diff --git a/docs/natgw/umn/.placeholder b/docs/natgw/umn/.placeholder deleted file mode 100644 index e69de29b..00000000 diff --git a/docs/natgw/umn/ALL_META.TXT.json b/docs/natgw/umn/ALL_META.TXT.json index 4b0af9b9..4a2a3ac4 100644 --- a/docs/natgw/umn/ALL_META.TXT.json +++ b/docs/natgw/umn/ALL_META.TXT.json @@ -13,7 +13,7 @@ "uri":"en-us_topic_0086739762.html", "product_code":"nat", "code":"2", - "des":"The NAT Gateway service provides network address translation (NAT) with 20 Gbit/s of bandwidth for Elastic Cloud Servers (ECSs) and Bare Metal Servers (BMSs) in a Virtual", + "des":"NAT Gateway is a network address translation (NAT) service. It enables cloud and on-premises servers to share elastic IP addresses (EIPs) to access the Internet or to pro", "doc_type":"usermanual", "kw":"What Is NAT Gateway?,Overview,User Guide", "title":"What Is NAT Gateway?", @@ -23,7 +23,7 @@ "uri":"nat_pro_0001.html", "product_code":"nat", "code":"3", - "des":"The NAT Gateway service has the following highlights:FlexibilityA NAT gateway can be deployed flexibly across subnets and AZs. Any fault in a single AZ does not affect th", + "des":"The NAT Gateway service has the following highlights:FlexibilityA NAT gateway is deployed across subnets and across two AZs. Any fault in a single AZ does not affect the ", "doc_type":"usermanual", "kw":"Product Advantages,Overview,User Guide", "title":"Product Advantages", @@ -43,10 +43,10 @@ "uri":"en-us_topic_0086739763.html", "product_code":"nat", "code":"5", - "des":"A NAT gateway type specifies the maximum number of SNAT connections supported by a NAT gateway.An SNAT connection consists of the source IP address, source port, destinat", + "des":"NAT gateway specifications determines the maximum number of SNAT connections supported by a NAT gateway.An SNAT connection consists of the source IP address, source port,", "doc_type":"usermanual", - "kw":"NAT Gateway Types,Overview,User Guide", - "title":"NAT Gateway Types", + "kw":"NAT Gateway Specifications,Overview,User Guide", + "title":"NAT Gateway Specifications", "githuburl":"" }, { @@ -60,9 +60,19 @@ "githuburl":"" }, { - "uri":"nat_az_0000.html", + "uri":"nat_pro_0003.html", "product_code":"nat", "code":"7", + "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", + "doc_type":"usermanual", + "kw":"Using NAT Gateway with Other Services,Overview,User Guide", + "title":"Using NAT Gateway with Other Services", + "githuburl":"" + }, + { + "uri":"nat_az_0000.html", + "product_code":"nat", + "code":"8", "des":"A region and availability zone (AZ) identify the location of a data center. You can create resources in a specific region and AZ.A region is a physical data center, which", "doc_type":"usermanual", "kw":"Region and AZ,Overview,User Guide", @@ -72,8 +82,8 @@ { "uri":"nat_pro_0004.html", "product_code":"nat", - "code":"8", - "des":"An EIP can be directly accessed over the Internet. A private IP address is an IP address on a local area network (LAN) and cannot be routed through the Internet.An EIP is", + "code":"9", + "des":"EIP is a static, public IP address.An EIP can be directly accessed over the Internet. A private IP address is an IP address on a local area network (LAN) and cannot be ro", "doc_type":"usermanual", "kw":"Basic Concepts,Overview,User Guide", "title":"Basic Concepts", @@ -82,7 +92,7 @@ { "uri":"nat_qs_0000.html", "product_code":"nat", - "code":"9", + "code":"10", "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "doc_type":"usermanual", "kw":"Getting Started", @@ -92,7 +102,7 @@ { "uri":"nat_qs_0001.html", "product_code":"nat", - "code":"10", + "code":"11", "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "doc_type":"usermanual", "kw":"Using SNAT to Access the Internet", @@ -102,7 +112,7 @@ { "uri":"en-us_topic_0087895790.html", "product_code":"nat", - "code":"11", + "code":"12", "des":"If servers (ECSs and BMSs) without EIPs bound need to access the Internet, the servers can share one or more EIPs to access the Internet through a NAT gateway. This metho", "doc_type":"usermanual", "kw":"Overview,Using SNAT to Access the Internet,User Guide", @@ -112,8 +122,8 @@ { "uri":"nat_qs_0002.html", "product_code":"nat", - "code":"12", - "des":"Assign an EIP and enable your servers in a VPC to access the Internet through a NAT gateway by sharing the EIP.For details, see the Elastic IP User Guide. After you assig", + "code":"13", + "des":"Assign an EIP and enable your servers in a VPC to access the Internet through a NAT gateway by sharing the EIP.For details, see Assigning an EIP. After obtaining the EIP,", "doc_type":"usermanual", "kw":"Step 1: Assign an EIP,Using SNAT to Access the Internet,User Guide", "title":"Step 1: Assign an EIP", @@ -122,17 +132,17 @@ { "uri":"nat_qs_0003.html", "product_code":"nat", - "code":"13", - "des":"This section guides you on how to create a NAT gateway to enable your servers to access the Internet or to provide services available from the Internet.When creating a NA", + "code":"14", + "des":"This section guides you on how to create a public NAT gateway to enable your servers to access the Internet or to provide services available from the Internet.When creati", "doc_type":"usermanual", - "kw":"Step 2: Create a NAT Gateway,Using SNAT to Access the Internet,User Guide", - "title":"Step 2: Create a NAT Gateway", + "kw":"Step 2: Create a Public NAT Gateway,Using SNAT to Access the Internet,User Guide", + "title":"Step 2: Create a Public NAT Gateway", "githuburl":"" }, { "uri":"nat_qs_0004.html", "product_code":"nat", - "code":"14", + "code":"15", "des":"After a NAT gateway is created, add SNAT rules. With an SNAT rule, your servers in a specified subnet can access the Internet by sharing the same EIP.Each SNAT rule is co", "doc_type":"usermanual", "kw":"Step 3: Add an SNAT Rule,Using SNAT to Access the Internet,User Guide", @@ -142,8 +152,8 @@ { "uri":"nat_qs_0005.html", "product_code":"nat", - "code":"15", - "des":"After you add an SNAT rule to a NAT gateway, you can verify that the SNAT rule has been added successfully.An SNAT rule has been added.Log in to the management console.Cl", + "code":"16", + "des":"After adding an SNAT rule, you can perform the following steps to verify the connection:Verify that the SNAT rule has been added for the public NAT gateway.Verify that se", "doc_type":"usermanual", "kw":"Step 4: Verify the Result,Using SNAT to Access the Internet,User Guide", "title":"Step 4: Verify the Result", @@ -152,7 +162,7 @@ { "uri":"nat_qs_0006.html", "product_code":"nat", - "code":"16", + "code":"17", "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "doc_type":"usermanual", "kw":"Using DNAT to Provide Services Accessible from the Internet", @@ -162,7 +172,7 @@ { "uri":"nat_qs_0007.html", "product_code":"nat", - "code":"17", + "code":"18", "des":"When one or more servers (ECSs and BMSs) in a VPC are required to provide services accessible from the Internet, you can add DNAT rules. Figure 1 illustrates the process.", "doc_type":"usermanual", "kw":"Overview,Using DNAT to Provide Services Accessible from the Internet,User Guide", @@ -172,8 +182,8 @@ { "uri":"nat_qs_0008.html", "product_code":"nat", - "code":"18", - "des":"Assign an EIP and enable servers in a VPC to provide services accessible from the Internet using a NAT gateway by sharing the EIP.For details, see the Elastic IP User Gui", + "code":"19", + "des":"Assign an EIP and enable servers in a VPC to provide services accessible from the Internet using a NAT gateway by sharing the EIP.For details, see Assigning an EIP. After", "doc_type":"usermanual", "kw":"Step 1: Assign an EIP,Using DNAT to Provide Services Accessible from the Internet,User Guide", "title":"Step 1: Assign an EIP", @@ -182,17 +192,17 @@ { "uri":"nat_qs_0009.html", "product_code":"nat", - "code":"19", - "des":"This section guides you on how to create a NAT gateway to enable your servers to access the Internet or to provide services available from the Internet.When creating a NA", + "code":"20", + "des":"This section guides you on how to create a public NAT gateway to enable your servers to access the Internet or to provide services available from the Internet.When creati", "doc_type":"usermanual", - "kw":"Step 2: Create a NAT Gateway,Using DNAT to Provide Services Accessible from the Internet,User Guide", - "title":"Step 2: Create a NAT Gateway", + "kw":"Step 2: Create a Public NAT Gateway,Using DNAT to Provide Services Accessible from the Internet,User", + "title":"Step 2: Create a Public NAT Gateway", "githuburl":"" }, { "uri":"nat_qs_0010.html", "product_code":"nat", - "code":"20", + "code":"21", "des":"After a NAT gateway is created, you can add DNAT rules to allow servers in your VPC to provide services accessible from the Internet.You can configure a DNAT rule for eac", "doc_type":"usermanual", "kw":"Step 3: Add a DNAT Rule,Using DNAT to Provide Services Accessible from the Internet,User Guide", @@ -202,8 +212,8 @@ { "uri":"nat_qs_0011.html", "product_code":"nat", - "code":"21", - "des":"After you add a DNAT rule to a NAT gateway, you can verify that the DNAT rule has been added successfully.A DNAT rule has been added.Log in to the management console.Clic", + "code":"22", + "des":"After adding a DNAT rule, you can perform the following steps to verify the connection:Verify that the DNAT rule has been added for the public NAT gateway.Check whether E", "doc_type":"usermanual", "kw":"Step 4: Verify the Result,Using DNAT to Provide Services Accessible from the Internet,User Guide", "title":"Step 4: Verify the Result", @@ -212,127 +222,137 @@ { "uri":"nat_qs_0012.html", "product_code":"nat", - "code":"22", + "code":"23", "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "doc_type":"usermanual", - "kw":"Using SNAT and DNAT Rules to Allow On-premises Servers to Communicate Over the Internet", - "title":"Using SNAT and DNAT Rules to Allow On-premises Servers to Communicate Over the Internet", + "kw":"Allowing On-Premises Servers to Communicate with the Internet", + "title":"Allowing On-Premises Servers to Communicate with the Internet", "githuburl":"" }, { "uri":"nat_qs_0013.html", "product_code":"nat", - "code":"23", + "code":"24", "des":"If servers in your data center need to access the Internet or to provide services accessible from the Internet, NAT Gateway provides you with high-quality network service", "doc_type":"usermanual", - "kw":"Overview,Using SNAT and DNAT Rules to Allow On-premises Servers to Communicate Over the Internet,Use", + "kw":"Overview,Allowing On-Premises Servers to Communicate with the Internet,User Guide", "title":"Overview", "githuburl":"" }, { "uri":"nat_qs_0014.html", "product_code":"nat", - "code":"24", + "code":"25", "des":"Create a Direct Connect connection for connecting a VPC to your data center before enabling your servers in the data center to access the Internet or to provide services ", "doc_type":"usermanual", - "kw":"Step 1: Create a Direct Connect Connection,Using SNAT and DNAT Rules to Allow On-premises Servers to", + "kw":"Step 1: Create a Direct Connect Connection,Allowing On-Premises Servers to Communicate with the Inte", "title":"Step 1: Create a Direct Connect Connection", "githuburl":"" }, { "uri":"nat_qs_0015.html", "product_code":"nat", - "code":"25", - "des":"You can assign an EIP, which can work together with a NAT gateway to allow servers that are connected to public cloud system using Direct Connect or VPN to access the Int", + "code":"26", + "des":"You can assign an EIP, which can work together with a NAT gateway to allow servers that are connected to a public cloud system using Direct Connect or VPN to access the I", "doc_type":"usermanual", - "kw":"Step 2: Assign an EIP,Using SNAT and DNAT Rules to Allow On-premises Servers to Communicate Over the", + "kw":"Step 2: Assign an EIP,Allowing On-Premises Servers to Communicate with the Internet,User Guide", "title":"Step 2: Assign an EIP", "githuburl":"" }, { "uri":"nat_qs_0016.html", "product_code":"nat", - "code":"26", - "des":"This section guides you on how to create a NAT gateway to enable your servers to access the Internet or to provide services available from the Internet.When creating a NA", + "code":"27", + "des":"This section guides you on how to create a public NAT gateway to enable your servers to access the Internet or to provide services available from the Internet.When creati", "doc_type":"usermanual", - "kw":"Step 3: Create a NAT Gateway,Using SNAT and DNAT Rules to Allow On-premises Servers to Communicate O", - "title":"Step 3: Create a NAT Gateway", + "kw":"Step 3: Create a Public NAT Gateway,Allowing On-Premises Servers to Communicate with the Internet,Us", + "title":"Step 3: Create a Public NAT Gateway", "githuburl":"" }, { "uri":"nat_qs_0017.html", "product_code":"nat", - "code":"27", + "code":"28", "des":"After a NAT gateway is created, you can add SNAT rules for it. With SNAT rules, servers that are connected to a VPC using Direct Connect can access the Internet by sharin", "doc_type":"usermanual", - "kw":"Step 4: Add an SNAT Rule,Using SNAT and DNAT Rules to Allow On-premises Servers to Communicate Over ", + "kw":"Step 4: Add an SNAT Rule,Allowing On-Premises Servers to Communicate with the Internet,User Guide", "title":"Step 4: Add an SNAT Rule", "githuburl":"" }, { "uri":"nat_qs_0018.html", "product_code":"nat", - "code":"28", + "code":"29", "des":"After a NAT gateway is created, you can add DNAT rules to allow servers in your on-premises data center to provide services accessible from the Internet.You can configure", "doc_type":"usermanual", - "kw":"Step 5: Add a DNAT Rule,Using SNAT and DNAT Rules to Allow On-premises Servers to Communicate Over t", + "kw":"Step 5: Add a DNAT Rule,Allowing On-Premises Servers to Communicate with the Internet,User Guide", "title":"Step 5: Add a DNAT Rule", "githuburl":"" }, { "uri":"nat_nat_0000.html", "product_code":"nat", - "code":"29", + "code":"30", "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "doc_type":"usermanual", "kw":"Managing NAT Gateways", "title":"Managing NAT Gateways", "githuburl":"" }, + { + "uri":"en-us_topic_0000001557248825.html", + "product_code":"nat", + "code":"31", + "des":"A public NAT gateway enables cloud and on-premises servers in a private subnet to access the Internet or provide services accessible from the Internet. Cloud servers are ", + "doc_type":"usermanual", + "kw":"Public NAT Gateway Overview,Managing NAT Gateways,User Guide", + "title":"Public NAT Gateway Overview", + "githuburl":"" + }, { "uri":"en-us_topic_0150270259.html", "product_code":"nat", - "code":"30", - "des":"This section guides you on how to create a NAT gateway to enable your servers to access the Internet or to provide services available from the Internet.When creating a NA", + "code":"32", + "des":"This section guides you on how to create a public NAT gateway to enable your servers to access the Internet or to provide services available from the Internet.When creati", "doc_type":"usermanual", - "kw":"Creating a NAT Gateway,Managing NAT Gateways,User Guide", - "title":"Creating a NAT Gateway", + "kw":"Creating a Public NAT Gateway,Managing NAT Gateways,User Guide", + "title":"Creating a Public NAT Gateway", "githuburl":"" }, { "uri":"nat_nat_0001.html", "product_code":"nat", - "code":"31", + "code":"33", "des":"After a NAT gateway is created, you can view details about the NAT gateway.A NAT gateway has been created.Log in to the management console.Click in the upper left corner", "doc_type":"usermanual", - "kw":"Viewing a NAT Gateway,Managing NAT Gateways,User Guide", - "title":"Viewing a NAT Gateway", + "kw":"Viewing a Public NAT Gateway,Managing NAT Gateways,User Guide", + "title":"Viewing a Public NAT Gateway", "githuburl":"" }, { "uri":"nat_01_0001.html", "product_code":"nat", - "code":"32", - "des":"This section describes how to modify the name, type, or description of a NAT gateway.Increasing the size of the NAT gateway type does not affect services, but if you swit", + "code":"34", + "des":"This section describes how to modify the name, specifications, or description of a NAT gateway.Using a public NAT gateway of more robust specifications does not affect se", "doc_type":"usermanual", - "kw":"Modifying a NAT Gateway,Managing NAT Gateways,User Guide", - "title":"Modifying a NAT Gateway", + "kw":"Modifying a Public NAT Gateway,Managing NAT Gateways,User Guide", + "title":"Modifying a Public NAT Gateway", "githuburl":"" }, { "uri":"nat_nat_0002.html", "product_code":"nat", - "code":"33", + "code":"35", "des":"You can delete NAT gateways to release resources, saving costs.All SNAT rules created on the NAT gateway have been deleted.Log in to the management console.Click in the ", "doc_type":"usermanual", - "kw":"Deleting a NAT Gateway,Managing NAT Gateways,User Guide", - "title":"Deleting a NAT Gateway", + "kw":"Deleting a Public NAT Gateway,Managing NAT Gateways,User Guide", + "title":"Deleting a Public NAT Gateway", "githuburl":"" }, { "uri":"nat_snat_0000.html", "product_code":"nat", - "code":"34", + "code":"36", "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "doc_type":"usermanual", "kw":"Managing SNAT Rules", @@ -342,7 +362,7 @@ { "uri":"en-us_topic_0127489529.html", "product_code":"nat", - "code":"35", + "code":"37", "des":"After a NAT gateway is created, add SNAT rules. With the SNAT rule, servers in a VPC subnet or servers that are connected to a VPC through Direct Connect or VPN can acces", "doc_type":"usermanual", "kw":"Adding an SNAT Rule,Managing SNAT Rules,User Guide", @@ -352,17 +372,27 @@ { "uri":"nat_snat_0001.html", "product_code":"nat", - "code":"36", + "code":"38", "des":"After you add an SNAT rule to a NAT gateway, you can view the details about the SNAT rule.An SNAT rule has been added.Log in to the management console.Click in the upper", "doc_type":"usermanual", "kw":"Viewing an SNAT Rule,Managing SNAT Rules,User Guide", "title":"Viewing an SNAT Rule", "githuburl":"" }, + { + "uri":"nat_snat_0002.html", + "product_code":"nat", + "code":"39", + "des":"After an SNAT rule is added, you can modify parameters in the SNAT rule as required.An SNAT rule has been added for the NAT gateway.Log in to the management console.Click", + "doc_type":"usermanual", + "kw":"Modifying an SNAT Rule,Managing SNAT Rules,User Guide", + "title":"Modifying an SNAT Rule", + "githuburl":"" + }, { "uri":"nat_snat_0003.html", "product_code":"nat", - "code":"37", + "code":"40", "des":"Delete the SNAT rules that you no longer need.An SNAT rule has been added for the NAT gateway.Log in to the management console.Click in the upper left corner and select ", "doc_type":"usermanual", "kw":"Deleting an SNAT Rule,Managing SNAT Rules,User Guide", @@ -372,7 +402,7 @@ { "uri":"nat_dnat_0000.html", "product_code":"nat", - "code":"38", + "code":"41", "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "doc_type":"usermanual", "kw":"Managing DNAT Rules", @@ -382,7 +412,7 @@ { "uri":"en-us_topic_0127489530.html", "product_code":"nat", - "code":"39", + "code":"42", "des":"After a NAT gateway is created, you can add DNAT rules to allow servers in your VPC to provide services accessible from the Internet.You can configure only one DNAT rule ", "doc_type":"usermanual", "kw":"Adding a DNAT Rule,Managing DNAT Rules,User Guide", @@ -392,17 +422,27 @@ { "uri":"nat_dnat_0001.html", "product_code":"nat", - "code":"40", + "code":"43", "des":"After you add a DNAT rule to a NAT gateway, you can view the details about the DNAT rule.A DNAT rule has been added.Log in to the management console.Click in the upper l", "doc_type":"usermanual", "kw":"Viewing a DNAT Rule,Managing DNAT Rules,User Guide", "title":"Viewing a DNAT Rule", "githuburl":"" }, + { + "uri":"nat_dnat_0002.html", + "product_code":"nat", + "code":"44", + "des":"After a DNAT rule is added, you can modify parameters in the DNAT rule as required.A DNAT rule has been added for the NAT gateway.Log in to the management console.Click ", + "doc_type":"usermanual", + "kw":"Modifying a DNAT Rule,Managing DNAT Rules,User Guide", + "title":"Modifying a DNAT Rule", + "githuburl":"" + }, { "uri":"nat_dnat_0003.html", "product_code":"nat", - "code":"41", + "code":"45", "des":"Delete a DNAT rule that you no longer need.A DNAT rule has been added for the NAT gateway.Log in to the management console.Click in the upper left corner and select the ", "doc_type":"usermanual", "kw":"Deleting a DNAT Rule,Managing DNAT Rules,User Guide", @@ -412,7 +452,7 @@ { "uri":"nat_tag_0000.html", "product_code":"nat", - "code":"42", + "code":"46", "des":"A NAT gateway tag identifies the NAT gateway. Tags can be added to NAT gateways to facilitate NAT gateway identification and administration. You can add a tag to a NAT ga", "doc_type":"usermanual", "kw":"Managing NAT Gateway Tags,User Guide", @@ -422,7 +462,7 @@ { "uri":"nat_ces_0001.html", "product_code":"nat", - "code":"43", + "code":"47", "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "doc_type":"usermanual", "kw":"Monitoring Management", @@ -432,7 +472,7 @@ { "uri":"nat_ces_0002.html", "product_code":"nat", - "code":"44", + "code":"48", "des":"This section describes metrics reported by NAT Gateway to Cloud Eye as well as their namespaces, monitoring metrics, and dimensions. You can use the management console or", "doc_type":"usermanual", "kw":"Supported Metrics,Monitoring Management,User Guide", @@ -442,7 +482,7 @@ { "uri":"en-us_topic_0113772081.html", "product_code":"nat", - "code":"45", + "code":"49", "des":"You can set NAT gateway alarm rules to customize the monitored objects and notification policies. Then, you can learn NAT gateway running status in a timely manner.Log in", "doc_type":"usermanual", "kw":"Creating Alarm Rules,Monitoring Management,User Guide", @@ -452,8 +492,8 @@ { "uri":"nat_ces_0003.html", "product_code":"nat", - "code":"46", - "des":"The NAT gateway is running properly and SNAT rules have been created.It can take a period of time to obtain and transfer the monitoring data. Therefore, wait for a while ", + "code":"50", + "des":"The NAT gateway is running properly and SNAT rules have been created.It can take a period of time to obtain and transfer the monitoring data. Wait for a while and then ch", "doc_type":"usermanual", "kw":"Viewing Metrics,Monitoring Management,User Guide", "title":"Viewing Metrics", @@ -462,7 +502,7 @@ { "uri":"nat_faq_0000.html", "product_code":"nat", - "code":"47", + "code":"51", "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "doc_type":"usermanual", "kw":"FAQs", @@ -472,7 +512,7 @@ { "uri":"nat_faq_0100.html", "product_code":"nat", - "code":"48", + "code":"52", "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "doc_type":"usermanual", "kw":"NAT Gateway", @@ -482,17 +522,17 @@ { "uri":"nat_faq_0003.html", "product_code":"nat", - "code":"49", - "des":"A VPC is a secure, isolated, logical network environment.A NAT gateway enables ECSs in the VPC to access the Internet.EIP is a service that provides valid static IP addre", + "code":"53", + "des":"A VPC is a secure, isolated, logical network environment.The NAT gateway enables ECSs in the VPC to access the Internet.EIP is a service that provides valid static IP add", "doc_type":"usermanual", - "kw":"What Is the Relationship Between a VPC, NAT Gateway, EIP Bandwidth, and ECS?,NAT Gateway,User Guide", - "title":"What Is the Relationship Between a VPC, NAT Gateway, EIP Bandwidth, and ECS?", + "kw":"What Is the Relationship Between a VPC and a NAT Gateway, EIP Bandwidth, and ECSs in the VPC?,NAT Ga", + "title":"What Is the Relationship Between a VPC and a NAT Gateway, EIP Bandwidth, and ECSs in the VPC?", "githuburl":"" }, { "uri":"nat_faq_0004.html", "product_code":"nat", - "code":"50", + "code":"54", "des":"The backend of a NAT gateway supports automatic disaster recovery through hot standby, thereby reducing risks and improving availability.", "doc_type":"usermanual", "kw":"How Does A NAT Gateway Offer High Availability?,NAT Gateway,User Guide", @@ -502,17 +542,37 @@ { "uri":"nat_faq_0013.html", "product_code":"nat", - "code":"51", - "des":"A NAT gateway provides SNAT and DNAT, so multiple ECSs can share an EIP.An ECS can also have an EIP bound to it. The EIP does not have to be shared.If both SNAT and EIP a", + "code":"55", + "des":"The NAT gateway provides the SNAT and DNAT functions, allowing multiple ECSs to share one EIP.The ECS that has an EIP bound is exclusively using the IP address.If both SN", "doc_type":"usermanual", - "kw":"What Are the Differences Between Using a NAT Gateway and Using an EIP for an ECS?,NAT Gateway,User G", - "title":"What Are the Differences Between Using a NAT Gateway and Using an EIP for an ECS?", + "kw":"For an ECS, Is There Any Difference Between Using a NAT Gateway and Directly Having an EIP Bound?,NA", + "title":"For an ECS, Is There Any Difference Between Using a NAT Gateway and Directly Having an EIP Bound?", + "githuburl":"" + }, + { + "uri":"nat_faq_0011.html", + "product_code":"nat", + "code":"56", + "des":"If your server cannot access the Internet through a NAT gateway, you may have configured the VPC route table incorrectly. Perform the following steps to reset the route t", + "doc_type":"usermanual", + "kw":"What Should I Do If I Fail to Access the Internet Through a NAT Gateway?,NAT Gateway,User Guide", + "title":"What Should I Do If I Fail to Access the Internet Through a NAT Gateway?", + "githuburl":"" + }, + { + "uri":"nat_faq_0018.html", + "product_code":"nat", + "code":"57", + "des":"No.You can select a VPC when creating a NAT gateway and cannot change the VPC for the NAT gateway after it is created.", + "doc_type":"usermanual", + "kw":"Can I Change the VPC for a NAT Gateway After It Is Created?,NAT Gateway,User Guide", + "title":"Can I Change the VPC for a NAT Gateway After It Is Created?", "githuburl":"" }, { "uri":"nat_faq_0010.html", "product_code":"nat", - "code":"52", + "code":"58", "des":"Quotas are enforced for service resources on the platform to prevent unforeseen spikes in resource usage. Quotas can limit the number or amount of resources available to ", "doc_type":"usermanual", "kw":"What Is the Quota of the NAT Gateway?,NAT Gateway,User Guide", @@ -522,17 +582,37 @@ { "uri":"nat_faq_0005.html", "product_code":"nat", - "code":"53", - "des":"NAT gateways can be updated. SNAT rules cannot be updated.", + "code":"59", + "des":"NAT gateways can be updated, and SNAT rules cannot be updated.", "doc_type":"usermanual", "kw":"Do the NAT Gateway and SNAT Rule Support the Update Operation?,NAT Gateway,User Guide", "title":"Do the NAT Gateway and SNAT Rule Support the Update Operation?", "githuburl":"" }, + { + "uri":"nat_faq_0020.html", + "product_code":"nat", + "code":"60", + "des":"You can configure security groups and firewalls to implement access control.A security group is a collection of access control rules for ECSs that have the same security ", + "doc_type":"usermanual", + "kw":"What Security Policies Can I Configure to Implement Access Control If I Use the NAT Gateway Service?", + "title":"What Security Policies Can I Configure to Implement Access Control If I Use the NAT Gateway Service?", + "githuburl":"" + }, + { + "uri":"nat_faq_0021.html", + "product_code":"nat", + "code":"61", + "des":"You have bought a public NAT gateway and added SNAT and DNAT rules, but your servers cannot access the Internet or provide services accessible from the Internet. Whether ", + "doc_type":"usermanual", + "kw":"What Can I Do If Connection Between My Servers and the Internet Fails After I Add SNAT and DNAT Rule", + "title":"What Can I Do If Connection Between My Servers and the Internet Fails After I Add SNAT and DNAT Rules?", + "githuburl":"" + }, { "uri":"nat_faq_0200.html", "product_code":"nat", - "code":"54", + "code":"62", "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "doc_type":"usermanual", "kw":"SNAT", @@ -542,7 +622,7 @@ { "uri":"nat_faq_001.html", "product_code":"nat", - "code":"55", + "code":"63", "des":"Besides requiring services provided by the system, some ECSs also need to access the Internet to obtain information or download software. However, assigning a public IP a", "doc_type":"usermanual", "kw":"Why Is SNAT Used?,SNAT,User Guide", @@ -552,17 +632,57 @@ { "uri":"nat_faq_0002.html", "product_code":"nat", - "code":"56", - "des":"An SNAT connection consists of the source IP address, source port, destination IP address, destination port, and transmission-layer protocol. These five elements identify", + "code":"64", + "des":"An SNAT connection consists of the source IP address, source port, destination IP address, destination port, and a transport layer protocol. These five elements identify ", "doc_type":"usermanual", "kw":"What Are SNAT Connections?,SNAT,User Guide", "title":"What Are SNAT Connections?", "githuburl":"" }, + { + "uri":"nat_faq_0009.html", + "product_code":"nat", + "code":"65", + "des":"NAT Gateway SNAT translates a private IP address to a public IP address by binding EIPs to servers in a VPC. When a server accesses the Internet through the NAT gateway, ", + "doc_type":"usermanual", + "kw":"What Is the Bandwidth of the NAT Gateway When a Server Accesses the Internet Through the NAT Gateway", + "title":"What Is the Bandwidth of the NAT Gateway When a Server Accesses the Internet Through the NAT Gateway? Where Can I Configure the Bandwidth?", + "githuburl":"" + }, + { + "uri":"nat_faq_0016.html", + "product_code":"nat", + "code":"66", + "des":"If packet loss or connection failures occur on a server that uses the NAT gateway to access the Internet, you can check the SNAT connections on the Cloud Eye console. If ", + "doc_type":"usermanual", + "kw":"How Do I Resolve Packet Loss or Connection Failure Issues When Using a NAT Gateway?,SNAT,User Guide", + "title":"How Do I Resolve Packet Loss or Connection Failure Issues When Using a NAT Gateway?", + "githuburl":"" + }, + { + "uri":"nat_faq_0017.html", + "product_code":"nat", + "code":"67", + "des":"If your TCP connection fails when your ECS is accessing a server on the public network through an SNAT rule, perform the following steps:Run the following command to chec", + "doc_type":"usermanual", + "kw":"What Should I Do If the Remote Server Fails to Be Accessed Through the NAT Gateway?,SNAT,User Guide", + "title":"What Should I Do If the Remote Server Fails to Be Accessed Through the NAT Gateway?", + "githuburl":"" + }, + { + "uri":"nat_faq_0015.html", + "product_code":"nat", + "code":"68", + "des":"When creating a NAT gateway, you must specify the VPC and subnet CIDR block for the NAT gateway. This CIDR block can only be used by the system.When you are creating an S", + "doc_type":"usermanual", + "kw":"What Are the Relationships and Differences Between the CIDR Blocks in a NAT Gateway and in an SNAT R", + "title":"What Are the Relationships and Differences Between the CIDR Blocks in a NAT Gateway and in an SNAT Rule?", + "githuburl":"" + }, { "uri":"nat_faq_0300.html", "product_code":"nat", - "code":"57", + "code":"69", "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "doc_type":"usermanual", "kw":"DNAT", @@ -572,8 +692,8 @@ { "uri":"nat_faq_0006.html", "product_code":"nat", - "code":"58", - "des":"DNAT enables servers in a VPC to share an EIP to provide services accessible from the Internet through IP address mapping or port mapping.", + "code":"70", + "des":"DNAT enables servers in a VPC to share an EIP to provide services accessible from the Internet. For details, see Adding a DNAT Rule.", "doc_type":"usermanual", "kw":"Why Is DNAT Used?,DNAT,User Guide", "title":"Why Is DNAT Used?", @@ -582,7 +702,7 @@ { "uri":"nat_faq_0007.html", "product_code":"nat", - "code":"59", + "code":"71", "des":"You can modify DNAT rules.", "doc_type":"usermanual", "kw":"Can I Modify DNAT Rules?,DNAT,User Guide", @@ -592,7 +712,7 @@ { "uri":"nat_his_0001.html", "product_code":"nat", - "code":"60", + "code":"72", "des":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "doc_type":"usermanual", "kw":"Change History,User Guide", @@ -602,7 +722,7 @@ { "uri":"nat_gls_0000.html", "product_code":"nat", - "code":"61", + "code":"73", "des":"For details about the terms involved in this document, see Glossary.", "doc_type":"usermanual", "kw":"Glossary,User Guide", diff --git a/docs/natgw/umn/CLASS.TXT.json b/docs/natgw/umn/CLASS.TXT.json index 7e172b68..e56ed96d 100644 --- a/docs/natgw/umn/CLASS.TXT.json +++ b/docs/natgw/umn/CLASS.TXT.json @@ -9,7 +9,7 @@ "code":"1" }, { - "desc":"The NAT Gateway service provides network address translation (NAT) with 20 Gbit/s of bandwidth for Elastic Cloud Servers (ECSs) and Bare Metal Servers (BMSs) in a Virtual", + "desc":"NAT Gateway is a network address translation (NAT) service. It enables cloud and on-premises servers to share elastic IP addresses (EIPs) to access the Internet or to pro", "product_code":"nat", "title":"What Is NAT Gateway?", "uri":"en-us_topic_0086739762.html", @@ -18,7 +18,7 @@ "code":"2" }, { - "desc":"The NAT Gateway service has the following highlights:FlexibilityA NAT gateway can be deployed flexibly across subnets and AZs. Any fault in a single AZ does not affect th", + "desc":"The NAT Gateway service has the following highlights:FlexibilityA NAT gateway is deployed across subnets and across two AZs. Any fault in a single AZ does not affect the ", "product_code":"nat", "title":"Product Advantages", "uri":"nat_pro_0001.html", @@ -36,9 +36,9 @@ "code":"4" }, { - "desc":"A NAT gateway type specifies the maximum number of SNAT connections supported by a NAT gateway.An SNAT connection consists of the source IP address, source port, destinat", + "desc":"NAT gateway specifications determines the maximum number of SNAT connections supported by a NAT gateway.An SNAT connection consists of the source IP address, source port,", "product_code":"nat", - "title":"NAT Gateway Types", + "title":"NAT Gateway Specifications", "uri":"en-us_topic_0086739763.html", "doc_type":"usermanual", "p_code":"1", @@ -53,6 +53,15 @@ "p_code":"1", "code":"6" }, + { + "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", + "product_code":"nat", + "title":"Using NAT Gateway with Other Services", + "uri":"nat_pro_0003.html", + "doc_type":"usermanual", + "p_code":"1", + "code":"7" + }, { "desc":"A region and availability zone (AZ) identify the location of a data center. You can create resources in a specific region and AZ.A region is a physical data center, which", "product_code":"nat", @@ -60,16 +69,16 @@ "uri":"nat_az_0000.html", "doc_type":"usermanual", "p_code":"1", - "code":"7" + "code":"8" }, { - "desc":"An EIP can be directly accessed over the Internet. A private IP address is an IP address on a local area network (LAN) and cannot be routed through the Internet.An EIP is", + "desc":"EIP is a static, public IP address.An EIP can be directly accessed over the Internet. A private IP address is an IP address on a local area network (LAN) and cannot be ro", "product_code":"nat", "title":"Basic Concepts", "uri":"nat_pro_0004.html", "doc_type":"usermanual", "p_code":"1", - "code":"8" + "code":"9" }, { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", @@ -78,7 +87,7 @@ "uri":"nat_qs_0000.html", "doc_type":"usermanual", "p_code":"", - "code":"9" + "code":"10" }, { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", @@ -86,8 +95,8 @@ "title":"Using SNAT to Access the Internet", "uri":"nat_qs_0001.html", "doc_type":"usermanual", - "p_code":"9", - "code":"10" + "p_code":"10", + "code":"11" }, { "desc":"If servers (ECSs and BMSs) without EIPs bound need to access the Internet, the servers can share one or more EIPs to access the Internet through a NAT gateway. This metho", @@ -95,26 +104,26 @@ "title":"Overview", "uri":"en-us_topic_0087895790.html", "doc_type":"usermanual", - "p_code":"10", - "code":"11" + "p_code":"11", + "code":"12" }, { - "desc":"Assign an EIP and enable your servers in a VPC to access the Internet through a NAT gateway by sharing the EIP.For details, see the Elastic IP User Guide. After you assig", + "desc":"Assign an EIP and enable your servers in a VPC to access the Internet through a NAT gateway by sharing the EIP.For details, see Assigning an EIP. After obtaining the EIP,", "product_code":"nat", "title":"Step 1: Assign an EIP", "uri":"nat_qs_0002.html", "doc_type":"usermanual", - "p_code":"10", - "code":"12" + "p_code":"11", + "code":"13" }, { - "desc":"This section guides you on how to create a NAT gateway to enable your servers to access the Internet or to provide services available from the Internet.When creating a NA", + "desc":"This section guides you on how to create a public NAT gateway to enable your servers to access the Internet or to provide services available from the Internet.When creati", "product_code":"nat", - "title":"Step 2: Create a NAT Gateway", + "title":"Step 2: Create a Public NAT Gateway", "uri":"nat_qs_0003.html", "doc_type":"usermanual", - "p_code":"10", - "code":"13" + "p_code":"11", + "code":"14" }, { "desc":"After a NAT gateway is created, add SNAT rules. With an SNAT rule, your servers in a specified subnet can access the Internet by sharing the same EIP.Each SNAT rule is co", @@ -122,17 +131,17 @@ "title":"Step 3: Add an SNAT Rule", "uri":"nat_qs_0004.html", "doc_type":"usermanual", - "p_code":"10", - "code":"14" + "p_code":"11", + "code":"15" }, { - "desc":"After you add an SNAT rule to a NAT gateway, you can verify that the SNAT rule has been added successfully.An SNAT rule has been added.Log in to the management console.Cl", + "desc":"After adding an SNAT rule, you can perform the following steps to verify the connection:Verify that the SNAT rule has been added for the public NAT gateway.Verify that se", "product_code":"nat", "title":"Step 4: Verify the Result", "uri":"nat_qs_0005.html", "doc_type":"usermanual", - "p_code":"10", - "code":"15" + "p_code":"11", + "code":"16" }, { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", @@ -140,8 +149,8 @@ "title":"Using DNAT to Provide Services Accessible from the Internet", "uri":"nat_qs_0006.html", "doc_type":"usermanual", - "p_code":"9", - "code":"16" + "p_code":"10", + "code":"17" }, { "desc":"When one or more servers (ECSs and BMSs) in a VPC are required to provide services accessible from the Internet, you can add DNAT rules. Figure 1 illustrates the process.", @@ -149,26 +158,26 @@ "title":"Overview", "uri":"nat_qs_0007.html", "doc_type":"usermanual", - "p_code":"16", - "code":"17" + "p_code":"17", + "code":"18" }, { - "desc":"Assign an EIP and enable servers in a VPC to provide services accessible from the Internet using a NAT gateway by sharing the EIP.For details, see the Elastic IP User Gui", + "desc":"Assign an EIP and enable servers in a VPC to provide services accessible from the Internet using a NAT gateway by sharing the EIP.For details, see Assigning an EIP. After", "product_code":"nat", "title":"Step 1: Assign an EIP", "uri":"nat_qs_0008.html", "doc_type":"usermanual", - "p_code":"16", - "code":"18" + "p_code":"17", + "code":"19" }, { - "desc":"This section guides you on how to create a NAT gateway to enable your servers to access the Internet or to provide services available from the Internet.When creating a NA", + "desc":"This section guides you on how to create a public NAT gateway to enable your servers to access the Internet or to provide services available from the Internet.When creati", "product_code":"nat", - "title":"Step 2: Create a NAT Gateway", + "title":"Step 2: Create a Public NAT Gateway", "uri":"nat_qs_0009.html", "doc_type":"usermanual", - "p_code":"16", - "code":"19" + "p_code":"17", + "code":"20" }, { "desc":"After a NAT gateway is created, you can add DNAT rules to allow servers in your VPC to provide services accessible from the Internet.You can configure a DNAT rule for eac", @@ -176,26 +185,26 @@ "title":"Step 3: Add a DNAT Rule", "uri":"nat_qs_0010.html", "doc_type":"usermanual", - "p_code":"16", - "code":"20" + "p_code":"17", + "code":"21" }, { - "desc":"After you add a DNAT rule to a NAT gateway, you can verify that the DNAT rule has been added successfully.A DNAT rule has been added.Log in to the management console.Clic", + "desc":"After adding a DNAT rule, you can perform the following steps to verify the connection:Verify that the DNAT rule has been added for the public NAT gateway.Check whether E", "product_code":"nat", "title":"Step 4: Verify the Result", "uri":"nat_qs_0011.html", "doc_type":"usermanual", - "p_code":"16", - "code":"21" + "p_code":"17", + "code":"22" }, { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", "product_code":"nat", - "title":"Using SNAT and DNAT Rules to Allow On-premises Servers to Communicate Over the Internet", + "title":"Allowing On-Premises Servers to Communicate with the Internet", "uri":"nat_qs_0012.html", "doc_type":"usermanual", - "p_code":"9", - "code":"22" + "p_code":"10", + "code":"23" }, { "desc":"If servers in your data center need to access the Internet or to provide services accessible from the Internet, NAT Gateway provides you with high-quality network service", @@ -203,8 +212,8 @@ "title":"Overview", "uri":"nat_qs_0013.html", "doc_type":"usermanual", - "p_code":"22", - "code":"23" + "p_code":"23", + "code":"24" }, { "desc":"Create a Direct Connect connection for connecting a VPC to your data center before enabling your servers in the data center to access the Internet or to provide services ", @@ -212,26 +221,26 @@ "title":"Step 1: Create a Direct Connect Connection", "uri":"nat_qs_0014.html", "doc_type":"usermanual", - "p_code":"22", - "code":"24" + "p_code":"23", + "code":"25" }, { - "desc":"You can assign an EIP, which can work together with a NAT gateway to allow servers that are connected to public cloud system using Direct Connect or VPN to access the Int", + "desc":"You can assign an EIP, which can work together with a NAT gateway to allow servers that are connected to a public cloud system using Direct Connect or VPN to access the I", "product_code":"nat", "title":"Step 2: Assign an EIP", "uri":"nat_qs_0015.html", "doc_type":"usermanual", - "p_code":"22", - "code":"25" + "p_code":"23", + "code":"26" }, { - "desc":"This section guides you on how to create a NAT gateway to enable your servers to access the Internet or to provide services available from the Internet.When creating a NA", + "desc":"This section guides you on how to create a public NAT gateway to enable your servers to access the Internet or to provide services available from the Internet.When creati", "product_code":"nat", - "title":"Step 3: Create a NAT Gateway", + "title":"Step 3: Create a Public NAT Gateway", "uri":"nat_qs_0016.html", "doc_type":"usermanual", - "p_code":"22", - "code":"26" + "p_code":"23", + "code":"27" }, { "desc":"After a NAT gateway is created, you can add SNAT rules for it. With SNAT rules, servers that are connected to a VPC using Direct Connect can access the Internet by sharin", @@ -239,8 +248,8 @@ "title":"Step 4: Add an SNAT Rule", "uri":"nat_qs_0017.html", "doc_type":"usermanual", - "p_code":"22", - "code":"27" + "p_code":"23", + "code":"28" }, { "desc":"After a NAT gateway is created, you can add DNAT rules to allow servers in your on-premises data center to provide services accessible from the Internet.You can configure", @@ -248,8 +257,8 @@ "title":"Step 5: Add a DNAT Rule", "uri":"nat_qs_0018.html", "doc_type":"usermanual", - "p_code":"22", - "code":"28" + "p_code":"23", + "code":"29" }, { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", @@ -258,43 +267,52 @@ "uri":"nat_nat_0000.html", "doc_type":"usermanual", "p_code":"", - "code":"29" + "code":"30" }, { - "desc":"This section guides you on how to create a NAT gateway to enable your servers to access the Internet or to provide services available from the Internet.When creating a NA", + "desc":"A public NAT gateway enables cloud and on-premises servers in a private subnet to access the Internet or provide services accessible from the Internet. Cloud servers are ", "product_code":"nat", - "title":"Creating a NAT Gateway", + "title":"Public NAT Gateway Overview", + "uri":"en-us_topic_0000001557248825.html", + "doc_type":"usermanual", + "p_code":"30", + "code":"31" + }, + { + "desc":"This section guides you on how to create a public NAT gateway to enable your servers to access the Internet or to provide services available from the Internet.When creati", + "product_code":"nat", + "title":"Creating a Public NAT Gateway", "uri":"en-us_topic_0150270259.html", "doc_type":"usermanual", - "p_code":"29", - "code":"30" + "p_code":"30", + "code":"32" }, { "desc":"After a NAT gateway is created, you can view details about the NAT gateway.A NAT gateway has been created.Log in to the management console.Click in the upper left corner", "product_code":"nat", - "title":"Viewing a NAT Gateway", + "title":"Viewing a Public NAT Gateway", "uri":"nat_nat_0001.html", "doc_type":"usermanual", - "p_code":"29", - "code":"31" + "p_code":"30", + "code":"33" }, { - "desc":"This section describes how to modify the name, type, or description of a NAT gateway.Increasing the size of the NAT gateway type does not affect services, but if you swit", + "desc":"This section describes how to modify the name, specifications, or description of a NAT gateway.Using a public NAT gateway of more robust specifications does not affect se", "product_code":"nat", - "title":"Modifying a NAT Gateway", + "title":"Modifying a Public NAT Gateway", "uri":"nat_01_0001.html", "doc_type":"usermanual", - "p_code":"29", - "code":"32" + "p_code":"30", + "code":"34" }, { "desc":"You can delete NAT gateways to release resources, saving costs.All SNAT rules created on the NAT gateway have been deleted.Log in to the management console.Click in the ", "product_code":"nat", - "title":"Deleting a NAT Gateway", + "title":"Deleting a Public NAT Gateway", "uri":"nat_nat_0002.html", "doc_type":"usermanual", - "p_code":"29", - "code":"33" + "p_code":"30", + "code":"35" }, { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", @@ -303,7 +321,7 @@ "uri":"nat_snat_0000.html", "doc_type":"usermanual", "p_code":"", - "code":"34" + "code":"36" }, { "desc":"After a NAT gateway is created, add SNAT rules. With the SNAT rule, servers in a VPC subnet or servers that are connected to a VPC through Direct Connect or VPN can acces", @@ -311,8 +329,8 @@ "title":"Adding an SNAT Rule", "uri":"en-us_topic_0127489529.html", "doc_type":"usermanual", - "p_code":"34", - "code":"35" + "p_code":"36", + "code":"37" }, { "desc":"After you add an SNAT rule to a NAT gateway, you can view the details about the SNAT rule.An SNAT rule has been added.Log in to the management console.Click in the upper", @@ -320,8 +338,17 @@ "title":"Viewing an SNAT Rule", "uri":"nat_snat_0001.html", "doc_type":"usermanual", - "p_code":"34", - "code":"36" + "p_code":"36", + "code":"38" + }, + { + "desc":"After an SNAT rule is added, you can modify parameters in the SNAT rule as required.An SNAT rule has been added for the NAT gateway.Log in to the management console.Click", + "product_code":"nat", + "title":"Modifying an SNAT Rule", + "uri":"nat_snat_0002.html", + "doc_type":"usermanual", + "p_code":"36", + "code":"39" }, { "desc":"Delete the SNAT rules that you no longer need.An SNAT rule has been added for the NAT gateway.Log in to the management console.Click in the upper left corner and select ", @@ -329,8 +356,8 @@ "title":"Deleting an SNAT Rule", "uri":"nat_snat_0003.html", "doc_type":"usermanual", - "p_code":"34", - "code":"37" + "p_code":"36", + "code":"40" }, { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", @@ -339,7 +366,7 @@ "uri":"nat_dnat_0000.html", "doc_type":"usermanual", "p_code":"", - "code":"38" + "code":"41" }, { "desc":"After a NAT gateway is created, you can add DNAT rules to allow servers in your VPC to provide services accessible from the Internet.You can configure only one DNAT rule ", @@ -347,8 +374,8 @@ "title":"Adding a DNAT Rule", "uri":"en-us_topic_0127489530.html", "doc_type":"usermanual", - "p_code":"38", - "code":"39" + "p_code":"41", + "code":"42" }, { "desc":"After you add a DNAT rule to a NAT gateway, you can view the details about the DNAT rule.A DNAT rule has been added.Log in to the management console.Click in the upper l", @@ -356,8 +383,17 @@ "title":"Viewing a DNAT Rule", "uri":"nat_dnat_0001.html", "doc_type":"usermanual", - "p_code":"38", - "code":"40" + "p_code":"41", + "code":"43" + }, + { + "desc":"After a DNAT rule is added, you can modify parameters in the DNAT rule as required.A DNAT rule has been added for the NAT gateway.Log in to the management console.Click ", + "product_code":"nat", + "title":"Modifying a DNAT Rule", + "uri":"nat_dnat_0002.html", + "doc_type":"usermanual", + "p_code":"41", + "code":"44" }, { "desc":"Delete a DNAT rule that you no longer need.A DNAT rule has been added for the NAT gateway.Log in to the management console.Click in the upper left corner and select the ", @@ -365,8 +401,8 @@ "title":"Deleting a DNAT Rule", "uri":"nat_dnat_0003.html", "doc_type":"usermanual", - "p_code":"38", - "code":"41" + "p_code":"41", + "code":"45" }, { "desc":"A NAT gateway tag identifies the NAT gateway. Tags can be added to NAT gateways to facilitate NAT gateway identification and administration. You can add a tag to a NAT ga", @@ -375,7 +411,7 @@ "uri":"nat_tag_0000.html", "doc_type":"usermanual", "p_code":"", - "code":"42" + "code":"46" }, { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", @@ -384,7 +420,7 @@ "uri":"nat_ces_0001.html", "doc_type":"usermanual", "p_code":"", - "code":"43" + "code":"47" }, { "desc":"This section describes metrics reported by NAT Gateway to Cloud Eye as well as their namespaces, monitoring metrics, and dimensions. You can use the management console or", @@ -392,8 +428,8 @@ "title":"Supported Metrics", "uri":"nat_ces_0002.html", "doc_type":"usermanual", - "p_code":"43", - "code":"44" + "p_code":"47", + "code":"48" }, { "desc":"You can set NAT gateway alarm rules to customize the monitored objects and notification policies. Then, you can learn NAT gateway running status in a timely manner.Log in", @@ -401,17 +437,17 @@ "title":"Creating Alarm Rules", "uri":"en-us_topic_0113772081.html", "doc_type":"usermanual", - "p_code":"43", - "code":"45" + "p_code":"47", + "code":"49" }, { - "desc":"The NAT gateway is running properly and SNAT rules have been created.It can take a period of time to obtain and transfer the monitoring data. Therefore, wait for a while ", + "desc":"The NAT gateway is running properly and SNAT rules have been created.It can take a period of time to obtain and transfer the monitoring data. Wait for a while and then ch", "product_code":"nat", "title":"Viewing Metrics", "uri":"nat_ces_0003.html", "doc_type":"usermanual", - "p_code":"43", - "code":"46" + "p_code":"47", + "code":"50" }, { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", @@ -420,7 +456,7 @@ "uri":"nat_faq_0000.html", "doc_type":"usermanual", "p_code":"", - "code":"47" + "code":"51" }, { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", @@ -428,17 +464,17 @@ "title":"NAT Gateway", "uri":"nat_faq_0100.html", "doc_type":"usermanual", - "p_code":"47", - "code":"48" + "p_code":"51", + "code":"52" }, { - "desc":"A VPC is a secure, isolated, logical network environment.A NAT gateway enables ECSs in the VPC to access the Internet.EIP is a service that provides valid static IP addre", + "desc":"A VPC is a secure, isolated, logical network environment.The NAT gateway enables ECSs in the VPC to access the Internet.EIP is a service that provides valid static IP add", "product_code":"nat", - "title":"What Is the Relationship Between a VPC, NAT Gateway, EIP Bandwidth, and ECS?", + "title":"What Is the Relationship Between a VPC and a NAT Gateway, EIP Bandwidth, and ECSs in the VPC?", "uri":"nat_faq_0003.html", "doc_type":"usermanual", - "p_code":"48", - "code":"49" + "p_code":"52", + "code":"53" }, { "desc":"The backend of a NAT gateway supports automatic disaster recovery through hot standby, thereby reducing risks and improving availability.", @@ -446,17 +482,35 @@ "title":"How Does A NAT Gateway Offer High Availability?", "uri":"nat_faq_0004.html", "doc_type":"usermanual", - "p_code":"48", - "code":"50" + "p_code":"52", + "code":"54" }, { - "desc":"A NAT gateway provides SNAT and DNAT, so multiple ECSs can share an EIP.An ECS can also have an EIP bound to it. The EIP does not have to be shared.If both SNAT and EIP a", + "desc":"The NAT gateway provides the SNAT and DNAT functions, allowing multiple ECSs to share one EIP.The ECS that has an EIP bound is exclusively using the IP address.If both SN", "product_code":"nat", - "title":"What Are the Differences Between Using a NAT Gateway and Using an EIP for an ECS?", + "title":"For an ECS, Is There Any Difference Between Using a NAT Gateway and Directly Having an EIP Bound?", "uri":"nat_faq_0013.html", "doc_type":"usermanual", - "p_code":"48", - "code":"51" + "p_code":"52", + "code":"55" + }, + { + "desc":"If your server cannot access the Internet through a NAT gateway, you may have configured the VPC route table incorrectly. Perform the following steps to reset the route t", + "product_code":"nat", + "title":"What Should I Do If I Fail to Access the Internet Through a NAT Gateway?", + "uri":"nat_faq_0011.html", + "doc_type":"usermanual", + "p_code":"52", + "code":"56" + }, + { + "desc":"No.You can select a VPC when creating a NAT gateway and cannot change the VPC for the NAT gateway after it is created.", + "product_code":"nat", + "title":"Can I Change the VPC for a NAT Gateway After It Is Created?", + "uri":"nat_faq_0018.html", + "doc_type":"usermanual", + "p_code":"52", + "code":"57" }, { "desc":"Quotas are enforced for service resources on the platform to prevent unforeseen spikes in resource usage. Quotas can limit the number or amount of resources available to ", @@ -464,17 +518,35 @@ "title":"What Is the Quota of the NAT Gateway?", "uri":"nat_faq_0010.html", "doc_type":"usermanual", - "p_code":"48", - "code":"52" + "p_code":"52", + "code":"58" }, { - "desc":"NAT gateways can be updated. SNAT rules cannot be updated.", + "desc":"NAT gateways can be updated, and SNAT rules cannot be updated.", "product_code":"nat", "title":"Do the NAT Gateway and SNAT Rule Support the Update Operation?", "uri":"nat_faq_0005.html", "doc_type":"usermanual", - "p_code":"48", - "code":"53" + "p_code":"52", + "code":"59" + }, + { + "desc":"You can configure security groups and firewalls to implement access control.A security group is a collection of access control rules for ECSs that have the same security ", + "product_code":"nat", + "title":"What Security Policies Can I Configure to Implement Access Control If I Use the NAT Gateway Service?", + "uri":"nat_faq_0020.html", + "doc_type":"usermanual", + "p_code":"52", + "code":"60" + }, + { + "desc":"You have bought a public NAT gateway and added SNAT and DNAT rules, but your servers cannot access the Internet or provide services accessible from the Internet. Whether ", + "product_code":"nat", + "title":"What Can I Do If Connection Between My Servers and the Internet Fails After I Add SNAT and DNAT Rules?", + "uri":"nat_faq_0021.html", + "doc_type":"usermanual", + "p_code":"52", + "code":"61" }, { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", @@ -482,8 +554,8 @@ "title":"SNAT", "uri":"nat_faq_0200.html", "doc_type":"usermanual", - "p_code":"47", - "code":"54" + "p_code":"51", + "code":"62" }, { "desc":"Besides requiring services provided by the system, some ECSs also need to access the Internet to obtain information or download software. However, assigning a public IP a", @@ -491,17 +563,53 @@ "title":"Why Is SNAT Used?", "uri":"nat_faq_001.html", "doc_type":"usermanual", - "p_code":"54", - "code":"55" + "p_code":"62", + "code":"63" }, { - "desc":"An SNAT connection consists of the source IP address, source port, destination IP address, destination port, and transmission-layer protocol. These five elements identify", + "desc":"An SNAT connection consists of the source IP address, source port, destination IP address, destination port, and a transport layer protocol. These five elements identify ", "product_code":"nat", "title":"What Are SNAT Connections?", "uri":"nat_faq_0002.html", "doc_type":"usermanual", - "p_code":"54", - "code":"56" + "p_code":"62", + "code":"64" + }, + { + "desc":"NAT Gateway SNAT translates a private IP address to a public IP address by binding EIPs to servers in a VPC. When a server accesses the Internet through the NAT gateway, ", + "product_code":"nat", + "title":"What Is the Bandwidth of the NAT Gateway When a Server Accesses the Internet Through the NAT Gateway? Where Can I Configure the Bandwidth?", + "uri":"nat_faq_0009.html", + "doc_type":"usermanual", + "p_code":"62", + "code":"65" + }, + { + "desc":"If packet loss or connection failures occur on a server that uses the NAT gateway to access the Internet, you can check the SNAT connections on the Cloud Eye console. If ", + "product_code":"nat", + "title":"How Do I Resolve Packet Loss or Connection Failure Issues When Using a NAT Gateway?", + "uri":"nat_faq_0016.html", + "doc_type":"usermanual", + "p_code":"62", + "code":"66" + }, + { + "desc":"If your TCP connection fails when your ECS is accessing a server on the public network through an SNAT rule, perform the following steps:Run the following command to chec", + "product_code":"nat", + "title":"What Should I Do If the Remote Server Fails to Be Accessed Through the NAT Gateway?", + "uri":"nat_faq_0017.html", + "doc_type":"usermanual", + "p_code":"62", + "code":"67" + }, + { + "desc":"When creating a NAT gateway, you must specify the VPC and subnet CIDR block for the NAT gateway. This CIDR block can only be used by the system.When you are creating an S", + "product_code":"nat", + "title":"What Are the Relationships and Differences Between the CIDR Blocks in a NAT Gateway and in an SNAT Rule?", + "uri":"nat_faq_0015.html", + "doc_type":"usermanual", + "p_code":"62", + "code":"68" }, { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", @@ -509,17 +617,17 @@ "title":"DNAT", "uri":"nat_faq_0300.html", "doc_type":"usermanual", - "p_code":"47", - "code":"57" + "p_code":"51", + "code":"69" }, { - "desc":"DNAT enables servers in a VPC to share an EIP to provide services accessible from the Internet through IP address mapping or port mapping.", + "desc":"DNAT enables servers in a VPC to share an EIP to provide services accessible from the Internet. For details, see Adding a DNAT Rule.", "product_code":"nat", "title":"Why Is DNAT Used?", "uri":"nat_faq_0006.html", "doc_type":"usermanual", - "p_code":"57", - "code":"58" + "p_code":"69", + "code":"70" }, { "desc":"You can modify DNAT rules.", @@ -527,8 +635,8 @@ "title":"Can I Modify DNAT Rules?", "uri":"nat_faq_0007.html", "doc_type":"usermanual", - "p_code":"57", - "code":"59" + "p_code":"69", + "code":"71" }, { "desc":"HUAWEI CLOUD Help Center presents technical documents to help you quickly get started with HUAWEI CLOUD services. The technical documents include Service Overview, Price Details, Purchase Guide, User Guide, API Reference, Best Practices, FAQs, and Videos.", @@ -537,7 +645,7 @@ "uri":"nat_his_0001.html", "doc_type":"usermanual", "p_code":"", - "code":"60" + "code":"72" }, { "desc":"For details about the terms involved in this document, see Glossary.", @@ -546,6 +654,6 @@ "uri":"nat_gls_0000.html", "doc_type":"usermanual", "p_code":"", - "code":"61" + "code":"73" } ] \ No newline at end of file diff --git a/docs/natgw/umn/en-us_image_0000001108294612.png b/docs/natgw/umn/en-us_image_0000001108294612.png new file mode 100644 index 00000000..775ce1c2 Binary files /dev/null and b/docs/natgw/umn/en-us_image_0000001108294612.png differ diff --git a/docs/natgw/umn/en-us_image_0000001110876070.png b/docs/natgw/umn/en-us_image_0000001110876070.png new file mode 100644 index 00000000..1909444d Binary files /dev/null and b/docs/natgw/umn/en-us_image_0000001110876070.png differ diff --git a/docs/natgw/umn/en-us_image_0000001111039460.png b/docs/natgw/umn/en-us_image_0000001111039460.png new file mode 100644 index 00000000..1909444d Binary files /dev/null and b/docs/natgw/umn/en-us_image_0000001111039460.png differ diff --git a/docs/natgw/umn/en-us_image_0000001111199360.png b/docs/natgw/umn/en-us_image_0000001111199360.png new file mode 100644 index 00000000..1909444d Binary files /dev/null and b/docs/natgw/umn/en-us_image_0000001111199360.png differ diff --git a/docs/natgw/umn/en-us_image_0000001154974329.png b/docs/natgw/umn/en-us_image_0000001154974329.png new file mode 100644 index 00000000..a158e7ff Binary files /dev/null and b/docs/natgw/umn/en-us_image_0000001154974329.png differ diff --git a/docs/natgw/umn/en-us_image_0000001156876053.png b/docs/natgw/umn/en-us_image_0000001156876053.png new file mode 100644 index 00000000..1909444d Binary files /dev/null and b/docs/natgw/umn/en-us_image_0000001156876053.png differ diff --git a/docs/natgw/umn/en-us_image_0000001182300205.png b/docs/natgw/umn/en-us_image_0000001182300205.png new file mode 100644 index 00000000..1909444d Binary files /dev/null and b/docs/natgw/umn/en-us_image_0000001182300205.png differ diff --git a/docs/natgw/umn/en-us_image_0000001206143558.png b/docs/natgw/umn/en-us_image_0000001206143558.png new file mode 100644 index 00000000..6ef07b83 Binary files /dev/null and b/docs/natgw/umn/en-us_image_0000001206143558.png differ diff --git a/docs/natgw/umn/en-us_image_0000001223839393.png b/docs/natgw/umn/en-us_image_0000001223839393.png new file mode 100644 index 00000000..81c14336 Binary files /dev/null and b/docs/natgw/umn/en-us_image_0000001223839393.png differ diff --git a/docs/natgw/umn/en-us_image_0000001251223489.png b/docs/natgw/umn/en-us_image_0000001251223489.png new file mode 100644 index 00000000..0d8a94dc Binary files /dev/null and b/docs/natgw/umn/en-us_image_0000001251223489.png differ diff --git a/docs/natgw/umn/en-us_image_0000001567533894.png b/docs/natgw/umn/en-us_image_0000001567533894.png new file mode 100644 index 00000000..d18a9540 Binary files /dev/null and b/docs/natgw/umn/en-us_image_0000001567533894.png differ diff --git a/docs/natgw/umn/en-us_image_0000001575387178.png b/docs/natgw/umn/en-us_image_0000001575387178.png new file mode 100644 index 00000000..12211d23 Binary files /dev/null and b/docs/natgw/umn/en-us_image_0000001575387178.png differ diff --git a/docs/natgw/umn/en-us_image_0000001576263158.png b/docs/natgw/umn/en-us_image_0000001576263158.png new file mode 100644 index 00000000..b62978d9 Binary files /dev/null and b/docs/natgw/umn/en-us_image_0000001576263158.png differ diff --git a/docs/natgw/umn/en-us_image_0000001576425382.png b/docs/natgw/umn/en-us_image_0000001576425382.png new file mode 100644 index 00000000..2d3a445a Binary files /dev/null and b/docs/natgw/umn/en-us_image_0000001576425382.png differ diff --git a/docs/natgw/umn/en-us_image_0000001626339129.png b/docs/natgw/umn/en-us_image_0000001626339129.png new file mode 100644 index 00000000..d0577f4b Binary files /dev/null and b/docs/natgw/umn/en-us_image_0000001626339129.png differ diff --git a/docs/natgw/umn/en-us_image_0000001663069377.png b/docs/natgw/umn/en-us_image_0000001663069377.png new file mode 100644 index 00000000..539adfc0 Binary files /dev/null and b/docs/natgw/umn/en-us_image_0000001663069377.png differ diff --git a/docs/natgw/umn/en-us_image_0201532822.png b/docs/natgw/umn/en-us_image_0201532822.png deleted file mode 100644 index b35fb70b..00000000 Binary files a/docs/natgw/umn/en-us_image_0201532822.png and /dev/null differ diff --git a/docs/natgw/umn/en-us_image_0201532842.png b/docs/natgw/umn/en-us_image_0201532842.png deleted file mode 100644 index 8fe631d0..00000000 Binary files a/docs/natgw/umn/en-us_image_0201532842.png and /dev/null differ diff --git a/docs/natgw/umn/en-us_image_0201532851.png b/docs/natgw/umn/en-us_image_0201532851.png deleted file mode 100644 index 7669701f..00000000 Binary files a/docs/natgw/umn/en-us_image_0201532851.png and /dev/null differ diff --git a/docs/natgw/umn/en-us_image_0201532881.png b/docs/natgw/umn/en-us_image_0201532881.png deleted file mode 100644 index b9c72a18..00000000 Binary files a/docs/natgw/umn/en-us_image_0201532881.png and /dev/null differ diff --git a/docs/natgw/umn/en-us_image_0201532914.png b/docs/natgw/umn/en-us_image_0201532914.png deleted file mode 100644 index 1bc2b72c..00000000 Binary files a/docs/natgw/umn/en-us_image_0201532914.png and /dev/null differ diff --git a/docs/natgw/umn/en-us_image_0201532948.png b/docs/natgw/umn/en-us_image_0201532948.png deleted file mode 100644 index 6b9acf06..00000000 Binary files a/docs/natgw/umn/en-us_image_0201532948.png and /dev/null differ diff --git a/docs/natgw/umn/en-us_image_0260388437.png b/docs/natgw/umn/en-us_image_0260388437.png new file mode 100644 index 00000000..adfa1b5b Binary files /dev/null and b/docs/natgw/umn/en-us_image_0260388437.png differ diff --git a/docs/natgw/umn/en-us_topic_0000001557248825.html b/docs/natgw/umn/en-us_topic_0000001557248825.html new file mode 100644 index 00000000..f4cb8cc7 --- /dev/null +++ b/docs/natgw/umn/en-us_topic_0000001557248825.html @@ -0,0 +1,15 @@ + + +

