be created if it is compatible with the Internet NAT gateway in the VPC. Otherwise, the IPv4 gateway fails to be created. You can change the mode of the Internet NAT gateway to make it compatible with IPv4 gateways before you create an IPv4 gateway. For more information about how to change the mode of an Internet NAT gateway, see Change the mode of an Internet NAT gateway.
Log on to the VPC console.
In the top navigation bar, select the region where you want to create an IPv4 gateway.
In the left-side navigation pane, click IPv4 Gateway.
On the IPv4 Gateway page, click Create IPv4 Gateway.
In the Create IPv4 Gateway dialog box, set the following parameters and click Create.
Parameter
Description
Region
Displays the region where you want to create the IPv4 gateway.
VPC
Select the VPC with which you want to associate the IPv4 gateway.
Name
Enter a name for the IPv4 gateway.
Description
Enter a description for the IPv4 gateway.
On the IPv4 Gateway page, view the created IPv4 gateway.
After you create an IPv4 gateway, it is in the Available state.
Create a gateway route table and modify routes
A gateway route table is a route table associated with an IPv4 gateway. A gateway route table is used to control inbound traffic to a VPC. You can create only one gateway route table in a VPC.
Log on to the VPC console.
In the top navigation bar, select the region where you want to create a route table.
On the Route Tables page, click Create Route Table.
In the left-side navigation pane, click Route Tables.
On the Create Route Table page, set the following parameters and click OK.
Parameter
Description
Resource Group
Select the resource group to which the route table belongs.
VPC
Select the VPC to which the route table belongs.
In this example, the VPC to which the IPv4 gateway belongs is selected.
Associated Resource Type
Select the type of the resource with which you want to associate the route table.
VSwitch: The route table is associated with a vSwitch. In this case, the route table serves as a custom route table and is used to manage traffic within the vSwitch.
Border Gateway: The route table is associated with an IPv4 gateway. In this case, the route table serves as a gateway route table and is used to control traffic from the IPv4 gateway to the VPC.
In this example, Border Gateway is selected.
Name
Enter a name for the route table.
Description
Enter a description for the route table.
After the gateway route table is created, view it on the Route Tables page.
On the Route Tables page, find the gateway route table and click its ID.
On the tab, find the system route that you want to modify and click Edit in the Actions column.
In the Edit Route Entry dialog box, set the following parameters and click OK.
Parameter
Description
Destination CIDR Block
Displays the destination CIDR block of traffic. You cannot modify Destination CIDR Block.
Next Hop Type
Select the next hop type. Valid values:
Local: Traffic destined for the destination CIDR block is routed to the VPC.
ECS Instance: Traffic destined for the destination CIDR block is routed to the specified ECS instance.
ENI: Traffic destined for the destination CIDR block is routed to the specified elastic network interface (ENI).
ImportantIf the next hop type is set to ENI or ECS Instance, you must first change the next hop type to Local, change the next hop type to ENI or ECS Instance, and then change the next hop. You cannot directly change the next hop when the next hop type is set to ENI or ECS Instance.
Resource Group
Select the resource group to which the next hop belongs.
If Next Hop Type is set to ECS Instance or ENI, this parameter is required.
ECS Instance or ENI
Select an instance as the next hop.
If Next Hop Type is set to ECS Instance or ENI, you must select an instance as the next hop.
Name
Enter a new name for the route.
Description
Enter a new description for the route table.
Associate the gateway route table with the IPv4 gateway
After you create the gateway route table, associate it with the IPv4 gateway to control traffic from the IPv4 gateway to the VPC.
Log on to the VPC console.
In the top navigation bar, select the region where the IPv4 gateway is deployed.
In the left-side navigation pane, click IPv4 Gateway.
On the IPv4 Gateway page, find the IPv4 gateway that you want to manage and click its ID.
On the details page of the IPv4 gateway, click Bind in the Gateway Route Entries section.
In the Associate Route Table dialog box, select the gateway route table that you want to associate and click OK.
In the Gateway Route Entries section, the gateway route table that is associated with the IPv4 gateway is displayed in the Associated with Route Table section.
Add routes that point to the IPv4 gateway to a route table of the VPC
Instances in a VPC can access the Internet only after you add routes that point to the IPv4 gateway to a route table of the VPC.
Log on to the VPC console.
In the left-side navigation pane, click Route Tables.
On the Route Table page, find the VPC route table and click its ID.
The route table is the one that is associated with the instances that require access to the Internet through the IPv4 gateway.
On the details page of the route table, choose and click Add Route Entry.
In the Add Route Entry panel, set the following parameters and click OK.
Parameter
Description
Name
Enter a name for the custom route.
Destination CIDR Block
Enter 0.0.0.0/0.
Next Hop Type
Select IPv4 Gateway.
IPv4 Gateway
Select an IPv4 gateway from the drop-down list.
Activate the IPv4 gateway
You must enable the IPv4 gateway before it can forward traffic. Only enabled IPv4 gateways allow ECS instances in associated VPCs to access the Internet.
Log on to the VPC console.
In the top navigation bar, select the region.
In the left-side navigation pane, click IPv4 Gateway.
On the IPv4 Gateway page, find the IPv4 gateway that you want to enable and click Activate in the Actions column.
Disassociate the gateway route table that is associated with an IPv4 gateway
Log on to the VPC console.
In the top navigation bar, select the region where the IPv4 gateway is deployed.
In the left-side navigation pane, click IPv4 Gateway.
On the IPv4 Gateway page, find the IPv4 gateway that you want to manage and click its ID.
On the IPv4 gateway details page, click Replace Associated Route Table in the Gateway Route Entries section.
In the Associate Route Table dialog box, select Disassociate Route Table and click OK.
Delete an IPv4 gateway
Before you delete an IPv4 gateway from a VPC, you must disassociate the gateway route table associated with the IPv4 gateway and delete the routes that point to the IPv4 gateway from the route tables of the VPC. For more information about how to delete custom routes, see Create and manage a route table.
After you delete the IPv4 gateway, cloud resources in the VPC cannot communicate with the Internet. Proceed with caution.
Log on to the VPC console.
In the top navigation bar, select the region where the IPv4 gateway is deployed.
In the left-side navigation pane, click IPv4 Gateway.
On the IPv4 Gateway page, find the IPv4 gateway that you want to delete and click Delete in the Actions column.
In the Delete message, click OK.
More operations
Operation | Procedure |
Modify an IPv4 gateway |
|
Replace the gateway route table that is associated with an IPv4 gateway |
|
Modify a gateway route table |
|
References
CreateIpv4Gateway: creates an IPv4 gateway.
EnableVpcIpv4Gateway: activates an IPv4 gateway.
CreateRouteTable: creates a gateway route table.
AssociateRouteTableWithGateway: associates an IPv4 gateway with a gateway route table.
DissociateRouteTableFromGateway: disassociates an IPv4 gateway from a gateway route table.
DeleteIpv4Gateway: deletes an IPv4 gateway.
UpdateIpv4GatewayAttribute: modifies the information about an IPv4 gateway.
UpdateGatewayRouteTableEntryAttribute: modifies the information about a gateway route table.