Connectivity Types
There are two connectivity types in NAT Gateways.
-
Public: It is the default connectivity type. Here instances in a private subnet can connect to the internet through the public NAT Gateway. To create the public NAT gateways in a public subnet, you must associate an elastic IP address with the NAT Gateway.
You can also use a public NAT Gateway to connect to other VPCs or your on-premises network. Here, you route traffic from the NAT Gateway to the transit or virtual public gateway.
-
Private: Here, Instances in private subnets can connect to other VPCs or your on-premises network through a private NAT gateway.
Here, you can route traffic from the NAT gateway through transit or a virtual private gateway. An elastic IP address can not be associated with a private NAT gateway. However, you can attach an internet gateway to a VPC(Virtual Public Cloud) with a private NAT gateway. But the problem is that if you route traffic from the private NAT gateway to the internet gateway, the internet gateway drops the traffic.
Pricing
Charges are imposed based on the creation and usage of the NAT gateways in the user’s account. You are changed for each hour that your NAT gateway is available and each Gigabyte of data it processes.
These are the following strategies that you should follow to reduce the data transfer charges:
-
If your AWS resources transfer a significant amount of traffic across the Availability zones, ensure that the resources are in the same Availability zones as the NAT gateway. If not, create a NAT gateway in the same availability zone as the resources.
- Suppose most traffic through your NAT gateway is to AWS services that support interface endpoints or gateway endpoints. In that case, you should create an interface endpoint or gateway endpoint for these services.
Characteristics and Rules
The characteristics and rules that apply to the NAT gateways are shown below:
- A NAT gateway supports the TCP, UDP, and ICMP protocols.
- NAT gateways are supported for IPv4 and IPv6 traffic.
- It supports 5 Gbps of bandwidth and automatically scales up to 45Gbps.
- NAT gateways can process one million packets per second and automatically scales up to 4 million packets per second.
- A NAT gateway can support up to 55000 simultaneous connections to each unique destination.
- A NAT gateway can be associated with exactly one elastic IP address.
- A private NAT gateway receives an available private IP address from the subnet.
- A security group cannot be associated with a NAT gateway.
- A NAT gateway receives a network interface that is automatically assigned a private IP address from the IP address range of the subnet.
- You cannot access the NAT gateway through a ClassicLink connection associated with your VPC.
Create a NAT Gateways
These are the following steps to create a NAT Gateways in AWS:
-
Open the Amazon VPC console by clicking on https://console.aws.amazon.com/vpc/.
- In the navigation pane, select NAT Gateways.
- Select Create NAT Gateway.
- Specify the Name NAT gateway. It will create a tag where the key is Name, and the value is the specified Name.
- Choose the subnet in which to create the NAT gateway.
- Select Private for creating a private NAT gateway or Public for creating a public NAT gateway(By default, it is set to Public).
- If you have chosen the Public NAT gateway, select an Elastic IP address to associate with the NAT gateway for Elastic IP allocation ID.
- Choose Add new tag, and enter the key name and value for each tag.
- Choose Create a NAT Gateway.
Delete a NAT Gateways
These are the following steps to delete a NAT Gateways in AWS:
-
Open the Amazon VPC console by clicking on https://console.aws.amazon.com/vpc/.
- Choose NAT Gateways in the Navigation pane.
- Mark the radio button for the NAT gateway, and then choose Actions and Delete NAT gateway.
- Enter delete and then choose Delete in the prompted confirmation window.
Frequently Asked Questions
What do you mean by NAT Gateways?
The term NAT means Network Adress Translation. It is used to connect the instances in a private subnet to the services outside your VPC.
What is the difference between the NAT Gateway and Internet Gateway?
The main difference between the NAT gateway and the Internet gateway is that the NAT devices simply forward traffic from the instances in a private subnet to the internet or other AWS services and then send the response back to the instances.
While the Internet Gateway is used to allow resources in your VPC to access the internet.
Can NAT Gateways connect to the internet?
Yes, the NAT Gateway can connect to the internet.
What is the need for the Internet Gateway?
The internet gateway is used to provide internet access to the NAT gateway. But in some cases, some customers use their NAT gateways with the transit gateway or virtual private gateway to communicate privately with other VPCs or on-premises environments. In that cases, we do not need to attract an Internet gateway to their VPCs.
Conclusion
In this article, we have extensively discussed the AWS NAT Gateways.
We started this blog by giving a basic introduction, and then we discussed
- What the NAT gateway is
- Connectivity Types in NAT gateway
- Characteristics and rules of NAT gateway
- How to create a NAT gateway in AWS
-
How to delete an existing NAT gateway in AWS
We hope that this blog has helped you enhance your knowledge regarding AWS NAT Gateways and if you would like to learn more, check out our articles on AWS Data Science Certification and AWS Interview Questions. Do upvote our blog to help other ninjas grow.
Head over to our practice platform Coding Ninjas Studio to practice top problems, attempt mock tests, read interview experiences, follow our guided paths, and crack product based companies Interview Bundle.
Happy Reading!