Public NAT Gateway Overview

+

A public NAT gateway enables cloud and on-premises servers in a private subnet to access the Internet or provide services accessible from the Internet. Cloud servers are in a VPC. On-premises servers are servers in on-premises data centers that connect to a VPC through Direct Connect or VPN. A public NAT gateway supports up to 20 Gbit/s of bandwidth.

+

The process of using a public NAT gateway is as follows.

+
Figure 1 Process of using a public NAT gateway
+

An SNAT rule and a DNAT rule cannot share the same EIP. If you need to create an SNAT rule and a DNAT rule, assign two EIPs.

+
+
+
+
+
Parent topic: Managing NAT Gateways
+
+
+ diff --git a/docs/natgw/umn/en-us_topic_0086739750.html b/docs/natgw/umn/en-us_topic_0086739750.html index ef55c467..484b27a7 100644 --- a/docs/natgw/umn/en-us_topic_0086739750.html +++ b/docs/natgw/umn/en-us_topic_0086739750.html @@ -1,7 +1,7 @@

Notes and Constraints

-
When using a NAT gateway: +
When using a NAT gateway:
  • Multiple rules for one NAT gateway can use the same EIP, but the rules for different NAT gateways must use different EIPs.
  • Each VPC can only have one NAT gateway.
  • Manually adding the default route for a VPC is not allowed.
  • Each VPC subnet can only be used in one SNAT rule.
  • SNAT and DNAT rules cannot share the same EIP.
  • DNAT rules do not support the mapping between an EIP and a virtual IP address.
  • If both an EIP and a NAT gateway are configured for a server, data will be forwarded through the EIP.
  • When you add an SNAT rule, if the rule is used in the VPC scenario, the custom CIDR block must be a subset of the NAT gateway's VPC subnets. If the rule is used in the Direct Connect scenario, the custom CIDR block must be a CIDR block of a Direct Connect connection and cannot overlap with the NAT gateway's VPC subnets.
  • You can configure only one DNAT rule for each port of a server. One port can be mapped to only one EIP.
  • The DNAT rules of a NAT gateway are irrelevant to the NAT gateway specifications. A maximum of 200 DNAT rules can be added to a NAT gateway. The number of SNAT rules that you can add for a NAT gateway has no relationship with the NAT gateway specifications.
diff --git a/docs/natgw/umn/en-us_topic_0086739762.html b/docs/natgw/umn/en-us_topic_0086739762.html index 0c049752..7b41b849 100644 --- a/docs/natgw/umn/en-us_topic_0086739762.html +++ b/docs/natgw/umn/en-us_topic_0086739762.html @@ -1,13 +1,10 @@

What Is NAT Gateway?

