Life of a Packet inside AWS VPC — Part 3- NAT Gateway
📖 To view the complete course https://www.101daysofdevops.com/courses/100-days-of-aws/
➡️ You can contact me via https://linktr.ee/prashant.lakhera
🚨I want to clear up one misconception about NAT gateway. It’s a common myth with NAT, you don’t need an Internet Gateway. NAT gateway only performs IP translation. For a packet to reach the public internet, it still needs an Internet Gateway.
What is a NAT gateway?
NAT gateway is an AWS managed service that allows us to create elastic NAT translation within your VPC. Network Address Translation(NAT) service allows for resources with private IP addresses to share a single public IP address to access the internet. These applications or servers change the source IP address of packets to the NAT public IP address, which is publicly routable. This helps to send packets to the final destination. These NAT servers keep records of the private to public mapping, which allows for the same translation when traffic is returned and needs to be routed to the private address.
How NAT works
- To create a NAT, we need to provide the subnet to launch it in and an elastic IP address.
- Then update your routing table using referencing capabilities to reference the NAT gateway object.
- Traffic will flow from our private instance to VPC Router(via Route Table) to the NAT gateway.
- Once the packet reaches the NAT gateway, it performs Private to Public mapping using its own public IP.
- At this point, traffic is forwarded to the VPC router and then to the Internet Gateway and the public internet.
Features
- NAT gateway can handle traffic up to 45GBPS.
- We can have up to 5 NAT gateway per availability zone.
Creating NAT Gateway
- Go to the VPC console https://us-east-1.console.aws.amazon.com/vpc and click on NAT gateway and Create NAT gateway.
- Give your NAT gateway some meaningful name, select the subnet where you want to create it, and then allocate the Elastic IP(EIP). Click on Create NAT gateway.
- Now go to the Route table and click on Edit routes.
- Add the NAT gateway route and click on Save changes.
