NAT Gateway

A NAT gateway enables multiple instances within a virtual private cloud (VPC) to communicate with the Internet or private networks. Custom SNAT and DNAT rules can be created to help you use network resources in a flexible manner.

Buy Internet NAT GatewayNow Buy VPC NAT Now Console Contact Sales
Benefits

Latest News

Major Release

The all-new enhanced NAT gateways offer high performance and automatic elasticity with extensive O&M features.

Learn More
Free Upgrade

You can upgrade standard NAT gateways enhanced NAT gateways for free.

Learn More
Updates

Improved accuracy of NAT gateway billing based on usage (CU capacity)

Learn More

Benefits

NAT Gateway offers high performance, automatic elasticity, and flexible billing options with extensive O&M features.

  • H71767保湿补
    High Performance

    A NAT gateway supports tens of Gbit/s of throughput and millions of connections. This meets the requirements of large-scale workloads migrated to the cloud.

  • High Reliability

    Provides reliable gateway services that support disaster recovery across data centers with automatic elasticity as the business fluctuates

  • Cost-Effectiveness

    Supports bandwidth sharing among multiple VPCs and ECS instances to reduce bandwidth costs significantly

  • Easy O&M

    The graphic console makes it easy to create custom NAT rules and provides more than 22 monitoring metrics to facilitate operations and maintenance.

Features

Public Address Translation

Flexible SNAT and DNAT management allows you to easily provide Internet access and services for instances in a VPC.

SNAT

SNAT allows multiple ECS instances in a VPC to use the same EIP to access the Internet. This prevents security risks caused by direct exposure of ECS instances to the Internet.

DNAT

DNAT allows you to open specified ports on instances in a VPC to the Internet. Multiple instances can use the same EIP to provide Internet-facing services.

Multiple EIPs

You can associate multiple EIPs with a single NAT gateway to easily implement horizontal scale-out of EIPs.

Private Address Translation

Flexible SNAT and DNAT management allows you to implement access between private networks with specified IP addresses. This effectively resolves the IP address conflicts between private networks and implements secure isolation.

SNAT

SNAT allows multiple ECS instances in a VPC to use the same private IP address to access private networks. This hides the actual IP addresses of the ECS instances, prevents IP address conflicts, and reduces the risk of direct server attacks.

DNAT

DNAT allows you to open specified ports on instances in a VPC to a connected network. Instances can use the specified private IP address to provide services.

Custom Address Translation

You can flexibly manage the private IP addresses for mutual access to meet the business requirements for mutual access with specified IP addresses.

High Performance and Elasticity

Auto Scaling

Pay-by-CU instances support auto scaling to a throughput of 15 Gbit/s at most based on your usage.

Superb Performance

Dedicated NAT gateways support a throughput capacity of 100 Gbit/s and tens of millions of concurrent connections. This effectively meets Internet access requirements of a large number of instances.

Visual Management

Multi-dimensional Metrics

Traffic metrics in multiple dimensions are displayed in a visual manner. You can set alert rules based on each metric to detect and resolve issues at the earliest opportunity.

Top ECS Instances

You can monitor and display the traffic of ECS instances. This allows you to analyze business usage and accurately find ECS instances with abnormal business traffic.

Scenarios

Scenario

For cloud-deployed services that require Internet access, usually, one ECS instance is associated with one EIP. The EIP cannot handle large numbers of requests when the workload of the ECS instance spikes. In this case, more EIPs and SNAT rules are required.

A NAT gateway allows you to add multiple EIPs to a SNAT IP address pool. When the ECS instance initiates an Internet connection request, the ECS instance randomly selects an EIP from the SNAT IP address pool to access the Internet.

Advantages

  • Supports a large number of SNAT connections

    Supports up to 2 million connections and allows you to expand the capacity to 10 million connections

  • Supports a large number of new SNAT connections

    Supports up to 100,000 new connections and allows you to expand the capacity to 1 million new connections to meet the requirements of large-scale workloads

Virtual Private Cloud

Helps you build an isolated network environment on Alibaba Cloud.

Learn More

Elastic IP Address

Provides independent public IP address resources.

Learn More

Elastic Compute Service

Provides elastic and secure virtual cloud servers to cater to all your cloud hosting needs.

Learn More

Scenario

When an enterprise expands, more than one ECS instance is necessary to provide external services. Each ECS instance is deployed with an application service, which provides services to the Internet. The ECS instances have different bandwidth requirements at different times. This may waste resources if you purchase bandwidth resources separately for each ECS instance.

In this case, you can purchase a NAT gateway to enable bandwidth sharing with multiple applications to save bandwidth costs.

Advantages

  • Supports high throughput capacity

    Supports 5 Gbit/s of throughput and allows you to expand the capacity to 100 Gbit/s of throughput to meet the requirements of large-scale Internet services

  • Provides flexible billing options

    Shared bandwidth supports flexible billing options to reduce costs further

Elastic Compute Service

Provides elastic and secure virtual cloud servers to cater to all your cloud hosting needs.