-

The NAT Gateway service provides network address translation (NAT) with 20 Gbit/s of bandwidth for Elastic Cloud Servers (ECSs) and Bare Metal Servers (BMSs) in a Virtual Private Cloud (VPC), or servers that connect to a VPC through Direct Connect or Virtual Private Network (VPN) in on-premises data centers, allowing these servers to share elastic IP addresses (EIPs) to access the Internet or to provide services accessible from the Internet.

+

NAT Gateway is a network address translation (NAT) service. It enables cloud and on-premises servers to share elastic IP addresses (EIPs) to access the Internet or to provide services accessible from the Internet. Cloud servers are Elastic Cloud Servers (ECSs) and Bare Metal Servers (BMSs) in a Virtual Private Cloud (VPC). On-premises servers are servers in on-premises data centers that connect to a VPC through Direct Connect or Virtual Private Network (VPN). NAT Gateway supports up to 20 Gbit/s of bandwidth.

NAT Gateway supports source NAT (SNAT) and destination NAT (DNAT).

-
  • SNAT translates private IP addresses into EIPs, allowing servers in a VPC to share an EIP to access the Internet in a secure and efficient way.
    Figure 1 shows the SNAT architecture.
    Figure 1 SNAT architecture
    -
    -

    -
  • DNAT enables servers in a VPC to share an EIP to provide services accessible from the Internet through IP address mapping or port mapping.

    Figure 2 shows the DNAT architecture.

    -
    Figure 2 DNAT architecture
    +
    • SNAT translates private IP addresses into EIPs, allowing servers in a VPC to share an EIP to access the Internet in a secure and efficient way.
      Figure 1 NAT gateway with an SNAT rule
      +
    • DNAT enables servers in a VPC to share an EIP to provide services accessible from the Internet through IP address mapping or port mapping.
      Figure 2 NAT gateway with a DNAT rule
diff --git a/docs/natgw/umn/en-us_topic_0086739763.html b/docs/natgw/umn/en-us_topic_0086739763.html index 68aa3771..079f8acf 100644 --- a/docs/natgw/umn/en-us_topic_0086739763.html +++ b/docs/natgw/umn/en-us_topic_0086739763.html @@ -1,11 +1,11 @@ -

NAT Gateway Types

-

A NAT gateway type specifies the maximum number of SNAT connections supported by a NAT gateway.

-

An SNAT connection consists of the source IP address, source port, destination IP address, destination port, and transmission-layer protocol. The source IP address refers to the EIP, and the source port refers to the EIP port. They will be used to access the destination IP address and port of the Internet. These five elements identify a connection as a unique session.

+

NAT Gateway Specifications

+

NAT gateway specifications determines the maximum number of SNAT connections supported by a NAT gateway.

+

An SNAT connection consists of the source IP address, source port, destination IP address, destination port, and a transport layer protocol. The source IP address is the EIP, and the source port is the EIP port. An SNAT connection uniquely identifies a session.

The data throughput of a NAT gateway is determined by the sum of the EIP bandwidths used by its DNAT rules. For example, if a NAT gateway has two DNAT rules, and their EIP bandwidths are 10 Mbit/s and 5 Mbit/s, respectively, the throughput of the NAT gateway is 15 Mbit/s.

-
When creating a NAT gateway, select the type based on your service requirements. Table 1 lists the NAT gateway types. -
Table 1 NAT gateway types

Type

+
When creating a NAT gateway, select the specifications based on your service requirements. Table 1 lists the NAT gateway specifications. +
@@ -35,7 +35,7 @@
Table 1 NAT gateway specifications

Specifications

Maximum Number of SNAT Connections

-
  • If the requests exceed the maximum connections allowed by your NAT gateway, your services will be adversely affected. To avoid this situation, create alarm rules for the SNAT connection in Cloud Eye.
  • A maximum of 200 DNAT rules can be added for each NAT gateway. The number of DNAT rules that you can add for a NAT gateway has no relationship with the NAT gateway type. The number of SNAT rules that you can add for a NAT gateway has no relationship with the NAT gateway type.
+
  • If the requests exceed the maximum connections allowed by your NAT gateway, your services will be adversely affected. To avoid this situation, create alarm rules for the SNAT connection in Cloud Eye.
  • The DNAT rules of a NAT gateway are irrelevant to the NAT gateway specifications. A maximum of 200 DNAT rules can be added to a NAT gateway. The number of SNAT rules that you can add for a NAT gateway has no relationship with the NAT gateway specifications.
diff --git a/docs/natgw/umn/en-us_topic_0087895790.html b/docs/natgw/umn/en-us_topic_0087895790.html index 22036586..92e8c0c2 100644 --- a/docs/natgw/umn/en-us_topic_0087895790.html +++ b/docs/natgw/umn/en-us_topic_0087895790.html @@ -1,7 +1,7 @@

Overview

-

If servers (ECSs and BMSs) without EIPs bound need to access the Internet, the servers can share one or more EIPs to access the Internet through a NAT gateway. This method provides access without exposing their IP addresses. Figure 1 illustrates the process.

+

If servers (ECSs and BMSs) without EIPs bound need to access the Internet, the servers can share one or more EIPs to access the Internet through a NAT gateway. This method provides access without exposing their IP addresses. Figure 1 illustrates the process.

Figure 1 Flowchart
diff --git a/docs/natgw/umn/en-us_topic_0113772081.html b/docs/natgw/umn/en-us_topic_0113772081.html index e3c2c6da..bdfd4954 100644 --- a/docs/natgw/umn/en-us_topic_0113772081.html +++ b/docs/natgw/umn/en-us_topic_0113772081.html @@ -3,8 +3,8 @@

Creating Alarm Rules

Scenarios

You can set NAT gateway alarm rules to customize the monitored objects and notification policies. Then, you can learn NAT gateway running status in a timely manner.

-

Procedure

  1. Log in to the management console.
  2. Click in the upper left corner and select the desired region and project.
  3. Under Management & Deployment, select Cloud Eye.
  4. In the left navigation pane, choose Alarm Management > Alarm Rules.
  5. On the Alarm Rules page, click Create Alarm Rule and specify required parameters.
  6. Click Next and specify rule parameters as prompted.
  7. Click Finish. After the alarm rule is set, the system automatically notifies you when an alarm is triggered.
-

For more information about how to set alarm rules, see Cloud Eye User Guide.

+

Procedure

  1. Log in to the management console.
  2. Click in the upper left corner and select the desired region and project.
  3. Under Management & Deployment, select Cloud Eye.
  4. In the left navigation pane, choose Alarm Management > Alarm Rules.
  5. On the Alarm Rules page, click Create Alarm Rule and specify required parameters.
  6. Click Next and specify rule parameters as prompted.
  7. Click Finish. After the alarm rule is set, the system automatically notifies you when an alarm is triggered.
+

For more information about how to set alarm rules, see the Cloud Eye User Guide.

diff --git a/docs/natgw/umn/en-us_topic_0127489529.html b/docs/natgw/umn/en-us_topic_0127489529.html index a9e87c37..e0524fff 100644 --- a/docs/natgw/umn/en-us_topic_0127489529.html +++ b/docs/natgw/umn/en-us_topic_0127489529.html @@ -1,13 +1,13 @@

Adding an SNAT Rule

-

Scenarios

After a NAT gateway is created, add SNAT rules. With the SNAT rule, servers in a VPC subnet or servers that are connected to a VPC through Direct Connect or VPN can access the Internet by sharing an EIP.

-

Each SNAT rule is configured for one subnet. If there are multiple subnets in a VPC, you can create several SNAT rules to share EIPs.

+

Scenarios

After a NAT gateway is created, add SNAT rules. With the SNAT rule, servers in a VPC subnet or servers that are connected to a VPC through Direct Connect or VPN can access the Internet by sharing an EIP.

+

Each SNAT rule is configured for one subnet. If there are subnets in a VPC, you can create several SNAT rules to share EIPs.

-

Prerequisites

  • A NAT gateway has been created.
+

Prerequisites

  • A NAT gateway has been created.
-

Procedure

  1. Log in to the management console.
  2. Click in the upper left corner and select the desired region and project.
  3. Under Network, choose NAT Gateway.
  4. On the displayed page, click the name of the NAT gateway for which you want to add the SNAT rule.
  5. On the SNAT Rules tab, click Add SNAT Rule.

    -
    Figure 1 Add SNAT Rule
    +

    Procedure

    1. Log in to the management console.
    2. Click in the upper left corner and select the desired region and project.
    3. Under Network, select NAT Gateway.
    4. On the displayed page, click the name of the NAT gateway for which you want to add the SNAT rule.
    5. On the SNAT Rules tab, click Add SNAT Rule.

      +
      Figure 1 Add SNAT Rule
    6. Configure the parameters as prompted. For details, see Table 1.
      @@ -26,28 +26,27 @@

      Select Direct Connect if the servers that are connected to a VPC through Direct Connect in your data center need to access the Internet.

      - - - - - - - - - + + + + diff --git a/docs/natgw/umn/en-us_topic_0127489530.html b/docs/natgw/umn/en-us_topic_0127489530.html index 9a6447be..ff9ef94e 100644 --- a/docs/natgw/umn/en-us_topic_0127489530.html +++ b/docs/natgw/umn/en-us_topic_0127489530.html @@ -8,7 +8,7 @@

      Procedure

      1. Log in to the management console.
      2. Click in the upper left corner and select the desired region and project.
      3. Under Network, choose NAT Gateway.
      4. On the displayed page, click the name of the NAT gateway for which you want to add the DNAT rule.
      5. On the NAT gateway details page, click the DNAT Rules tab.
      6. Click Add DNAT Rule.

        Add security group rules to allow inbound or outbound traffic after you add a DNAT rule. Otherwise, the DNAT rule does not take effect.

        -
        Figure 1 Add DNAT Rule
        +
        Figure 1 Add DNAT Rule

      7. Configure the parameters as prompted. For details, see Table 1.
      Table 1 Parameter descriptions

      Parameter

      Type

      +

      CIDR Block

      This parameter is available only when you select VPC for Scenario.

      +
      • Configure this parameter when you select VPC for Scenario and Custom for CIDR Block.
      • This parameter is available only when you select VPC for Scenario and Custom for CIDR Block.
      • Configure this parameter when you select VPC for Scenario.

      You can set it to Subnet or Custom based on service requirements.

      -

      Select Subnet if all servers in a VPC subnet need to access the Internet through the SNAT rule.

      -

      Select Custom if only specific servers in a VPC subnet need to access the Internet through the SNAT rule.

      +
      • In a VPC scenario with CIDR Block as Custom, specify an IPv4 CIDR block, which must be a subset of the VPC subnets.
      • In a VPC scenario with CIDR Block as Existing, specify a VPC subnet in which servers can access the Internet through the SNAT rule.
      • In a Direct Connect scenario, specify a CIDR block of your data center to enable your on-premises servers to access the Internet through the SNAT rule.

      Subnet

      +

      EIP

      This parameter is available only when you select VPC for Scenario, and Subnet for Type.

      -

      The subnet in which servers can access the Internet through the SNAT rule.

      -

      EIP

      -
      • This parameter is available only when you select VPC for Scenario.
      • This parameter is available only when you select Direct Connect for Scenario.
      +

      N/A

      The EIP used for accessing the Internet.

      You can select an EIP that either is not bound to any resource, has been bound to a DNAT rule with Port Type set to Specific port of the current NAT gateway, or has been bound to an SNAT rule of the current NAT gateway.

      +

      You can select multiple EIPs at once. Up to 20 EIPs can be selected for each SNAT rule. The EIP used for the SNAT rule is randomly chosen from the ones you select when you add the rule.

      +

      Description

      +

      N/A

      +

      Supplementary information about the NAT gateway. The description can contain up to 255 characters.
      - - @@ -51,12 +51,28 @@ + + + + + + - + + +
      Table 1 Parameter descriptions

      Parameter

      @@ -34,7 +34,7 @@

      The protocol can be TCP or UDP. This parameter is available if you select Specific port for Port Type. If you select All ports, the value of this parameter will be All by default.

      EIP

      +

      EIP

      The EIP that will be used by the server to provide services accessible from the Internet.

      You can select an EIP that either is not bound to any resource, has been bound to a DNAT rule with Port Type set to Specific port of the current NAT gateway, or has been bound to an SNAT rule of the current NAT gateway.

      @@ -42,7 +42,7 @@

      Outside Port

      The port of the EIP. This parameter is available if you select Specific port for Port Type. Value range: 1–65535

      +

      The port of the EIP. This parameter is available if you select Specific port for Port Type. The value ranges from 1 to 65535.

      You can enter a single port number, for example, 80.
      • In a VPC scenario, set this parameter to the IP address of the server in a VPC. This IP address is used by the server to provide services accessible from the Internet through DNAT.
      • In a Direct Connect scenario, set this parameter to the IP address of the server in the local data center or the user's private IP address. This IP address is used by local servers that are connected to a VPC through Direct Connect or VPN to provide services accessible from the Internet through DNAT.
      • Configure the port of Private IP Address if you select Specific port for Port Type.

      Instance Type

      +

      The type of the instance that will be providing services accessible from on-premises data centers or remote VPCs. Possible values are:

      +
      • Server
      • Virtual IP address
      • Custom
      +

      NIC

      +

      The NIC of the server. This parameter is available when you set Instance Type to Server.

      +

      Inside Port

      The port of the server that provides services accessible from the Internet through the DNAT rule. This parameter is available if you select Specific port for Port Type. Value range: 1–65535

      +

      The port of the server that provides services accessible from the Internet through the DNAT rule. This parameter is available if you select Specific port for Port Type. The value ranges from 1 to 65535.

      You can enter a single port number, for example, 80.

      Description

      +

      Supplementary information about the DNAT rule. The description can contain up to 255 characters.

      +
      diff --git a/docs/natgw/umn/en-us_topic_0150270259.html b/docs/natgw/umn/en-us_topic_0150270259.html index 942d4d04..f6c5985c 100644 --- a/docs/natgw/umn/en-us_topic_0150270259.html +++ b/docs/natgw/umn/en-us_topic_0150270259.html @@ -1,31 +1,34 @@ -

      Creating a NAT Gateway

      -

      Scenarios

      This section guides you on how to create a NAT gateway to enable your servers to access the Internet or to provide services available from the Internet.

      +

      Creating a Public NAT Gateway

      +

      Scenarios

      This section guides you on how to create a public NAT gateway to enable your servers to access the Internet or to provide services available from the Internet.

      -

      Prerequisites

      • When creating a NAT gateway, you must specify its VPC, subnet, and type.
      • Ensure that the VPC does not have the default route.
      +

      Prerequisites

      • When creating a public NAT gateway, you must specify its VPC and subnet.
      • To allow traffic to pass through the public NAT gateway, a route to the public NAT gateway in the VPC is required. When you buy a public NAT gateway, a default route 0.0.0.0/0 to the public NAT gateway is automatically added to the default route table of the VPC. If the default route 0.0.0.0/0 already exists in the default route table of the VPC before you buy the public NAT gateway, the default route that points to the public NAT gateway will fail to be added automatically. In this case, perform the following operations after the public NAT gateway is successfully created: Manually add a different route that points to the gateway or create a default route 0.0.0.0/0 pointing to the gateway in the new routing table.
      -

      Procedure

      1. Log in to the management console.
      2. Click in the upper left corner and select the desired region and project.
      3. Under Network, choose NAT Gateway.
      4. On the displayed page, click Create NAT Gateway.
      5. Configure the parameters as prompted. For details, see Table 1. -
        Table 1 Parameter descriptions

        Parameter

        +

        Procedure

        1. Log in to the management console.
        2. Click in the upper left corner and select the desired region and project.
        3. Under Network, select NAT Gateway.
        4. On the displayed page, click Create Public NAT Gateway.
          Figure 1 Create NAT Gateway
          +
        5. Configure the parameters as prompted. For details, see Table 1. +
          - - - - - - @@ -81,7 +82,7 @@
        6. In the NAT gateway list, view the NAT gateway status. For details about the NAT gateway status, see Table 3.
          7. Table 1 Parameter descriptions of a public NAT gateway

          Parameter

          Description

          Region

          +

          Region

          The region where the NAT gateway is located.

          Name

          The name of the NAT gateway. The name can include up to 64 characters and can include digits, letters, underscores (_), and hyphens (-).

          +

          The name of the NAT gateway. The name can contain a maximum of 64 characters and only digits, letters, underscores (_), and hyphens (-) are allowed.

          VPC

          The VPC that the NAT gateway belongs to. Select a VPC which is not used by any other NAT gateways and has no default route.

          You can change the VPC only when you are creating the NAT gateway. After the NAT gateway is created, you cannot modify the VPC.

          +
          NOTE:

          To allow traffic to pass through the public NAT gateway, a route to the public NAT gateway in the VPC is required. When you buy a public NAT gateway, a default route 0.0.0.0/0 to the public NAT gateway is automatically added to the default route table of the VPC. If the default route 0.0.0.0/0 already exists in the default route table of the VPC before you buy the public NAT gateway, the default route that points to the public NAT gateway will fail to be added automatically. In this case, perform the following operations after the public NAT gateway is successfully created: Manually add a different route that points to the gateway or create a default route 0.0.0.0/0 pointing to the gateway in the new routing table.

          +

          Subnet

          @@ -35,10 +38,10 @@

          You can change the subnet only when you are creating the NAT gateway. After the NAT gateway is created, you cannot change the subnet.

          Type

          +

          Specifications

          The type of the NAT gateway.

          -

          The value can be Small, Medium, Large, and Extra-large. You can click Learn more on the page to view details about each type.

          +

          The specifications of the NAT gateway.

          +

          The option can be Small, Medium, Large, and Extra-large. You can click Learn more on the page to view details about each specifications.

          Description

          @@ -64,14 +67,12 @@

          Key

          • Cannot be left blank.
          • Must be unique for each NAT gateway.
          • Contains a maximum of 36 characters.
          • Can contain only the following character types:
            • Letter
            • Digits
            • Special characters, including hyphens (-) and underscores (_)
            -
          +
          • Cannot be left blank.
          • Must be unique for each NAT gateway.
          • Contains a maximum of 36 characters.
          • Contains only letters, digits, hyphens (-), underscores (_), and at signs (@).

          Value

          • Can contain a maximum of 43 characters.
          • Can contain only the following character types:
            • Letter
            • Digits
            • Special characters, including hyphens (-) and underscores (_)
            -
          +
          • Can contain a maximum of 43 characters.
          • Contains only letters, digits, hyphens (-), underscores (_), and at signs (@).
          - @@ -118,8 +119,16 @@
          Table 3 NAT gateway status

          Status

          Description

          +

          Description
          +

          After the public NAT gateway is created, check whether a default route (0.0.0.0/0) that points to the public NAT gateway exists in the default route table of the VPC where the public NAT gateway is. If no, add a route pointing to the public NAT gateway to the default route table, alternatively, create a custom route table and add the default route 0.0.0.0/0 pointing to the public NAT gateway to the table. The following describes how to add a route to a custom route table.

        +

        Adding a Default Route Pointing to the Public NAT Gateway

        1. Log in to the management console.
        2. Click in the upper left corner and select the desired region and project.
        3. Under Network, select Virtual Private Cloud.
        4. In the navigation pane on the left, choose Route Tables.
        5. On the Route Tables page, click Create Route Table in the upper right corner.

          VPC: Select the VPC to which the public NAT gateway belongs.

          +
        6. After the custom route table is created, click its name.

          The Summary page is displayed.

          +
        7. Click Add Route and configure parameters as follows:

          Destination: Set it to 0.0.0.0/0.

          +

          Next Hop Type: Select NAT gateway.

          +

          Next Hop: Select the created NAT gateway.

          +
        8. Click OK.
        +
        diff --git a/docs/natgw/umn/nat_01_0001.html b/docs/natgw/umn/nat_01_0001.html index b537206b..6c0a6ba0 100644 --- a/docs/natgw/umn/nat_01_0001.html +++ b/docs/natgw/umn/nat_01_0001.html @@ -1,13 +1,14 @@ -

        Modifying a NAT Gateway

        -

        Scenarios

        This section describes how to modify the name, type, or description of a NAT gateway.

        -

        Increasing the size of the NAT gateway type does not affect services, but if you switch to a smaller NAT gateway, make sure the reduced capacity will still be enough to meet your service requirements.

        +

        Modifying a Public NAT Gateway

        +

        Scenarios

        This section describes how to modify the name, specifications, or description of a NAT gateway.

        +

        Using a public NAT gateway of more robust specifications does not affect services, but if you switch to a public NAT gateway of less robust specifications, make sure the reduced capacity will still be enough to meet your service requirements.

        +

        Using a NAT gateway of more robust specifications does not affect services, but if you switch to a NAT gateway of less robust specifications, make sure the reduced capacity will still be enough to meet your service requirements.

        Prerequisites

        A NAT gateway has been created.

        -

        Procedure

        1. Log in to the management console.
        2. Click in the upper left corner and select the desired region and project.
        3. Under Network, choose NAT Gateway.
        4. On the displayed page, locate the row that contains the target NAT gateway and click Modify in the Operation column.
        5. Modify the name, type, or description of the NAT gateway as prompted.

          -
        6. Click Next.
        7. Click Submit.
        +

        Procedure

        1. Log in to the management console.
        2. Click in the upper left corner and select the desired region and project.
        3. Under Network, select NAT Gateway.
        4. On the displayed page, locate the row that contains the target NAT gateway and click Modify in the Operation column.
        5. Modify the name, specifications, or description of the NAT gateway as prompted.

          +
        6. Click Next.
        7. Click Submit.
        diff --git a/docs/natgw/umn/nat_az_0000.html b/docs/natgw/umn/nat_az_0000.html index c0eb035f..f18a639c 100644 --- a/docs/natgw/umn/nat_az_0000.html +++ b/docs/natgw/umn/nat_az_0000.html @@ -11,7 +11,7 @@

        Selecting an AZ

        When deploying resources, consider your applications' requirements on disaster recovery (DR) and network latency.

        • For high DR capability, deploy resources in different AZs within the same region.
        • For lower network latency, deploy resources in the same AZ.
        -

        Regions and Endpoints

        Before you use an API to call resources, specify its region and endpoint. For more details, see Regions and Endpoints.

        +

        Regions and Endpoints

        Before you use an API to call resources, specify its region and endpoint. For more details, see Regions and Endpoints.

        diff --git a/docs/natgw/umn/nat_ces_0002.html b/docs/natgw/umn/nat_ces_0002.html index 47a55815..a854c75c 100644 --- a/docs/natgw/umn/nat_ces_0002.html +++ b/docs/natgw/umn/nat_ces_0002.html @@ -6,50 +6,167 @@

        Namespace

        SYS.NAT

        Metrics

        -

        Metric

        +
        - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + @@ -57,9 +174,9 @@

        Dimensions

        -
        Table 1 NAT gateway metrics

        Metric ID

        Name

        +

        Name

        Description

        +

        Description

        Value Range

        +

        Value Range

        Measurement Object & Dimension

        +

        Monitored Object

        Monitoring Interval (Raw Data)

        +

        Monitoring Period (Raw Data)

        snat_connection

        +

        snat_connection

        SNAT Connections

        +

        SNAT Connections

        Number of SNAT connections of the NAT gateway

        -

        Unit: Count

        +

        Number of SNAT connections of the NAT gateway

        +

        Unit: Count

        ≥ 0

        +

        ≥ 0

        Measurement object: NAT gateway

        -

        Dimension:

        -

        nat_gateway_id

        +

        NAT gateway

        1 minute

        +

        1 minute

        Server IP address set

        +

        inbound_bandwidth

        Monitoring Details of Top 10

        +

        Inbound Bandwidth

        IP addresses of the top 10 servers that occupy the most SNAT connections

        -

        Unit: Count

        +

        Inbound bandwidth of servers using the SNAT function

        +

        Unit: bit/s

        ≥ 0

        +

        ≥ 0

        +

        bits/s

        Measurement object: NAT gateway

        -

        Dimension:

        -

        nat_gateway_id

        +

        NAT gateway

        1 minute

        +

        1 minute

        +

        outbound_bandwidth

        +

        Outbound Bandwidth

        +

        Outbound bandwidth of servers using the SNAT function

        +

        Unit: bit/s

        +

        ≥ 0

        +

        bits/s

        +

        NAT gateway

        +

        1 minute

        +

        inbound_pps

        +

        Inbound PPS

        +

        Inbound PPS of servers using the SNAT function

        +

        Unit: Count

        +

        ≥ 0

        +

        NAT gateway

        +

        1 minute

        +

        outbound_pps

        +

        Outbound PPS

        +

        Outbound PPS of servers using the SNAT function

        +

        Unit: Count

        +

        ≥ 0

        +

        NAT gateway

        +

        1 minute

        +

        inbound_traffic

        +

        Inbound Traffic

        +

        Inbound traffic of servers using the SNAT function

        +

        Unit: byte

        +

        ≥ 0 bytes

        +

        NAT gateway

        +

        1 minute

        +

        outbound_traffic

        +

        Outbound Traffic

        +

        Outbound traffic of servers using the SNAT function

        +

        Unit: byte

        +

        ≥ 0 bytes

        +

        NAT gateway

        +

        1 minute

        +

        snat_connection_ratio

        +

        SNAT Connection Usage Rate

        +

        The percentage of available SNAT connections used by servers for which the SNAT rules are configured on the NAT gateway

        +

        The maximum number of connections is the number of connections allowed by the NAT gateway specifications. .

        +

        Unit: Percent

        +

        ≥ 0

        +

        NAT gateway

        +

        1 minute

        +

        inbound_bandwidth_ratio

        +

        Inbound Bandwidth Usage Rate

        +

        The percentage of available inbound bandwidth used by servers using the SNAT function. The maximum bandwidth supported by a NAT gateway is 20 Gbit/s.

        +

        The maximum bandwidth supported by a NAT gateway is 20 Gbit/s. Inbound bandwidth usage = Used bandwidth/Maximum bandwidth of the NAT gateway x 100%.

        +

        Unit: Percent

        +
        NOTE:

        This metric is used to monitor the performance of NAT gateways instead of the EIP bandwidth.

        +
        +

        ≥ 0

        +

        NAT gateway

        +

        1 minute

        +

        outbound_bandwidth_ratio

        +

        Outbound Bandwidth Usage Rate

        +

        The percentage of available outbound bandwidth used by servers using the SNAT function

        +

        The maximum bandwidth supported by a NAT gateway is 20 Gbit/s. Outbound bandwidth usage = Used bandwidth/Maximum bandwidth of the NAT gateway x 100%.

        +

        Unit: Percent

        +
        NOTE:

        This metric is used to monitor the performance of NAT gateways instead of the EIP bandwidth.

        +
        +

        ≥ 0

        +

        NAT gateway

        +

        1 minute
        - - + + + + + + + + + + + + + + + + + + + + + + + + + + + - @@ -29,7 +83,7 @@ - -

        Key

        +
        - diff --git a/docs/natgw/umn/nat_ces_0003.html b/docs/natgw/umn/nat_ces_0003.html index 710c6986..c81f77cd 100644 --- a/docs/natgw/umn/nat_ces_0003.html +++ b/docs/natgw/umn/nat_ces_0003.html @@ -1,11 +1,11 @@

        Viewing Metrics

        -

        Prerequisites

        • The NAT gateway is running properly and SNAT rules have been created.
        • It can take a period of time to obtain and transfer the monitoring data. Therefore, wait for a while and then check the data.
        +

        Prerequisites

        • The NAT gateway is running properly and SNAT rules have been created.
        • It can take a period of time to obtain and transfer the monitoring data. Wait for a while and then check the data.

        Scenarios

        This section describes how to view NAT Gateway metrics.

        -

        Procedure

        1. Log in to the management console.
        2. In the upper left corner, select the target region.
        3. Under Management & Deployment, select Cloud Eye.
        4. In the navigation pane on the left, choose Cloud Service Monitoring > NAT Gateway.
        5. Locate the row that contains the target metric and click View Metric in the Operation column to check detailed information.

          You can view data of the last one, three, or twelve hours.

          +

          Procedure

          1. Log in to the management console.
          2. In the upper left corner, select the target region.
          3. Under Management & Deployment, select Cloud Eye.
          4. In the navigation pane on the left, choose Cloud Service Monitoring > NAT Gateway.
          5. Locate the row that contains the target metric and click View Metric in the Operation column to check detailed information.

            You can view data of the last one, three, or twelve hours.

          diff --git a/docs/natgw/umn/nat_dnat_0000.html b/docs/natgw/umn/nat_dnat_0000.html index 19f02bb5..4087ab6e 100644 --- a/docs/natgw/umn/nat_dnat_0000.html +++ b/docs/natgw/umn/nat_dnat_0000.html @@ -8,6 +8,8 @@
        6. Viewing a DNAT Rule
          7. +
        7. Modifying a DNAT Rule
          +
        8. Deleting a DNAT Rule
          9. diff --git a/docs/natgw/umn/nat_dnat_0002.html b/docs/natgw/umn/nat_dnat_0002.html new file mode 100644 index 00000000..60716527 --- /dev/null +++ b/docs/natgw/umn/nat_dnat_0002.html @@ -0,0 +1,17 @@ + + +

          Modifying a DNAT Rule

          +

          Scenarios

          After a DNAT rule is added, you can modify parameters in the DNAT rule as required.

          +
          +

          Prerequisites

          A DNAT rule has been added for the NAT gateway.

          +
          +

          Procedure

          1. Log in to the management console.
          2. Click in the upper left corner and select the desired region and project.
          3. Under Network, choose NAT Gateway.
          4. On the displayed page, click the name of the target NAT gateway.
          5. On the NAT gateway details page, click the DNAT Rules tab.
          6. Locate the row that contains the DNAT rule you want to modify and click Modify in the Operation column.
          7. In the displayed dialog box, modify the required parameters.
            Figure 1 Modify DNAT Rule
            +
          8. Click OK.
          +
          +
          +
          +
          +
          Parent topic: Managing DNAT Rules
          +
          +
          + diff --git a/docs/natgw/umn/nat_faq_0002.html b/docs/natgw/umn/nat_faq_0002.html index 99d3f242..116726ee 100644 --- a/docs/natgw/umn/nat_faq_0002.html +++ b/docs/natgw/umn/nat_faq_0002.html @@ -1,8 +1,8 @@

          What Are SNAT Connections?

          -

          An SNAT connection consists of the source IP address, source port, destination IP address, destination port, and transmission-layer protocol. These five elements identify a connection as a unique session. The source IP address refers to the EIP, and the source port refers to the EIP port. They will be used to access the destination IP address and port of the Internet.

          -

          SNAT supports three protocols: TCP, UDP, and ICMP. A NAT gateway supports up to 55,000 concurrent connections for each destination IP address and port. If any of the destination IP address, port number, and protocol (TCP/UDP/ICMP) changes, you can create another 55,000 connections. The number of connections you query on an ECS may be different from the actual number of SNAT connections. (You can run the netstat command to query the number of connections.) Assume that an ECS creates 100 connections to a fixed destination every second. 55,000 connections will be used up in about 10 minutes without considering the dropped idle connections. As a result, new connections cannot be established.

          +

          An SNAT connection consists of the source IP address, source port, destination IP address, destination port, and a transport layer protocol. These five elements identify a connection as a unique session. The source IP address refers to the EIP, and the source port refers to the EIP port. They will be used to access the destination IP address and port of the Internet.

          +

          SNAT supports three protocols: TCP, UDP, and ICMP. A NAT gateway supports up to 55,000 concurrent connections for each destination IP address and port. If any of the destination IP address, port number, and protocol (TCP/UDP/ICMP) changes, you can create another 55,000 connections. The number of connections you query on an ECS may be different from the actual number of SNAT connections. (You can run the netstat command to query the number of connections.) Assume that an ECS creates 100 connections to a fixed destination every second. 55,000 connections will be used up in about 10 minutes without considering the dropped idle connections. As a result, new connections cannot be established.

          If there is no data packet passing through the SNAT connection for a long time, the connection will be timed out.

          diff --git a/docs/natgw/umn/nat_faq_0003.html b/docs/natgw/umn/nat_faq_0003.html index e7aabdef..a81af579 100644 --- a/docs/natgw/umn/nat_faq_0003.html +++ b/docs/natgw/umn/nat_faq_0003.html @@ -1,7 +1,7 @@ -

          What Is the Relationship Between a VPC, NAT Gateway, EIP Bandwidth, and ECS?

          -
          • A VPC is a secure, isolated, logical network environment.
          • A NAT gateway enables ECSs in the VPC to access the Internet.
          • EIP is a service that provides valid static IP addresses on the Internet. The throughput of a VPC is determined by the EIP bandwidth.
          • An ECS is a running instance in the VPC and uses the NAT gateway to access the Internet.
          +

          What Is the Relationship Between a VPC and a NAT Gateway, EIP Bandwidth, and ECSs in the VPC?

          +
          • A VPC is a secure, isolated, logical network environment.
          • The NAT gateway enables ECSs in the VPC to access the Internet.
          • EIP is a service that provides valid static IP addresses on the Internet. The throughput of a VPC is determined by the EIP bandwidth.
          • ECSs are instances running in the VPC and use the NAT gateway to access the Internet.
          diff --git a/docs/natgw/umn/nat_faq_0005.html b/docs/natgw/umn/nat_faq_0005.html index 49f0cf0c..608e5318 100644 --- a/docs/natgw/umn/nat_faq_0005.html +++ b/docs/natgw/umn/nat_faq_0005.html @@ -1,7 +1,7 @@

          Do the NAT Gateway and SNAT Rule Support the Update Operation?

          -

          NAT gateways can be updated. SNAT rules cannot be updated.

          +

          NAT gateways can be updated, and SNAT rules cannot be updated.

          diff --git a/docs/natgw/umn/nat_faq_0006.html b/docs/natgw/umn/nat_faq_0006.html index 4ad64b00..b1fc641d 100644 --- a/docs/natgw/umn/nat_faq_0006.html +++ b/docs/natgw/umn/nat_faq_0006.html @@ -1,7 +1,7 @@

          Why Is DNAT Used?

          -

          DNAT enables servers in a VPC to share an EIP to provide services accessible from the Internet through IP address mapping or port mapping.

          +

          DNAT enables servers in a VPC to share an EIP to provide services accessible from the Internet. For details, see Adding a DNAT Rule.

          diff --git a/docs/natgw/umn/nat_faq_0009.html b/docs/natgw/umn/nat_faq_0009.html new file mode 100644 index 00000000..9ca38633 --- /dev/null +++ b/docs/natgw/umn/nat_faq_0009.html @@ -0,0 +1,12 @@ + + +

          What Is the Bandwidth of the NAT Gateway When a Server Accesses the Internet Through the NAT Gateway? Where Can I Configure the Bandwidth?

          +

          NAT Gateway SNAT translates a private IP address to a public IP address by binding EIPs to servers in a VPC. When a server accesses the Internet through the NAT gateway, the bandwidth is related to the bandwidth of the EIP assigned to you.

          +

          +
          +
          +
          +
          Parent topic: SNAT
          +
          +
          + diff --git a/docs/natgw/umn/nat_faq_001.html b/docs/natgw/umn/nat_faq_001.html index 2c2d861b..f64864b1 100644 --- a/docs/natgw/umn/nat_faq_001.html +++ b/docs/natgw/umn/nat_faq_001.html @@ -1,7 +1,7 @@

          Why Is SNAT Used?

          -

          Besides requiring services provided by the system, some ECSs also need to access the Internet to obtain information or download software. However, assigning a public IP address to each ECS consumes already-limited IPv4 addresses, incurs additional costs, and may increase the attack surface in a virtual environment. Enabling multiple ECSs to share a single public IP address is preferable and more practical. This can be done using SNAT.

          +

          Besides requiring services provided by the system, some ECSs also need to access the Internet to obtain information or download software. However, assigning a public IP address to each ECS consumes already-limited IPv4 addresses, incurs additional costs, and may increase the attack surface in a virtual environment. Enabling multiple ECSs to share a single public IP address is preferable and more practical. This can be done using SNAT.

          diff --git a/docs/natgw/umn/nat_faq_0010.html b/docs/natgw/umn/nat_faq_0010.html index 13fc3fc4..442607c3 100644 --- a/docs/natgw/umn/nat_faq_0010.html +++ b/docs/natgw/umn/nat_faq_0010.html @@ -10,10 +10,10 @@

          How Do I Apply for a Higher Quota?

          The system does not support online quota adjustment. If you need to adjust a quota, call the hotline or send an email to the customer service mailbox. Customer service personnel will timely process your request for quota adjustment and inform you of the real-time progress by making a call or sending an email.

          Before dialing the hotline number or sending an email, make sure that the following information has been obtained:

          -
          • Domain name, project name, and project ID, which can be obtained by performing the following operations:

            Log in to the management console using the cloud account, click the username in the upper right corner, select My Credentials from the drop-down list, and obtain the domain name, project name, and project ID on the My Credentials page.

            +
            • Domain name, project name, and project ID, which can be obtained by performing the following operations:

              Log in to the management console using the cloud account, click the username in the upper right corner, select My Credentials from the drop-down list, and obtain the domain name, project name, and project ID on the My Credentials page.

            • Quota information, which includes:
              • Service name
              • Quota type
              • Required quota
            -

            Learn how to obtain the service hotline and email address.

            +

            Learn how to obtain the service hotline and email address.

          diff --git a/docs/natgw/umn/nat_faq_0011.html b/docs/natgw/umn/nat_faq_0011.html new file mode 100644 index 00000000..56272827 --- /dev/null +++ b/docs/natgw/umn/nat_faq_0011.html @@ -0,0 +1,12 @@ + + +

          What Should I Do If I Fail to Access the Internet Through a NAT Gateway?

          +

          If your server cannot access the Internet through a NAT gateway, you may have configured the VPC route table incorrectly. Perform the following steps to reset the route table:

          +
          1. Locate the route table associated with the subnet in the VPC.
          2. Check whether the route table contains the route to the NAT gateway. If not, add the route.
          3. Ensure that the destination address of the route to be added contain the target address.
          +
          +
          +
          +
          Parent topic: NAT Gateway
          +
          +
          + diff --git a/docs/natgw/umn/nat_faq_0013.html b/docs/natgw/umn/nat_faq_0013.html index fa6385dc..d23a1a73 100644 --- a/docs/natgw/umn/nat_faq_0013.html +++ b/docs/natgw/umn/nat_faq_0013.html @@ -1,11 +1,11 @@ -

          What Are the Differences Between Using a NAT Gateway and Using an EIP for an ECS?

          -

          A NAT gateway provides SNAT and DNAT, so multiple ECSs can share an EIP.

          -

          An ECS can also have an EIP bound to it. The EIP does not have to be shared.

          -

          If both SNAT and EIP are configured for an ECS, data will be forwarded through the EIP.

          +

          For an ECS, Is There Any Difference Between Using a NAT Gateway and Directly Having an EIP Bound?

          +

          The NAT gateway provides the SNAT and DNAT functions, allowing multiple ECSs to share one EIP.

          +

          The ECS that has an EIP bound is exclusively using the IP address.

          +

          If both SNAT and EIP are configured for an ECS, data will be preferentially forwarded through the EIP.

          If both DNAT and EIP are configured for an ECS, the ECS will have two EIPs, one that is directly bound to the ECS and one that is associated with the DNAT rule. Incoming data will be forwarded by one of the two EIPs, which is determined by the client user. Outgoing data will be forwarded by the EIP directly bound to the ECS in priority. If the two EIPs are different, data forwarding will fail.

          -

          Configuring both a NAT gateway and an EIP for an ECS is not recommended.

          +

          Therefore, you are not advised to use a NAT gateway and bind an EIP to the same ECS at the same time.

          diff --git a/docs/natgw/umn/nat_faq_0015.html b/docs/natgw/umn/nat_faq_0015.html new file mode 100644 index 00000000..c9d08f96 --- /dev/null +++ b/docs/natgw/umn/nat_faq_0015.html @@ -0,0 +1,13 @@ + + +

          What Are the Relationships and Differences Between the CIDR Blocks in a NAT Gateway and in an SNAT Rule?

          +

          When creating a NAT gateway, you must specify the VPC and subnet CIDR block for the NAT gateway. This CIDR block can only be used by the system.

          +

          When you are creating an SNAT rule with Scenario set to VPC, configure a subnet CIDR block for the VPC so that servers in the subnet can access the Internet through the SNAT rule.

          +

          When you are creating an SNAT rule with Scenario set to Direct Connect, configure the CIDR block of a local data center or another VPC so that ECSs in the CIDR block can access the Internet through the SNAT rule.

          +
          +
          +
          +
          Parent topic: SNAT
          +
          +
          + diff --git a/docs/natgw/umn/nat_faq_0016.html b/docs/natgw/umn/nat_faq_0016.html new file mode 100644 index 00000000..0966cde3 --- /dev/null +++ b/docs/natgw/umn/nat_faq_0016.html @@ -0,0 +1,11 @@ + + +

          How Do I Resolve Packet Loss or Connection Failure Issues When Using a NAT Gateway?

          +

          If packet loss or connection failures occur on a server that uses the NAT gateway to access the Internet, you can check the SNAT connections on the Cloud Eye console. If the number of SNAT connections exceeds what the NAT gateway specifications support, there will be packet loss or connection failures. If the number of connections exceeds the upper limit, change the NAT gateway specifications.

          +
          +
          +
          +
          Parent topic: SNAT
          +
          +
          + diff --git a/docs/natgw/umn/nat_faq_0017.html b/docs/natgw/umn/nat_faq_0017.html new file mode 100644 index 00000000..bad696f8 --- /dev/null +++ b/docs/natgw/umn/nat_faq_0017.html @@ -0,0 +1,35 @@ + + +

          What Should I Do If the Remote Server Fails to Be Accessed Through the NAT Gateway?

          +

          If your TCP connection fails when your ECS is accessing a server on the public network through an SNAT rule, perform the following steps:

          +
          1. Run the following command to check whether tcp_tw_recycle is enabled on the remote server:

            sysctl -a|grep tcp_tw_recycle

            +

            If the value of tcp_tw_recycle is 1, tcp_tw_recycle is enabled.

            +
          2. Run the following command to check the number of lost packets of the remote server:

            cat /proc/net/netstat | awk '/TcpExt/ { print $21,$22 }'

            +

            If the value of ListenDrops is not 0, packet loss occurs, that is, the network is faulty.

            +
          +

          Troubleshooting

          Method 1: Modifying the kernel parameter of the remote server

          +
          • Run the following command to temporarily modify the parameters (the modification becomes invalid after the server is restarted):

            sysctl -w net.ipv4.tcp_tw_recycle=0

            +
          +
          • Perform the following operations to permanently modify the parameters:
            1. Modify the /etc/sysctl.conf file:

              vi /etc/sysctl.conf

              +

              Add the following content to the file:

              +

              net.ipv4.tcp_tw_recycle=0

              +
            2. Press Esc, enter :wq!, and save the file and exit.
            3. Run the following command to make the modification take effect:

              sysctl -p

              +
            +
          +
          +

          Method 2: Modifying the kernel parameter of the local client

          +
          • To temporarily modify parameters (the settings become invalid after the local client is restarted), configure the parameter as follows:

            sysctl -w net.ipv4.tcp_timestamps=0

            +
          +
          • Perform the following operations to permanently modify the parameters:
            1. Modify the /etc/sysctl.conf file:

              vi /etc/sysctl.conf

              +

              Add the following content to the file:

              +

              net.ipv4.tcp_timestamps=0

              +
            2. Press Esc, enter :wq!, and save the file and exit.
            3. Run the following command to make the modification take effect:

              sysctl -p

              +
            +
          +
          +
          +
          +
          Parent topic: SNAT
          +
          +
          + diff --git a/docs/natgw/umn/nat_faq_0018.html b/docs/natgw/umn/nat_faq_0018.html new file mode 100644 index 00000000..a3e525ca --- /dev/null +++ b/docs/natgw/umn/nat_faq_0018.html @@ -0,0 +1,12 @@ + + +

          Can I Change the VPC for a NAT Gateway After It Is Created?

          +

          No.

          +

          You can select a VPC when creating a NAT gateway and cannot change the VPC for the NAT gateway after it is created.

          +
          +
          +
          +
          Parent topic: NAT Gateway
          +
          +
          + diff --git a/docs/natgw/umn/nat_faq_0020.html b/docs/natgw/umn/nat_faq_0020.html new file mode 100644 index 00000000..6a5c2dad --- /dev/null +++ b/docs/natgw/umn/nat_faq_0020.html @@ -0,0 +1,15 @@ + + +

          What Security Policies Can I Configure to Implement Access Control If I Use the NAT Gateway Service?

          +

          You can configure security groups and firewalls to implement access control.

          +
          • A security group is a collection of access control rules for ECSs that have the same security protection requirements and are mutually trusted. After a security group is created, you can create various access rules for the security group, and these rules will apply to all ECSs added to this security group.
          • A firewall is an optional layer of security for your subnets. You can associate one or more subnets with a firewall to control traffic in and out of the subnets.
          +

          Security groups operate at the ECS level, whereas firewalls operate at the subnet level. You can use firewalls together with security groups to implement access control that is both comprehensive and fine-grained.

          +

          For details about security groups and firewalls, see Security in the Virtual Private Cloud User Guide.

          +

          +
          +
          +
          +
          Parent topic: NAT Gateway
          +
          +
          + diff --git a/docs/natgw/umn/nat_faq_0021.html b/docs/natgw/umn/nat_faq_0021.html new file mode 100644 index 00000000..3db67dfe --- /dev/null +++ b/docs/natgw/umn/nat_faq_0021.html @@ -0,0 +1,287 @@ + + +

          What Can I Do If Connection Between My Servers and the Internet Fails After I Add SNAT and DNAT Rules?