Learn More

Elastic IP Address

Provides independent public IP address resources.

Learn More

Server Load Balancer

Distributes traffic among multiple ECS instances to achieve load balancing.

Learn More

Scenario

When a business expands, different workloads deployed in the same VPC must be securely isolated from one another, and their access to the Internet must be controlled.

In this case, you can create multiple enhanced NAT gateways in the VPC to forward traffic to different destinations. You can also create different access control policies for the NAT gateways to precisely manage access to the Internet.

Advantages

  • Supports flexible and fine-grained traffic management

    Supports traffic management of individual vSwitches and ECS instances and provides various traffic monitoring metrics.

  • Supports multiple NAT gateways in one VPC

    Supports up to five NAT gateways in one VPC. You can submit a ticket to increase the quota.

Elastic Compute Service

Provides elastic and secure virtual cloud servers to cater to all your cloud hosting needs.

Learn More

Elastic IP Address

Provides independent public IP address resources.

Learn More

Server Load Balancer

Distributes traffic among multiple ECS instances to achieve load balancing.

Learn More

How It Works

Scenario

If an ECS instance in a VPC is assigned a public IP address and other ECS instances in the VPC access the Internet using the SNAT feature of NAT Gateway, the ECS instances in the VPC use different IP addresses to access the Internet.

In this case, you can create a NAT gateway for the ECS instances so they can use the same public IP address to access the Internet. The ECS instances that do not have public IP addresses in the VPC can access the Internet using SNAT.

Advantages

  • Easy to Use

    NAT Gateway provides detailed configuration guides to help you set up Internet access using one public IP address.

  • Supports a variety of scenarios

    You can configure NAT Gateway to access the Internet using the same public IP address for ECS instances associated with EIPs or ECS instances with IP address mapping configured using DNAT.

Elastic Compute Service

Provides elastic and secure virtual cloud servers to cater to all your cloud hosting needs.

Learn More

Elastic IP Address

Provides independent public IP address resources.

Learn More

Server Load Balancer

Distributes traffic among multiple ECS instances to achieve load balancing.

Learn More

How It Works

Scenario

After the merger and acquisition of enterprises, multiple branches are connected over networks. As a result, IP address conflicts are common on cloud networks and data center networks. The enterprises need a solution to effectively manage IP address conflicts. In addition, they need to implement communication between VPCs and data centers and between VPCs.

Advantages

  • IP Address Conflict Prevention

    Each enterprise is assigned a private CIDR block. They can communicate with each other based on address translation provided by NAT gateways.

  • Comprehensive Translation Rules

    Each enterprise network can access the private CIDR blocks of other enterprise networks by using SNAT, and expose services to other enterprise networks by using DNAT.

  • High Compatibility

    In addition to communication between VPCs, NAT gateways also support a hybrid cloud network architecture.

Elastic Compute Service

Provides elastic and secure virtual cloud servers to cater to all your cloud hosting needs.

Learn More

Server Load Balancer

Distributes traffic among multiple ECS instances to achieve load balancing.

Learn More

How It Works

Scenario

With the development of business, enterprises in the financial industry have gradually migrated their business to the cloud. They connect to the data centers of regulatory agencies by using leased lines. VPC NAT gateways can be deployed to manage leased line traffic. They provide NAT services to allow enterprises to provide services with specified IP addresses. This meets the compliance and regulatory requirements of enterprises. In addition, traceability before and after NAT is provided to meet the needs of regular compliance audits.

Advantages

  • Mutual Access

    Both SNAT and DNAT features are supported to implement mutual access between VPCs and data centers.

  • Security and Compliance

    Enterprises can use specified new IP addresses to communicate with a data center. This meets compliance and regulatory requirements for specific IP addresses.

  • High Reliability

    VPC NAT gateways adopt a cluster design to prevent single point of failure and meet the requirements for highly reliable interconnections.

Elastic Compute Service

Provides elastic and secure virtual cloud servers to cater to all your cloud hosting needs.

Learn More

Server Load Balancer

Distributes traffic among multiple ECS instances to achieve load balancing.

Learn More

Upgraded Support For You

1 on 1 Presale Consultation, 24/7 Technical Support, Faster Response, and More Free Tickets.

1 on 1 Presale Consultation

Consulting by experienced cloud experts.Learn More

24/7 Technical Support

Extended service time from 10 hours 5 days a week to 24/7. Learn More

6 Free Tickets per Quarter

The number of free tickets doubled from 3 to 6 per quarter. Learn More

Faster Response

Shorten after-sale response time from 36 hours to 18 hours. Learn More

Documentation and Tools

Documentation

NAT Gateway product documentation

API & SDK

NAT Gateway API & SDKs for developers

Quick Start

NAT Gateway getting started guide

FAQ

NAT Gateway FAQ