          +

          Symptom

          You have bought a public NAT gateway and added SNAT and DNAT rules, but your servers cannot access the Internet or provide services accessible from the Internet. Whether the network configured with a public NAT gateway can connect to the Internet depends on the route table configuration, security group configuration, and firewall configuration. If any configuration problem occurs, the network connection will fail. This section describes the fault locating process after a public NAT gateway is configured.

          +
          +

          Fault Locating

          The following fault causes are listed in descending order of occurrence probability.

          +

          If the fault persists after one possible cause is ruled out, move down the list to the other possible causes.

          + +

        Key

        Value

        +

        Value
        + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
        Table 1 Network disconnection troubleshooting

        Possible Cause

        +

        Solution

        +

        The route table is incorrectly configured.

        +

        Add the default route or a route pointing to the public NAT gateway to the route table. For details, see Checking Whether Default Route Pointing to the Public NAT Gateway Is Configured in the Route Table.

        +

        The ECS has an EIP bound.

        +

        Unbind the EIP from the ECS. For details, see Checking Whether the ECS Has an EIP Bound.

        +

        The security group rules are incorrectly configured.

        +

        Configure ECS security group rules to allow traffic to and from the ECS. For details, see Checking Whether Security Group Rules Allow Traffic to and from the ECS Port.

        +

        The firewall is incorrectly configured.

        +

        Add firewall rules to allow traffic in and out of the subnet. For details, see Checking Whether Firewall Rules Allow Traffic in and out of the Subnet.

        +

        The EIP bandwidth exceeds the threshold.

        +

        Increase the EIP bandwidth by referring to Checking Whether the EIP Bandwidth Limit Has Been Exceeded.

        +

        The service volume of the Public NAT gateway exceeds the upper limit.

        +

        Increase the public NAT gateway specifications. For details, see Checking Whether the SNAT Connection Limit for the Public NAT Gateway Has Been Exceeded.

        +

        The assign status is abnormal.

        +

        Ensure that the public NAT gateway is running. For details, see Check Whether the Public NAT Gateway Status is Normal.

        +

        The ECS port is not listened on.

        +

        Enable the ECS port again. For details, see Checking ECS Ports.

        +
        +
        + +

        Checking Whether Default Route Pointing to the Public NAT Gateway Is Configured in the Route Table

        1. Log in to the management console.
        2. Click in the upper left corner and select the desired region and project.
        3. Click Service List in the upper left corner. Under Network, select Virtual Private Cloud.
        4. In the navigation pane on the left, choose Route Tables.
        5. In the route table list, click the name of the route table associated with the VPC to which the public NAT gateway belongs.
        6. Check whether default route (0.0.0.0/0) pointing to the public NAT gateway is in the route list.
          • If no, add the default route pointing to the public NAT gateway to the route table.
            1. Click Add Route and configure required parameters. +
              + + + + + + + + + + + + + + + + +
              Table 2 Descriptions of route parameters

              Parameter

              +

              Description

              +

              Destination

              +

              The destination CIDR block

              +

              Set it to 0.0.0.0/0.

              +

              Next Hop Type

              +

              Set it to NAT gateway.

              +

              Next Hop

              +

              Set it to the ID of the public NAT gateway you purchased.

              +

              Description

              +

              (Optional) Supplementary information about the route

              +

              Enter up to 255 characters. Angle brackets (< or >) are not allowed.

              +
              +
              +
            2. Click OK.
            +
          • If a default route is there but does not point to the public NAT gateway, add a route pointing to the public NAT gateway to the existing route table. Alternatively, create a route table and add a default route pointing to the public NAT gateway to the new route table.
            • To add a route pointing to the public NAT gateway to the existing route table, perform the following steps:
              1. Click Add Route and configure required parameters. +
                + + + + + + + + + + + + + + + + +
                Table 3 Descriptions of route parameters

                Parameter

                +

                Description

                +

                Destination

                +

                The destination CIDR block

                +

                Next Hop Type

                +

                Set it to NAT gateway.

                +

                Next Hop

                +

                Set it to the ID of the public NAT gateway you purchased.

                +

                Description

                +

                (Optional) Supplementary information about the route

                +

                Enter up to 255 characters. Angle brackets (< or >) are not allowed.

                +
                +
                +
              2. Click OK.
              +
            • Create a route table and add a default route pointing to the public NAT gateway.
              1. In the upper right corner of the Route Tables page, click Create Route Table and configure required parameters. +
                + + + + + + + + + + + + + + + + + + + + + +
                Table 4 Descriptions of route table parameters

                Parameter

                +

                Description

                +

                Example Value

                +

                Name

                +

                (Mandatory) The name of the route table

                +

                Enter up to 64 characters. Only letters, digits, underscores (_), hyphens (-), and periods (.) are allowed. Spaces are not allowed.

                +

                rtb-001

                +

                VPC

                +

                (Mandatory) The VPC that the route table belongs to

                +

                vpc-001

                +

                Description

                +

                (Optional) Supplementary information about the route table

                +

                Enter up to 255 characters. Angle brackets (< or >) are not allowed.

                +

                N/A

                +

                Route Settings

                +

                Information about routes

                +

                You can click Add Route to add more routes.

                +

                Set Destination to 0.0.0.0/0, Next Hop Type to NAT gateway, and Next Hop to the public NAT gateway you purchased.

                +

                N/A

                +
                +
                +
              2. Click OK.

                An Information dialog box is displayed, indicating that you can associate the route table with a subnet now or later.

                +
              3. Click Associate Subnet.

                The Associated Subnets tab is displayed.

                +
              4. Click Associate Subnet and select the subnet to be associated.
              5. Click OK.
              +
            +
          +
        +
        +

        Checking Whether the ECS Has an EIP Bound

        If both SNAT and EIP are configured for an ECS, the EIP is preferentially used for data forwarding.

        +

        If both DNAT and EIP are configured for an ECS, the ECS will have two EIPs, one that is bound to the ECS and one that is associated with the DNAT rule. Incoming data will be forwarded by one of the two EIPs, which is determined by the client user. Outgoing data will be forwarded by the EIP bound to the ECS in priority. If the two EIPs are different, data forwarding will fail.

        +

        If the ECS has an EIP bound, perform the following steps to unbind the EIP.

        +
        1. Log in to the management console.
        2. Click in the upper left corner and select the desired region and project.
        3. Under Computing, click Elastic Cloud Server.
        4. In the list, locate the ECS. In the IP Address column, check whether the ECS has an EIP bound. +
        +
        +

        Checking Whether Security Group Rules Allow Traffic to and from the ECS Port

        If the traffic to and from the ECS port is denied in the security group, add rules to the security group to allow the port traffic.
        1. Log in to the management console.
        2. Click in the upper left corner and select the desired region and project.
        3. Under Computing, click Elastic Cloud Server.
        4. On the Elastic Cloud Server page, click the name of the ECS.
        5. Click the Security Groups tab and view security group rules.
        6. Check whether you have configured inbound and outbound rules to allow traffic to and from the ECS port.
          • If yes, check the next item.
          • If no, click Manage Rule.

            On the Summary tab page of the security group, click Inbound Rules or Outbound Rules to add an inbound rule and outbound rule that allow traffic to and from the ECS port. For details about inbound and outbound rule parameters, see Adding a Security Group Rule.

            +
          +
        +
        +
        +

        Checking Whether Firewall Rules Allow Traffic in and out of the Subnet

        Check whether the VPC subnet is associated with firewall rules. If yes, check the firewall rules.

        +
        1. Log in to the management console.
        2. Click in the upper left corner and select the desired region and project.
        3. Click Service List in the upper left corner. Under Network, select Virtual Private Cloud.
        4. In the navigation pane on the left, click Subnets.
        5. Check whether the NAT gateway subnet is associated with a firewall.

          The specific firewall name indicates that the association is successful.

          +
        6. Click the firewall name to view the details.
        7. Check whether the inbound and outbound rules that allow traffic in and out of the subnet have been added.

          If no, add such inbound and outbound rules, or disassociate the firewall from the subnet.

          +
          For details, see Add a Firewall Rule and Disassociating a Subnet from a Firewall.

          The default firewall rules deny all incoming and outgoing packets. After the firewall is disabled, the default rules still take effect.

          +
          +
          +
        +

        +
        +

        Checking Whether the EIP Bandwidth Limit Has Been Exceeded

        If an EIP is bound to the public NAT gateway, the bandwidth is used to provide access traffic between the public network and the public NAT gateway.

        +

        If the network is disconnected, check whether the EIP bandwidth exceeds the limit.

        +

        For details about how to increase the bandwidth, see Modifying an EIP Bandwidth.

        +
        +

        Checking Whether the SNAT Connection Limit for the Public NAT Gateway Has Been Exceeded

        1. Log in to the management console.
        2. Click in the upper left corner and select the desired region and project.
        3. Click Service List in the upper left corner. Under Management & Governance, choose Cloud Eye.
        4. In the navigation pane on the left, choose Cloud Service Monitoring > NAT Gateway.
        5. Locate the row that contains the public NAT gateway you purchased and click View Metric in the Operation column to check detailed monitoring.
        6. Check whether the SNAT connection limit for the public NAT gateway has been exceeded.
          • If no, check the next item.
          • If the number of SNAT connections exceeds the upper limit of the public NAT gateway specifications, increase the specifications.

            For details about how to increase the public NAT gateway specifications, see Modifying a Public NAT Gateway.

            +
          +
        +
        +

        Check Whether the Public NAT Gateway Status is Normal

        1. Log in to the management console.
        2. Click in the upper left corner and select the desired region and project.
        3. Click Service List in the upper left corner. Under Network, select NAT Gateway.
        4. In the public NAT gateway list, locate the NAT gateway and check whether its status is Running.
          • If yes, check the next item.
          • If no, the possible causes are as follows:
            • Your account or resources are frozen because you violated related security requirements or laws and regulations when using the cloud platform. If you complete the rectification within the required period and meet related security and legal requirements, your account and resources can be unfrozen. If you do not complete the rectification within the required period, your resources will be deleted.
            +
          +
        +
        +

        Checking ECS Ports

        Ensure that ECS ports are in the LISTEN state. Table 5 lists the common TCP statuses.

        +
        • Linux

          Run the netstat -antp command to check whether the ECS port is in the LISTEN state.

          +
          For example, run netstat -ntulp |grep 80.
          Figure 1 Checking port listening status
          +
          +

          If no, enable the ECS port.

          +
        • Windows

          Perform the following operations to check port communication:

          +
          1. Run cmd.exe.
          2. Run the netstat -ano | findstr "PID" command to obtain the PID used by the process.
            For example, run netstat -ano | findstr "80".
            Figure 2 Checking port listening status
            +
            +

            If no, enable the ECS port.

            +
          +
        + +
        + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
        Table 5 Common TCP statuses

        TCP Status

        +

        Description

        +

        Scenario

        +

        LISTEN

        +

        Listens for network connection requests from a remote TCP port.

        +

        The TCP server is running.

        +

        ESTABLISHED

        +

        A connection has been set up.

        +

        A TCP connection is properly set up.

        +

        TIME-WAIT

        +

        Waits until the remote TCP server receives the acknowledgement after sending a disconnection request.

        +

        The TCP connection is disconnected, and this state is cleared in 1 minute.

        +

        CLOSE-WAIT

        +

        Waits for a disconnection request sent by a local user.

        +

        A program fault resulted in an open socket. This state is displayed after the network is disconnected, indicating that a process is in an infinite loop or waiting for certain requirements to be met. To resolve this issue, restart the affected process.

        +

        FIN-WAIT-2

        +

        Waits for the network disconnection request from a remote TCP server.

        +

        The network has been disconnected and requires 12 minutes to automatically recover.

        +

        SYN-SENT

        +

        Waits for the matched network connection request after a network connection request is sent.

        +

        The TCP connection request failed, which is generally caused by the delayed handling of high CPU usage on the server or by a DDoS attack.

        +

        FIN-WAIT-1

        +

        Waits for the remote TCP disconnection request, or the acknowledgement for a previous disconnection request.

        +

        If the network has been disconnected, this state may not automatically recover after 15 minutes. If the port remains occupied for a long period of time, restart the OS to resolve the issue.

        +
        +
        +
        + +
        +
        +
        Parent topic: NAT Gateway
        +
        +
        + diff --git a/docs/natgw/umn/nat_faq_0100.html b/docs/natgw/umn/nat_faq_0100.html index d457d662..214c3a40 100644 --- a/docs/natgw/umn/nat_faq_0100.html +++ b/docs/natgw/umn/nat_faq_0100.html @@ -8,16 +8,24 @@
        diff --git a/docs/natgw/umn/nat_faq_0200.html b/docs/natgw/umn/nat_faq_0200.html index bf79d81f..70add8b4 100644 --- a/docs/natgw/umn/nat_faq_0200.html +++ b/docs/natgw/umn/nat_faq_0200.html @@ -12,6 +12,14 @@
      6. What Are SNAT Connections?
        7. +
      7. What Is the Bandwidth of the NAT Gateway When a Server Accesses the Internet Through the NAT Gateway? Where Can I Configure the Bandwidth?
        +
        8. +
      8. How Do I Resolve Packet Loss or Connection Failure Issues When Using a NAT Gateway?
        +
        9. +
      9. What Should I Do If the Remote Server Fails to Be Accessed Through the NAT Gateway?
        +
        10. +
      10. What Are the Relationships and Differences Between the CIDR Blocks in a NAT Gateway and in an SNAT Rule?
        +
        11. diff --git a/docs/natgw/umn/nat_faq_0300.html b/docs/natgw/umn/nat_faq_0300.html index b4649bdf..883c8067 100644 --- a/docs/natgw/umn/nat_faq_0300.html +++ b/docs/natgw/umn/nat_faq_0300.html @@ -1,11 +1,7 @@ - -

        DNAT

        - -

        -
        - +

        DNAT

        +
        • Why Is DNAT Used?
          diff --git a/docs/natgw/umn/nat_his_0001.html b/docs/natgw/umn/nat_his_0001.html index dd364562..95101779 100644 --- a/docs/natgw/umn/nat_his_0001.html +++ b/docs/natgw/umn/nat_his_0001.html @@ -8,15 +8,69 @@

        2021-03-18

        +

        2023-07-26

        This release incorporates the following changes:

        +

        This release incorporates the following changes:

        + +

        2023-07-19

        +

        This release incorporates the following changes:

        + +

        2023-07-12

        +

        This release incorporates the following changes:

        + +

        2023-06-20

        +

        This release incorporates the following changes:

        + +

        2023-06-05

        +

        This release incorporates the following changes:

        +
        • Added parameter CIDR Block, deleted parameters Type and Subnet, and modified the condition of parameter EIP in Table 1.
        • Updated the screenshot for adding an SNAT rule.
        +

        2023-05-25

        +

        This release incorporates the following change:

        +
        • Deleted section "Using Multiple Public NAT Gateways Together in Performance-Demanding Scenarios" in Getting Started.
        +

        2023-02-15

        +

        This release incorporates the following changes:

        + +

        2022-10-30

        +

        This release added the following sections:

        + +

        2022-07-27

        +

        This release incorporates the following changes:

        +

        Deleted FAQ "What Is the Quota of NAT Gateways ?" The numbers of DNAT rules and the number of SNAT rules supported by a NAT gateway are not quotas.

        +

        2021-03-18

        +

        This release incorporates the following change:

        Added section "Managing NAT Gateway Tags".

        2020-07-30

        This release incorporates the following changes:

        +

        This release incorporates the following change:

        • Organized FAQs by category.

        2019-09-18

        This release incorporates the following changes:

        - +

        2019-03-19

        @@ -40,8 +94,8 @@

        2019-03-18

        This release incorporates the following changes:

        -

        Deleted redundant content from sections NAT Gateway Types, What Are SNAT Connections? and How Does A NAT Gateway Offer High Availability?

        +

        This release incorporates the following change:

        +

        Deleted redundant content from sections NAT Gateway Specifications, What Are SNAT Connections? and How Does A NAT Gateway Offer High Availability?

        2019-03-13

        @@ -59,7 +113,7 @@

        2019-01-15

        This release incorporates the following changes:

        - +

        2018-02-16

        @@ -69,20 +123,20 @@

        2018-02-08

        This release incorporates the following changes:

        +

        This release incorporates the following change:

        Added operation scenarios and prerequisites in chapter Getting Started.

        2018-02-04

        This release incorporates the following changes:

        - +

        2018-01-23

        This release incorporates the following changes:

        - +

        2018-01-15

        diff --git a/docs/natgw/umn/nat_nat_0000.html b/docs/natgw/umn/nat_nat_0000.html index d42bf0d3..396fcfb5 100644 --- a/docs/natgw/umn/nat_nat_0000.html +++ b/docs/natgw/umn/nat_nat_0000.html @@ -4,13 +4,15 @@
        diff --git a/docs/natgw/umn/nat_nat_0001.html b/docs/natgw/umn/nat_nat_0001.html index abfb0ce3..a6c668c5 100644 --- a/docs/natgw/umn/nat_nat_0001.html +++ b/docs/natgw/umn/nat_nat_0001.html @@ -1,6 +1,6 @@ -

        Viewing a NAT Gateway

        +

        Viewing a Public NAT Gateway

        Scenarios

        After a NAT gateway is created, you can view details about the NAT gateway.

        Prerequisites

        A NAT gateway has been created.

        diff --git a/docs/natgw/umn/nat_nat_0002.html b/docs/natgw/umn/nat_nat_0002.html index 7a259691..0f50de0f 100644 --- a/docs/natgw/umn/nat_nat_0002.html +++ b/docs/natgw/umn/nat_nat_0002.html @@ -1,6 +1,6 @@ -

        Deleting a NAT Gateway

        +

        Deleting a Public NAT Gateway

        Scenarios

        You can delete NAT gateways to release resources, saving costs.

        Prerequisites

        All SNAT rules created on the NAT gateway have been deleted.

        diff --git a/docs/natgw/umn/nat_pro_0000.html b/docs/natgw/umn/nat_pro_0000.html index 3c4fbabf..eb17fb8e 100644 --- a/docs/natgw/umn/nat_pro_0000.html +++ b/docs/natgw/umn/nat_pro_0000.html @@ -10,10 +10,12 @@
      11. Application Scenarios
        12. -
      12. NAT Gateway Types
        +
      13. NAT Gateway Specifications
      14. Notes and Constraints
        15. +
      15. Using NAT Gateway with Other Services
        +
      16. Region and AZ
      17. Basic Concepts
        diff --git a/docs/natgw/umn/nat_pro_0001.html b/docs/natgw/umn/nat_pro_0001.html index 6501fb94..02069431 100644 --- a/docs/natgw/umn/nat_pro_0001.html +++ b/docs/natgw/umn/nat_pro_0001.html @@ -2,8 +2,8 @@

        Product Advantages

        The NAT Gateway service has the following highlights:

        -
        • Flexibility

          A NAT gateway can be deployed flexibly across subnets and AZs. Any fault in a single AZ does not affect the service continuity of a NAT gateway. The type and EIP of a NAT gateway can be adjusted at any time.

          -
        • Easy of use

          Multiple types of NAT gateways are available. You can use them after simple configuration. NAT Gateway supports easy operation and maintenance (O&M) and quick provisioning. They can run stably and reliably.

          +
          • Flexibility

            A NAT gateway is deployed across subnets and across two AZs. Any fault in a single AZ does not affect the service continuity of a NAT gateway. The specifications and EIP of a NAT gateway can be adjusted at any time.

            +
          • Easy of use

            Multiple NAT gateway specifications are available. You can use them after simple configuration. NAT Gateway supports easy operation and maintenance (O&M) and quick provisioning. They can run stably and reliably.

          • Cost-effectiveness

            Multiple servers can share an EIP. When you send data through a private IP address or provide services accessible from the Internet using a NAT gateway, the NAT gateway translates the private IP address to a public IP address. The NAT Gateway service helps you save money on EIPs and bandwidth.

        diff --git a/docs/natgw/umn/nat_pro_0002.html b/docs/natgw/umn/nat_pro_0002.html index e3c15fc6..e3f59742 100644 --- a/docs/natgw/umn/nat_pro_0002.html +++ b/docs/natgw/umn/nat_pro_0002.html @@ -1,14 +1,14 @@

        Application Scenarios

        -

        Using SNAT to Access the Internet

        If your servers in a VPC require Internet access, you can use SNAT to let the servers share one or more EIPs to access the Internet without exposing their IP addresses. In a VPC, each subnet corresponds to an SNAT rule, and each SNAT rule is configured with an EIP. NAT Gateway provides different types of NAT gateways that support different numbers of connections. You can create multiple SNAT rules to meet your service requirements.

        +

        Using SNAT to Enable Servers to Access the Internet

        If your servers in a VPC require Internet access, you can use SNAT to let the servers share one or more EIPs to access the Internet without exposing their IP addresses. In a VPC, each subnet corresponds to an SNAT rule, and each SNAT rule is configured with an EIP. NAT Gateway provides different specifications to support different numbers of connections. You can create multiple SNAT rules to meet your service requirements.

        Figure 1 shows how servers in a VPC access the Internet using SNAT.

        -
        Figure 1 Using SNAT to access the Internet
        +
        Figure 1 Using SNAT to enable servers to access the Internet

        Using DNAT to Allow Servers to Provide Services Accessible from the Internet

        To allow your servers in a VPC to provide services accessible from the Internet, you can use DNAT.

        You can associate an EIP with a DNAT rule. As requests with a specific protocol and port access the EIP, NAT Gateway only forwards requests to the port of the target server through the mapping between the ports. NAT Gateway can also forward requests on the EIP to your servers based on IP address mapping. NAT Gateway allows multiple servers to share an EIP, saving costs on bandwidth.

        A DNAT rule is configured for one server. If there are multiple servers, you can create several DNAT rules to make the servers share one or more EIPs.

        -

        Figure 2 shows how servers in a VPC use DNAT to provide services accessible from the Internet. The servers shown in the following figure can be an ECS or BMS.

        +

        Figure 2 shows how servers in a VPC use DNAT to provide services accessible from the Internet. Servers in the following figure can be an ECS or a BMS.

        Figure 2 Using DNAT to allow servers to provide services accessible from the Internet

        Using SNAT or DNAT to Communicate with the Internet at a High Speed

        If a large number of servers in a private cloud or those connect to a VPC through Direct Connect or VPN need secure, high-speed Internet access or need to provide services accessible from the Internet, SNAT and DNAT provide this access. Typical scenarios include Internet, games, e-commerce, and finance across clouds.

        diff --git a/docs/natgw/umn/nat_pro_0003.html b/docs/natgw/umn/nat_pro_0003.html new file mode 100644 index 00000000..43df2cb2 --- /dev/null +++ b/docs/natgw/umn/nat_pro_0003.html @@ -0,0 +1,45 @@ + + +

        Using NAT Gateway with Other Services

        +

        + +
        + + + + + + + + + + + + + + + + + +
        Table 1 Related services

        Interaction

        +

        Cloud Service

        +

        Reference

        +

        Local servers that need to communicate with the Internet using a NAT gateway can connect to a VPC using Direct Connect.

        +

        Direct Connect

        +

        Using SNAT and DNAT Rules to Allow On-premises Servers to Communicate Over the Internet

        +

        Local servers that need to communicate with the Internet using a NAT gateway can connect to a VPC through a VPN connection.

        +

        Virtual Private Network (VPN)

        +

        Using SNAT and DNAT Rules to Allow On-premises Servers to Communicate Over the Internet

        +

        Cloud servers can communicate with the Internet through NAT gateways.

        +

        Elastic Cloud Server (ECS), Bare Metal Server (BMS)

        +

        Using SNAT to Access the Internet

        +

        Using DNAT to Provide Services Accessible from the Internet

        +
        +
        +
        +
        +
        +
        Parent topic: Overview
        +
        +
        + diff --git a/docs/natgw/umn/nat_pro_0004.html b/docs/natgw/umn/nat_pro_0004.html index 2e667e1d..116fe824 100644 --- a/docs/natgw/umn/nat_pro_0004.html +++ b/docs/natgw/umn/nat_pro_0004.html @@ -1,13 +1,14 @@

        Basic Concepts

        -

        EIP

        An EIP can be directly accessed over the Internet. A private IP address is an IP address on a local area network (LAN) and cannot be routed through the Internet.

        -

        An EIP is a static, public IP address. You can bind an EIP to an ECS in your subnet to enable the ECS in your VPC to communicate with the Internet through a fixed public IP address.

        -

        Each EIP can be used by only one ECS at a time.

        +

        EIP

        EIP is a static, public IP address.

        +

        An EIP can be directly accessed over the Internet. A private IP address is an IP address on a local area network (LAN) and cannot be routed through the Internet.

        +

        You can bind an EIP to an ECS in your subnet so that the ECS will be able to communicate with the Internet through a fixed public IP address.

        +

        Each EIP can be used by only one ECS at a time. If you want multiple ECSs in the same VPC to share an EIP, you have to use a NAT gateway. For more information, see the NAT Gateway User Guide.

        -

        SNAT Connections

        An SNAT connection consists of the source IP address, source port, destination IP address, destination port, and transmission-layer protocol. The source IP address refers to the EIP, and the source port refers to the EIP port. They will be used to access the destination IP address and port of the Internet. These five elements identify a connection as a unique session.

        +

        SNAT Connections

        An SNAT connection consists of the source IP address, source port, destination IP address, destination port, and a transport-layer protocol. The source IP address is the EIP, and the source port is the EIP port. An SNAT connection uniquely identifies a session.

        -

        DNAT Connections

        A DNAT connection enables servers in a VPC to share an EIP to provide services accessible from the Internet through IP address or port mapping.

        +

        DNAT Connections

        A DNAT connection enables servers in a VPC to share an EIP to provide services accessible from the Internet.

        diff --git a/docs/natgw/umn/nat_qs_0000.html b/docs/natgw/umn/nat_qs_0000.html index ad0e6ee0..ba9a6722 100644 --- a/docs/natgw/umn/nat_qs_0000.html +++ b/docs/natgw/umn/nat_qs_0000.html @@ -8,7 +8,7 @@
      18. Using DNAT to Provide Services Accessible from the Internet
        19. -
      19. Using SNAT and DNAT Rules to Allow On-premises Servers to Communicate Over the Internet
        +
      20. Allowing On-Premises Servers to Communicate with the Internet
        21. diff --git a/docs/natgw/umn/nat_qs_0001.html b/docs/natgw/umn/nat_qs_0001.html index 1c75fe70..016d2e9c 100644 --- a/docs/natgw/umn/nat_qs_0001.html +++ b/docs/natgw/umn/nat_qs_0001.html @@ -8,7 +8,7 @@
      21. Step 1: Assign an EIP
        22. -
      22. Step 2: Create a NAT Gateway
        +
      23. Step 2: Create a Public NAT Gateway
      24. Step 3: Add an SNAT Rule
        25. diff --git a/docs/natgw/umn/nat_qs_0002.html b/docs/natgw/umn/nat_qs_0002.html index ac099fb4..48048e2f 100644 --- a/docs/natgw/umn/nat_qs_0002.html +++ b/docs/natgw/umn/nat_qs_0002.html @@ -1,9 +1,9 @@ -

        Step 1: Assign an EIP

        -

        Scenarios

        Assign an EIP and enable your servers in a VPC to access the Internet through a NAT gateway by sharing the EIP.

        +

        Step 1: Assign an EIP

        +

        Scenarios

        Assign an EIP and enable your servers in a VPC to access the Internet through a NAT gateway by sharing the EIP.

        -

        Procedure

        For details, see the Elastic IP User Guide. After you assign an EIP, you do not need to bind it to a server here.

        +

        Procedure

        For details, see Assigning an EIP. After obtaining the EIP, you do not need to bind it to a server.

        diff --git a/docs/natgw/umn/nat_qs_0003.html b/docs/natgw/umn/nat_qs_0003.html index 02c98089..8bfdd6a5 100644 --- a/docs/natgw/umn/nat_qs_0003.html +++ b/docs/natgw/umn/nat_qs_0003.html @@ -1,31 +1,34 @@ -

        Step 2: Create a NAT Gateway

        -

        Scenarios

        This section guides you on how to create a NAT gateway to enable your servers to access the Internet or to provide services available from the Internet.

        +

        Step 2: Create a Public NAT Gateway

        +

        Scenarios

        This section guides you on how to create a public NAT gateway to enable your servers to access the Internet or to provide services available from the Internet.

        -

        Prerequisites

        • When creating a NAT gateway, you must specify its VPC, subnet, and type.
        • Ensure that the VPC does not have the default route.
        +

        Prerequisites

        • When creating a public NAT gateway, you must specify its VPC and subnet.
        • To allow traffic to pass through the public NAT gateway, a route to the public NAT gateway in the VPC is required. When you buy a public NAT gateway, a default route 0.0.0.0/0 to the public NAT gateway is automatically added to the default route table of the VPC. If the default route 0.0.0.0/0 already exists in the default route table of the VPC before you buy the public NAT gateway, the default route that points to the public NAT gateway will fail to be added automatically. In this case, perform the following operations after the public NAT gateway is successfully created: Manually add a different route that points to the gateway or create a default route 0.0.0.0/0 pointing to the gateway in the new routing table.
        -

        Procedure

        1. Log in to the management console.
        2. Click in the upper left corner and select the desired region and project.
        3. Under Network, choose NAT Gateway.
        4. On the displayed page, click Create NAT Gateway.
        5. Configure the parameters as prompted. For details, see Table 1. -
          Table 1 Parameter descriptions

          Parameter

          +

          Procedure

          1. Log in to the management console.
          2. Click in the upper left corner and select the desired region and project.
          3. Under Network, select NAT Gateway.
          4. On the displayed page, click Create Public NAT Gateway.
            Figure 1 Create NAT Gateway
            +
          5. Configure the parameters as prompted. For details, see Table 1. +
            - - - - - - @@ -81,7 +82,7 @@
          6. In the NAT gateway list, view the NAT gateway status. For details about the NAT gateway status, see Table 3.
            7. Table 1 Parameter descriptions of a public NAT gateway

            Parameter

            Description

            Region

            +

            Region

            The region where the NAT gateway is located.

            Name

            The name of the NAT gateway. The name can include up to 64 characters and can include digits, letters, underscores (_), and hyphens (-).

            +

            The name of the NAT gateway. The name can contain a maximum of 64 characters and only digits, letters, underscores (_), and hyphens (-) are allowed.

            VPC

            The VPC that the NAT gateway belongs to. Select a VPC which is not used by any other NAT gateways and has no default route.

            You can change the VPC only when you are creating the NAT gateway. After the NAT gateway is created, you cannot modify the VPC.

            +
            NOTE:

            To allow traffic to pass through the public NAT gateway, a route to the public NAT gateway in the VPC is required. When you buy a public NAT gateway, a default route 0.0.0.0/0 to the public NAT gateway is automatically added to the default route table of the VPC. If the default route 0.0.0.0/0 already exists in the default route table of the VPC before you buy the public NAT gateway, the default route that points to the public NAT gateway will fail to be added automatically. In this case, perform the following operations after the public NAT gateway is successfully created: Manually add a different route that points to the gateway or create a default route 0.0.0.0/0 pointing to the gateway in the new routing table.

            +

            Subnet

            @@ -35,10 +38,10 @@

            You can change the subnet only when you are creating the NAT gateway. After the NAT gateway is created, you cannot change the subnet.

            Type

            +

            Specifications

            The type of the NAT gateway.

            -

            The value can be Small, Medium, Large, and Extra-large. You can click Learn more on the page to view details about each type.

            +

            The specifications of the NAT gateway.

            +

            The option can be Small, Medium, Large, and Extra-large. You can click Learn more on the page to view details about each specifications.

            Description

            @@ -64,14 +67,12 @@

            Key

            • Cannot be left blank.
            • Must be unique for each NAT gateway.
            • Contains a maximum of 36 characters.
            • Can contain only the following character types:
              • Letter
              • Digits
              • Special characters, including hyphens (-) and underscores (_)
              -
            +
            • Cannot be left blank.
            • Must be unique for each NAT gateway.
            • Contains a maximum of 36 characters.
            • Contains only letters, digits, hyphens (-), underscores (_), and at signs (@).

            Value

            • Can contain a maximum of 43 characters.
            • Can contain only the following character types:
              • Letter
              • Digits
              • Special characters, including hyphens (-) and underscores (_)
              -
            +
            • Can contain a maximum of 43 characters.
            • Contains only letters, digits, hyphens (-), underscores (_), and at signs (@).
            - @@ -118,8 +119,16 @@
            Table 3 NAT gateway status

            Status

            Description

            +

            Description
            +

            After the public NAT gateway is created, check whether a default route (0.0.0.0/0) that points to the public NAT gateway exists in the default route table of the VPC where the public NAT gateway is. If no, add a route pointing to the public NAT gateway to the default route table, alternatively, create a custom route table and add the default route 0.0.0.0/0 pointing to the public NAT gateway to the table. The following describes how to add a route to a custom route table.

          +

          Adding a Default Route Pointing to the Public NAT Gateway

          1. Log in to the management console.
          2. Click in the upper left corner and select the desired region and project.
          3. Under Network, select Virtual Private Cloud.
          4. In the navigation pane on the left, choose Route Tables.
          5. On the Route Tables page, click Create Route Table in the upper right corner.

            VPC: Select the VPC to which the public NAT gateway belongs.

            +
          6. After the custom route table is created, click its name.

            The Summary page is displayed.

            +
          7. Click Add Route and configure parameters as follows:

            Destination: Set it to 0.0.0.0/0.

            +

            Next Hop Type: Select NAT gateway.

            +

            Next Hop: Select the created NAT gateway.

            +
          8. Click OK.
          +
          diff --git a/docs/natgw/umn/nat_qs_0004.html b/docs/natgw/umn/nat_qs_0004.html index 59889c70..f5b2be69 100644 --- a/docs/natgw/umn/nat_qs_0004.html +++ b/docs/natgw/umn/nat_qs_0004.html @@ -4,9 +4,9 @@

          Scenarios

          After a NAT gateway is created, add SNAT rules. With an SNAT rule, your servers in a specified subnet can access the Internet by sharing the same EIP.

          Each SNAT rule is configured for one subnet or CIDR block. If there are multiple subnets or CIDR blocks in a VPC, you can create several SNAT rules to allow multiple servers to share EIPs.

          -

          Prerequisites

          A NAT gateway has been created.

          +

          Prerequisites

          A NAT gateway has been created.

          -

          Procedure

          1. Log in to the management console.
          2. Click in the upper left corner and select the desired region and project.
          3. Under Network, choose NAT Gateway.
          4. On the displayed page, click the name of the NAT gateway for which you want to add the SNAT rule.
          5. On the SNAT Rules tab, click Add SNAT Rule.
            Figure 1 Add SNAT Rule
            +

            Procedure

            1. Log in to the management console.
            2. Click in the upper left corner and select the desired region and project.
            3. Under Network, select NAT Gateway.
            4. On the displayed page, click the name of the NAT gateway for which you want to add the SNAT rule.
            5. On the SNAT Rules tab, click Add SNAT Rule.
              Figure 1 Add SNAT Rule
            6. Configure the parameters as prompted. Table 1 describes the parameters.
              @@ -20,32 +20,33 @@ - - - - - - - - - + + + + diff --git a/docs/natgw/umn/nat_qs_0005.html b/docs/natgw/umn/nat_qs_0005.html index a1494127..144745bd 100644 --- a/docs/natgw/umn/nat_qs_0005.html +++ b/docs/natgw/umn/nat_qs_0005.html @@ -1,11 +1,13 @@

              Step 4: Verify the Result

              -

              Scenarios

              After you add an SNAT rule to a NAT gateway, you can verify that the SNAT rule has been added successfully.

              +

              Scenarios

              +

              After adding an SNAT rule, you can perform the following steps to verify the connection:

              +
              1. Verify that the SNAT rule has been added for the public NAT gateway.
              2. Verify that servers that have no EIPs bound can access the Internet through the NAT gateway.

              Prerequisites

              An SNAT rule has been added.

              -

              Procedure

              1. Log in to the management console.
              2. Click in the upper left corner and select the desired region and project.
              3. Under Network, click NAT Gateway.
              4. On the displayed page, click the name of the target NAT gateway.
              5. In the SNAT rule list, you can view details about the SNAT rule. If Status is Running, the SNAT rule has been added successfully.
              +

              Procedure

              1. Log in to the management console.
              2. Click in the upper left corner and select the desired region and project.
              3. Under Network, select NAT Gateway.
              4. On the displayed page, click the name of the target NAT gateway.
              5. In the SNAT rule list, you can view details about the SNAT rule. If Status is Running, the SNAT rule has been added successfully.
              diff --git a/docs/natgw/umn/nat_qs_0006.html b/docs/natgw/umn/nat_qs_0006.html index 424673f7..4cb368b6 100644 --- a/docs/natgw/umn/nat_qs_0006.html +++ b/docs/natgw/umn/nat_qs_0006.html @@ -8,7 +8,7 @@
            7. Step 1: Assign an EIP
              8. -
            8. Step 2: Create a NAT Gateway
              +
            9. Step 2: Create a Public NAT Gateway
            10. Step 3: Add a DNAT Rule
              11. diff --git a/docs/natgw/umn/nat_qs_0007.html b/docs/natgw/umn/nat_qs_0007.html index e56c3ebe..ce05b2ad 100644 --- a/docs/natgw/umn/nat_qs_0007.html +++ b/docs/natgw/umn/nat_qs_0007.html @@ -1,7 +1,7 @@ -

              Overview

              -

              When one or more servers (ECSs and BMSs) in a VPC are required to provide services accessible from the Internet, you can add DNAT rules. Figure 1 illustrates the process.

              +

              Overview

              +

              When one or more servers (ECSs and BMSs) in a VPC are required to provide services accessible from the Internet, you can add DNAT rules. Figure 1 illustrates the process.

              Figure 1 Flowchart

              diff --git a/docs/natgw/umn/nat_qs_0008.html b/docs/natgw/umn/nat_qs_0008.html index b37e43bb..18f43e98 100644 --- a/docs/natgw/umn/nat_qs_0008.html +++ b/docs/natgw/umn/nat_qs_0008.html @@ -3,7 +3,7 @@

              Step 1: Assign an EIP

              Scenarios

              Assign an EIP and enable servers in a VPC to provide services accessible from the Internet using a NAT gateway by sharing the EIP.

              -

              Procedure

              For details, see the Elastic IP User Guide. After you assign an EIP, you do not need to bind it to a server here.

              +

              Procedure

              For details, see Assigning an EIP. After obtaining the EIP, you do not need to bind it to a server.

              diff --git a/docs/natgw/umn/nat_qs_0009.html b/docs/natgw/umn/nat_qs_0009.html index 971ae2a5..cd2d6b40 100644 --- a/docs/natgw/umn/nat_qs_0009.html +++ b/docs/natgw/umn/nat_qs_0009.html @@ -1,31 +1,34 @@ -

              Step 2: Create a NAT Gateway

              -

              Scenarios

              This section guides you on how to create a NAT gateway to enable your servers to access the Internet or to provide services available from the Internet.

              +

              Step 2: Create a Public NAT Gateway

              +

              Scenarios

              This section guides you on how to create a public NAT gateway to enable your servers to access the Internet or to provide services available from the Internet.

              -

              Prerequisites

              • When creating a NAT gateway, you must specify its VPC, subnet, and type.
              • Ensure that the VPC does not have the default route.
              +

              Prerequisites

              • When creating a public NAT gateway, you must specify its VPC and subnet.
              • To allow traffic to pass through the public NAT gateway, a route to the public NAT gateway in the VPC is required. When you buy a public NAT gateway, a default route 0.0.0.0/0 to the public NAT gateway is automatically added to the default route table of the VPC. If the default route 0.0.0.0/0 already exists in the default route table of the VPC before you buy the public NAT gateway, the default route that points to the public NAT gateway will fail to be added automatically. In this case, perform the following operations after the public NAT gateway is successfully created: Manually add a different route that points to the gateway or create a default route 0.0.0.0/0 pointing to the gateway in the new routing table.
              -

              Procedure

              1. Log in to the management console.
              2. Click in the upper left corner and select the desired region and project.
              3. Under Network, choose NAT Gateway.
              4. On the displayed page, click Create NAT Gateway.
              5. Configure the parameters as prompted. For details, see Table 1. -
              Table 1 Parameter descriptions

              Parameter

              N/A

              Select VPC if your servers in a VPC will use the SNAT rule to access the Internet.

              -

              Different servers in a VPC can share the same EIP to access the Internet.

              +

              The scenarios where the SNAT rule is used.

              +

              Select VPC if your servers in a VPC need to access the Internet.

              +

              Select Direct Connect if the servers that are connected to a VPC through Direct Connect in your data center need to access the Internet.

              Type

              +

              CIDR Block

              This parameter is available only when you select VPC for Scenario.

              +
              • Configure this parameter when you select VPC for Scenario and Custom for CIDR Block.
              • This parameter is available only when you select VPC for Scenario and Custom for CIDR Block.
              • Configure this parameter when you select VPC for Scenario.
              +

              You can set it to Subnet or Custom based on service requirements.

              -

              Select Subnet if all servers in a VPC subnet need to access the Internet through the SNAT rule.

              -

              Select Custom if only specific servers in a VPC subnet need to access the Internet through the SNAT rule.

              +
              • In a VPC scenario with CIDR Block as Custom, specify an IPv4 CIDR block, which must be a subset of the VPC subnets.
              • In a VPC scenario with CIDR Block as Existing, specify a VPC subnet in which servers can access the Internet through the SNAT rule.
              • In a Direct Connect scenario, specify a CIDR block of your data center to enable your on-premises servers to access the Internet through the SNAT rule.

              Subnet

              -

              This parameter is available only when you select VPC for Scenario, and Subnet for Type.

              -

              The subnet in which servers can access the Internet through the SNAT rule.

              -

              EIP

              +

              EIP

              N/A

              The EIP used for accessing the Internet.

              You can select an EIP that either is not bound to any resource, has been bound to a DNAT rule with Port Type set to Specific port of the current NAT gateway, or has been bound to an SNAT rule of the current NAT gateway.

              +

              You can select multiple EIPs at once. Up to 20 EIPs can be selected for each SNAT rule. If you have selected multiple EIPs for an SNAT rule, one EIP will be chosen randomly.

              +

              Description

              +

              N/A

              +

              Supplementary information about the SNAT rule. The description can contain up to 255 characters.
              Table 1 Parameter descriptions

              Parameter

              +

              Procedure

              1. Log in to the management console.
              2. Click in the upper left corner and select the desired region and project.
              3. Under Network, select NAT Gateway.
              4. On the displayed page, click Create Public NAT Gateway.
                Figure 1 Create NAT Gateway
                +
              5. Configure the parameters as prompted. For details, see Table 1. +
                - - - - - - @@ -81,7 +82,7 @@
              6. In the NAT gateway list, view the NAT gateway status. For details about the NAT gateway status, see Table 3.
                7. Table 1 Parameter descriptions of a public NAT gateway

                Parameter

                Description

                Region

                +

                Region

                The region where the NAT gateway is located.

                Name

                The name of the NAT gateway. The name can include up to 64 characters and can include digits, letters, underscores (_), and hyphens (-).

                +

                The name of the NAT gateway. The name can contain a maximum of 64 characters and only digits, letters, underscores (_), and hyphens (-) are allowed.

                VPC

                The VPC that the NAT gateway belongs to. Select a VPC which is not used by any other NAT gateways and has no default route.

                You can change the VPC only when you are creating the NAT gateway. After the NAT gateway is created, you cannot modify the VPC.

                +
                NOTE:

                To allow traffic to pass through the public NAT gateway, a route to the public NAT gateway in the VPC is required. When you buy a public NAT gateway, a default route 0.0.0.0/0 to the public NAT gateway is automatically added to the default route table of the VPC. If the default route 0.0.0.0/0 already exists in the default route table of the VPC before you buy the public NAT gateway, the default route that points to the public NAT gateway will fail to be added automatically. In this case, perform the following operations after the public NAT gateway is successfully created: Manually add a different route that points to the gateway or create a default route 0.0.0.0/0 pointing to the gateway in the new routing table.

                +

                Subnet

                @@ -35,10 +38,10 @@

                You can change the subnet only when you are creating the NAT gateway. After the NAT gateway is created, you cannot change the subnet.

                Type

                +

                Specifications

                The type of the NAT gateway.

                -

                The value can be Small, Medium, Large, and Extra-large. You can click Learn more on the page to view details about each type.

                +

                The specifications of the NAT gateway.

                +

                The option can be Small, Medium, Large, and Extra-large. You can click Learn more on the page to view details about each specifications.

                Description

                @@ -64,14 +67,12 @@

                Key

                • Cannot be left blank.
                • Must be unique for each NAT gateway.
                • Contains a maximum of 36 characters.
                • Can contain only the following character types:
                  • Letter
                  • Digits
                  • Special characters, including hyphens (-) and underscores (_)
                  -
                +
                • Cannot be left blank.
                • Must be unique for each NAT gateway.
                • Contains a maximum of 36 characters.
                • Contains only letters, digits, hyphens (-), underscores (_), and at signs (@).

                Value

                • Can contain a maximum of 43 characters.
                • Can contain only the following character types:
                  • Letter
                  • Digits
                  • Special characters, including hyphens (-) and underscores (_)
                  -
                +
                • Can contain a maximum of 43 characters.
                • Contains only letters, digits, hyphens (-), underscores (_), and at signs (@).
                - @@ -118,8 +119,16 @@
                Table 3 NAT gateway status

                Status

                Description

                +

                Description
                +

                After the public NAT gateway is created, check whether a default route (0.0.0.0/0) that points to the public NAT gateway exists in the default route table of the VPC where the public NAT gateway is. If no, add a route pointing to the public NAT gateway to the default route table, alternatively, create a custom route table and add the default route 0.0.0.0/0 pointing to the public NAT gateway to the table. The following describes how to add a route to a custom route table.

              +

              Adding a Default Route Pointing to the Public NAT Gateway

              1. Log in to the management console.
              2. Click in the upper left corner and select the desired region and project.
              3. Under Network, select Virtual Private Cloud.
              4. In the navigation pane on the left, choose Route Tables.
              5. On the Route Tables page, click Create Route Table in the upper right corner.

                VPC: Select the VPC to which the public NAT gateway belongs.

                +
              6. After the custom route table is created, click its name.

                The Summary page is displayed.

                +
              7. Click Add Route and configure parameters as follows:

                Destination: Set it to 0.0.0.0/0.

                +

                Next Hop Type: Select NAT gateway.

                +

                Next Hop: Select the created NAT gateway.

                +
              8. Click OK.
              +
              diff --git a/docs/natgw/umn/nat_qs_0010.html b/docs/natgw/umn/nat_qs_0010.html index 45131e4e..eeb4b4df 100644 --- a/docs/natgw/umn/nat_qs_0010.html +++ b/docs/natgw/umn/nat_qs_0010.html @@ -6,7 +6,7 @@

              Prerequisites

              A NAT gateway has been created.

              -

              Procedure

              1. Log in to the management console.
              2. Click in the upper left corner and select the desired region and project.
              3. Under Network, choose NAT Gateway.
              4. On the displayed page, click the name of the NAT gateway for which you want to add the DNAT rule.
              5. On the NAT gateway details page, click the DNAT Rules tab.
              6. Click Add DNAT Rule.
                Figure 1 Add DNAT Rule
                +

                Procedure

                1. Log in to the management console.
                2. Click in the upper left corner and select the desired region and project.
                3. Under Network, select NAT Gateway.
                4. On the displayed page, click the name of the NAT gateway for which you want to add the DNAT rule.
                5. On the NAT gateway details page, click the DNAT Rules tab.
                6. Click Add DNAT Rule.
                  Figure 1 Add DNAT Rule

                7. Configure the parameters as prompted. For details, see Table 1.
                  - - @@ -49,12 +49,28 @@ + + + + + + - + + +
                  Table 1 Parameter descriptions

                  Parameter

                  @@ -32,7 +32,7 @@

                  The protocol can be TCP or UDP. This parameter is available if you select Specific port for Port Type. If you select All ports, the value of this parameter will be All by default.

                  EIP

                  +

                  EIP

                  The EIP that will be used by the server to provide services accessible from the Internet.

                  You can select an EIP that either is not bound to any resource, has been bound to a DNAT rule with Port Type set to Specific port of the current NAT gateway, or has been bound to an SNAT rule of the current NAT gateway.

                  @@ -40,7 +40,7 @@

                  Outside Port

                  The port of the EIP. This parameter is available if you select Specific port for Port Type. The value ranges from 1 to 65535.

                  +

                  The port of the EIP. This parameter is available if you select Specific port for Port Type. The value ranges from 1 to 65535.

                  You can enter a single port number, for example, 80.

                  The private IP address of the server that provides services accessible from the Internet through the DNAT rule.

                  Instance Type

                  +

                  The type of the instance that will be providing services accessible from on-premises data centers or remote VPCs. Possible values are:

                  +
                  • Server
                  • Virtual IP address
                  • Custom
                  +

                  NIC

                  +

                  The NIC of the server. This parameter is available when you set Instance Type to Server.

                  +

                  Inside Port

                  The port of the server that provides services accessible from the Internet through the DNAT rule. This parameter is available if you select Specific port for Port Type. The value ranges from 1 to 65535.

                  +

                  The port of the server that provides services accessible from the Internet through the DNAT rule. This parameter is available if you select Specific port for Port Type. The value ranges from 1 to 65535.

                  You can enter a single port number, for example, 80.

                  Description

                  +

                  Supplementary information about the DNAT rule. The description can contain up to 255 characters.

                  +
                  diff --git a/docs/natgw/umn/nat_qs_0011.html b/docs/natgw/umn/nat_qs_0011.html index 703aff5d..4bde988d 100644 --- a/docs/natgw/umn/nat_qs_0011.html +++ b/docs/natgw/umn/nat_qs_0011.html @@ -1,11 +1,16 @@

                  Step 4: Verify the Result

                  -

                  Scenarios

                  After you add a DNAT rule to a NAT gateway, you can verify that the DNAT rule has been added successfully.

                  +

                  Scenarios

                  +

                  After adding a DNAT rule, you can perform the following steps to verify the connection:

                  +
                  1. Verify that the DNAT rule has been added for the public NAT gateway.
                  2. Check whether ECS 01 in the private network can be accessed by ECS 02 from the Internet through the NAT gateway (EIP 120.46.131.153 bound to the DNAT rule).

                  Prerequisites

                  A DNAT rule has been added.

                  -

                  Procedure

                  1. Log in to the management console.
                  2. Click in the upper left corner and select the desired region and project.
                  3. Under Network, click NAT Gateway.
                  4. On the displayed page, click the name of the target NAT gateway.
                  5. In the DNAT rule list, you can view details about the DNAT rule. If Status is Running, the DNAT rule has been added successfully.
                  +

                  Procedure

                  1. Log in to the management console.
                  2. Click in the upper left corner and select the desired region and project.
                  3. Under Network, select NAT Gateway.
                  4. On the displayed page, click the name of the target NAT gateway.
                  5. In the DNAT rule list, you can view details about the DNAT rule. If Status is Running, the DNAT rule has been added successfully.
                  +
                  +

                  Verifying that Servers in a VPC Can Be Accessed from the Internet Through the NAT Gateway

                  1. Log in to the management console.
                  2. Click in the upper left corner and select the desired region and project.
                  3. Hover on in the upper left corner to display Service List and choose Computing > Elastic Cloud Server.
                  4. Log in to ECS 02 with an EIP bound.
                  5. On ECS 02, ping the EIP (120.46.131.153) to check whether ECS 01 on the private network can be accessed by ECS 02 on the public network through the NAT gateway.

                    +

                  diff --git a/docs/natgw/umn/nat_qs_0012.html b/docs/natgw/umn/nat_qs_0012.html index 03337e06..c3ebc00b 100644 --- a/docs/natgw/umn/nat_qs_0012.html +++ b/docs/natgw/umn/nat_qs_0012.html @@ -1,6 +1,6 @@ -

                  Using SNAT and DNAT Rules to Allow On-premises Servers to Communicate Over the Internet

                  +

                  Allowing On-Premises Servers to Communicate with the Internet

                  diff --git a/docs/natgw/umn/nat_qs_0014.html b/docs/natgw/umn/nat_qs_0014.html index fa4223fd..c1e26384 100644 --- a/docs/natgw/umn/nat_qs_0014.html +++ b/docs/natgw/umn/nat_qs_0014.html @@ -3,12 +3,12 @@

                  Step 1: Create a Direct Connect Connection

                  Scenarios

                  Create a Direct Connect connection for connecting a VPC to your data center before enabling your servers in the data center to access the Internet or to provide services accessible from the Internet through NAT gateways.

                  -

                  Procedure

                  For details on how to enable Direct Connect, see the Enabling Direct Connect in the Direct Connect User Guide. If you enable Direct Connect in self-service mode, you are advised to set the VPC CIDR block to 0.0.0.0/0.

                  +

                  Procedure

                  For details on how to enable Direct Connect, see the Enabling Direct Connect in the Direct Connect User Guide. If you enable Direct Connect in self-service mode, you are advised to set the VPC CIDR block to 0.0.0.0/0.

                  diff --git a/docs/natgw/umn/nat_qs_0015.html b/docs/natgw/umn/nat_qs_0015.html index 725d727d..243df786 100644 --- a/docs/natgw/umn/nat_qs_0015.html +++ b/docs/natgw/umn/nat_qs_0015.html @@ -1,14 +1,14 @@

                  Step 2: Assign an EIP

                  -

                  Scenarios

                  You can assign an EIP, which can work together with a NAT gateway to allow servers that are connected to public cloud system using Direct Connect or VPN to access the Internet or to provide services accessible from the Internet.

                  +

                  Scenarios

                  You can assign an EIP, which can work together with a NAT gateway to allow servers that are connected to a public cloud system using Direct Connect or VPN to access the Internet or to provide services accessible from the Internet.

                  -

                  Procedure

                  For details, see the Elastic IP User Guide. After you assign an EIP, you do not need to bind it to a server here.

                  +

                  Procedure

                  For details, see Assigning an EIP. After obtaining the EIP, you do not need to bind it to a server.

                  diff --git a/docs/natgw/umn/nat_qs_0016.html b/docs/natgw/umn/nat_qs_0016.html index 28fd848a..908a7623 100644 --- a/docs/natgw/umn/nat_qs_0016.html +++ b/docs/natgw/umn/nat_qs_0016.html @@ -1,129 +1,138 @@ -

                  Step 3: Create a NAT Gateway

                  -

                  Scenarios

                  This section guides you on how to create a NAT gateway to enable your servers to access the Internet or to provide services available from the Internet.

                  +

                  Step 3: Create a Public NAT Gateway

                  +

                  Scenarios

                  This section guides you on how to create a public NAT gateway to enable your servers to access the Internet or to provide services available from the Internet.

                  -

                  Prerequisites

                  • When creating a NAT gateway, you must specify its VPC, subnet, and type.
                  • Ensure that the VPC does not have the default route.
                  +

                  Prerequisites

                  • When creating a public NAT gateway, you must specify its VPC and subnet.
                  • To allow traffic to pass through the public NAT gateway, a route to the public NAT gateway in the VPC is required. When you buy a public NAT gateway, a default route 0.0.0.0/0 to the public NAT gateway is automatically added to the default route table of the VPC. If the default route 0.0.0.0/0 already exists in the default route table of the VPC before you buy the public NAT gateway, the default route that points to the public NAT gateway will fail to be added automatically. In this case, perform the following operations after the public NAT gateway is successfully created: Manually add a different route that points to the gateway or create a default route 0.0.0.0/0 pointing to the gateway in the new routing table.
                  -

                  Procedure

                  1. Log in to the management console.
                  2. Click in the upper left corner and select the desired region and project.
                  3. Click Service List in the upper left corner. Under Networking, select NAT Gateway.
                  4. On the displayed page, click Create NAT Gateway.
                  5. Configure the parameters as prompted. For details, see Table 1. -
                    Table 1 Parameter descriptions

                    Parameter

                    +

                    Procedure

                    1. Log in to the management console.
                    2. Click in the upper left corner and select the desired region and project.
                    3. Under Network, select NAT Gateway.
                    4. On the displayed page, click Create Public NAT Gateway.
                      Figure 1 Create NAT Gateway
                      +
                    5. Configure the parameters as prompted. For details, see Table 1. +
                      - - - - - - - - - - - - - - -
                      Table 1 Parameter descriptions of a public NAT gateway

                      Parameter

                      Description

                      +

                      Description

                      Region

                      +

                      Region

                      The region where the NAT gateway is located.

                      +

                      The region where the NAT gateway is located.

                      Name

                      +

                      Name

                      The name of the NAT gateway. The name can contain up to 64 characters. Only digits, letters, underscores (_), and hyphens (-) are allowed.

                      +

                      The name of the NAT gateway. The name can contain a maximum of 64 characters and only digits, letters, underscores (_), and hyphens (-) are allowed.

                      VPC

                      +

                      VPC

                      The VPC that the NAT gateway belongs to. Select a VPC which is not used by any other NAT gateways and has no default route.

                      -

                      You can change the VPC only when you are creating the NAT gateway.

                      +

                      The VPC that the NAT gateway belongs to. Select a VPC which is not used by any other NAT gateways and has no default route.

                      +

                      You can change the VPC only when you are creating the NAT gateway. After the NAT gateway is created, you cannot modify the VPC.

                      +
                      NOTE:

                      To allow traffic to pass through the public NAT gateway, a route to the public NAT gateway in the VPC is required. When you buy a public NAT gateway, a default route 0.0.0.0/0 to the public NAT gateway is automatically added to the default route table of the VPC. If the default route 0.0.0.0/0 already exists in the default route table of the VPC before you buy the public NAT gateway, the default route that points to the public NAT gateway will fail to be added automatically. In this case, perform the following operations after the public NAT gateway is successfully created: Manually add a different route that points to the gateway or create a default route 0.0.0.0/0 pointing to the gateway in the new routing table.

                      +

                      Subnet

                      +

                      Subnet

                      The subnet of the VPC that the NAT gateway belongs to.

                      -

                      The subnet must have at least one available IP address.

                      -

                      You can change the subnet only when you are creating the NAT gateway.

                      +

                      The subnet of the VPC that the NAT gateway belongs to.

                      +

                      The subnet must have at least one available IP address.

                      +

                      You can change the subnet only when you are creating the NAT gateway. After the NAT gateway is created, you cannot change the subnet.

                      Type

                      +

                      Specifications

                      The type of the NAT gateway.

                      -

                      The value can be Small, Medium, Large, and Extra-large. You can click Learn more on the page to view details about each type.

                      +

                      The specifications of the NAT gateway.

                      +

                      The option can be Small, Medium, Large, and Extra-large. You can click Learn more on the page to view details about each specifications.

                      Description

                      +

                      Description

                      Supplementary information about the NAT gateway. The description can contain up to 255 characters.

                      +

                      Supplementary information about the NAT gateway. The description can contain up to 255 characters.

                      Tag

                      +

                      Tag

                      The NAT gateway tag, which consists of a key and value pair. You can add a maximum of 20 tags to each NAT gateway.

                      -

                      The tag key and value must meet the requirements listed in Table 2.

                      +

                      The NAT gateway tag, which consists of a key and value pair. You can add a maximum of 20 tags to each NAT gateway.

                      +

                      The tag key and value must meet the requirements listed in Table 2.
                      -
                      Table 2 Tag requirements

                      Parameter

                      +
                      - - - - -
                      Table 2 Tag requirements

                      Parameter

                      Requirement

                      +

                      Requirement

                      Key

                      +

                      Key

                      • Cannot be left blank.
                      • Must be unique for each NAT gateway.
                      • Contains a maximum of 36 characters.
                      • Can contain only the following character types:
                        • Letter
                        • Digits
                        • Special characters, including hyphens (-) and underscores (_)
                        -
                      +
                      • Cannot be left blank.
                      • Must be unique for each NAT gateway.
                      • Contains a maximum of 36 characters.
                      • Contains only letters, digits, hyphens (-), underscores (_), and at signs (@).

                      Value

                      +

                      Value

                      • Can contain a maximum of 43 characters.
                      • Can contain only the following character types:
                        • Letter
                        • Digits
                        • Special characters, including hyphens (-) and underscores (_)
                        -
                      +
                      • Can contain a maximum of 43 characters.
                      • Contains only letters, digits, hyphens (-), underscores (_), and at signs (@).
                      -
                    6. Click Create Now. Confirm the NAT gateway information on the displayed page.
                    7. If you do not need to modify the information, click Submit.

                      It takes 1 to 5 minutes to create a NAT gateway.

                      -
                    8. In the NAT gateway list, view the NAT gateway status. For details about the NAT gateway status, see Table 3. -
                      - - @@ -27,12 +25,12 @@

                      Procedure

                      Search for NAT gateways by tag key and value on the page showing the NAT gateway List.

                      -
                      1. Log in to the management console.
                      2. Click in the upper left corner and select the desired region and project.
                      3. Under Network, click NAT Gateway.
                      4. In the upper right corner of the NAT gateway list, click Search by Tag.
                      5. In the displayed area, enter the tag key and value of the NAT gateway you are looking for. Both the tag key and value must be specified.
                      6. Click + to specify additional tag keys and values.

                        You can add a maximum of ten tags to refine your search results. If you add more than one tag to search for NAT gateways, the tags are automatically joined with AND.

                        +
                        1. Log in to the management console.
                        2. Click in the upper left corner and select the desired region and project.
                        3. Under Network, click NAT Gateway.
                        4. In the upper right corner of the NAT gateway list, click Search by Tag.
                        5. In the displayed area, enter the tag key and value of the NAT gateway you are looking for. Both the tag key and value must be specified.
                        6. Click + to specify additional tag keys and values.

                          You can add a maximum of 20 tags to refine your search results. If you add more than one tag to search for NAT gateways, the tags are automatically joined with AND.

                        7. Click Search.

                          The system displays the NAT gateways you are looking for based on the entered tag keys and values.

                        Add, delete, edit, and view tags on the Tags tab of a NAT gateway.
                        1. Log in to the management console.
                        2. Click in the upper left corner and select the desired region and project.
                        3. Under Network, click NAT Gateway.
                        4. On the displayed page, locate the NAT gateway whose tags are to be managed and click the NAT gateway name. The page showing details about the NAT gateway is displayed.
                        1. Click the Tags tab and perform desired operations on tags.
                          • View a tag.

                            On the Tags tab, you can view details about tags added to the current VPC, including the number of tags and the key and value of each tag.

                          • Add a tag.

                            Click Add Tag in the upper left corner. In the displayed dialog box, enter the key and value of the tag to be added, and click OK.

                            -

                            You can use the predefined tags as prompted to simplify tag adding operations. For details, see the Tag Management Service User Guide.

                            +

                            You can use the predefined tags as prompted to simplify tag adding operations. For more information about predefined tags, see the Tag Management Service User Guide.

                          • Modify a tag.

                            Locate the row that contains the tag to be edited and click Edit in the Operation column. In the Edit Tag dialog box, change the tag value and click OK.

                          • Delete a tag.

                            Locate the row that contains the tag to be deleted and click Delete in the Operation column. In the displayed Delete Tag dialog box, click Yes.

                            diff --git a/docs/natgw/umn/public_sys-resources/icon-arrowdn.gif b/docs/natgw/umn/public_sys-resources/icon-arrowdn.gif index 84eec9be..37942803 100644 Binary files a/docs/natgw/umn/public_sys-resources/icon-arrowdn.gif and b/docs/natgw/umn/public_sys-resources/icon-arrowdn.gif differ diff --git a/docs/natgw/umn/public_sys-resources/icon-arrowrt.gif b/docs/natgw/umn/public_sys-resources/icon-arrowrt.gif index 39583d16..6aaaa11c 100644 Binary files a/docs/natgw/umn/public_sys-resources/icon-arrowrt.gif and b/docs/natgw/umn/public_sys-resources/icon-arrowrt.gif differ
                      Table 3 NAT gateway status

                      Status

                      +
                    9. Click Create Now. Confirm the NAT gateway information on the displayed page.
                    10. If you do not need to modify the information, click Submit.

                      It takes 1 to 5 minutes to create a NAT gateway.

                      +
                    11. In the NAT gateway list, view the NAT gateway status. For details about the NAT gateway status, see Table 3. +
                      - - - - - - - - - - - - -
                      Table 3 NAT gateway status

                      Status

                      Description

                      +

                      Description

                      Running

                      +

                      Running

                      The NAT gateway is running.

                      +

                      The NAT gateway is running.

                      Creating

                      +

                      Creating

                      The NAT gateway is being created.

                      +

                      The NAT gateway is being created.

                      Updating

                      +

                      Updating

                      The NAT gateway is being updated.

                      +

                      The NAT gateway is being updated.

                      Deleting

                      +

                      Deleting

                      The NAT gateway is being deleted.

                      +

                      The NAT gateway is being deleted.

                      Frozen

                      +

                      Frozen

                      The NAT gateway has been frozen.

                      +

                      The NAT gateway has been frozen.

                      Abnormal

                      +

                      Abnormal

                      The NAT gateway is abnormal.

                      +

                      The NAT gateway is abnormal.
                      +

                      After the public NAT gateway is created, check whether a default route (0.0.0.0/0) that points to the public NAT gateway exists in the default route table of the VPC where the public NAT gateway is. If no, add a route pointing to the public NAT gateway to the default route table, alternatively, create a custom route table and add the default route 0.0.0.0/0 pointing to the public NAT gateway to the table. The following describes how to add a route to a custom route table.

                      12. +

                      Adding a Default Route Pointing to the Public NAT Gateway

                      1. Log in to the management console.
                      2. Click in the upper left corner and select the desired region and project.
                      3. Under Network, select Virtual Private Cloud.
                      4. In the navigation pane on the left, choose Route Tables.
                      5. On the Route Tables page, click Create Route Table in the upper right corner.

                        VPC: Select the VPC to which the public NAT gateway belongs.

                        +
                      6. After the custom route table is created, click its name.

                        The Summary page is displayed.

                        +
                      7. Click Add Route and configure parameters as follows:

                        Destination: Set it to 0.0.0.0/0.

                        +

                        Next Hop Type: Select NAT gateway.

                        +

                        Next Hop: Select the created NAT gateway.

                        +
                      8. Click OK.
                      +
                      diff --git a/docs/natgw/umn/nat_qs_0017.html b/docs/natgw/umn/nat_qs_0017.html index 13040400..d6c98af3 100644 --- a/docs/natgw/umn/nat_qs_0017.html +++ b/docs/natgw/umn/nat_qs_0017.html @@ -1,12 +1,12 @@

                      Step 4: Add an SNAT Rule

                      -

                      Scenarios

                      After a NAT gateway is created, you can add SNAT rules for it. With SNAT rules, servers that are connected to a VPC using Direct Connect can access the Internet by sharing an EIP.

                      +

                      Scenarios

                      After a NAT gateway is created, you can add SNAT rules for it. With SNAT rules, servers that are connected to a VPC using Direct Connect can access the Internet by sharing an EIP.

                      An SNAT rule is configured for one CIDR block. If servers that are connected to a VPC using Direct Connect are in multiple CIDR blocks, you can create several SNAT rules to make the servers share one or more EIPs.

                      Prerequisites

                      A NAT gateway has been created.

                      -

                      Procedure

                      1. Log in to the management console.
                      1. Click in the upper left corner and select the desired region and project.
                      2. Under Network, choose NAT Gateway.
                      3. On the displayed page, click the name of the NAT gateway for which you want to add the SNAT rule.
                      4. On the SNAT Rules tab, click Add SNAT Rule.
                        Figure 1 Add SNAT Rule
                        +

                        Procedure

                        1. Log in to the management console.
                        1. Click in the upper left corner and select the desired region and project.
                        2. Under Network, select NAT Gateway.
                        3. On the displayed page, click the name of the NAT gateway for which you want to add the SNAT rule.
                        4. On the SNAT Rules tab, click Add SNAT Rule.
                          Figure 1 Add SNAT Rule
                        5. Configure the parameters as prompted. For details, see Table 1.
                          @@ -25,12 +25,17 @@ - + + +
                          Table 1 Parameter descriptions

                          Parameter

                          On-premises servers whose IP address in this CIDR block can access the Internet through the SNAT rule.

                          EIP

                          +

                          EIP

                          The EIP used for accessing the Internet.

                          You can select an EIP that either is not bound to any resource, has been bound to a DNAT rule with Port Type set to Specific port of the current NAT gateway, or has been bound to an SNAT rule of the current NAT gateway.

                          Description

                          +

                          Supplementary information about the SNAT rule. The description can contain up to 255 characters.

                          +
                          @@ -41,7 +46,7 @@
                        diff --git a/docs/natgw/umn/nat_qs_0018.html b/docs/natgw/umn/nat_qs_0018.html index 1e33df9a..5f412e6b 100644 --- a/docs/natgw/umn/nat_qs_0018.html +++ b/docs/natgw/umn/nat_qs_0018.html @@ -6,7 +6,7 @@

                      Prerequisites

                      A NAT gateway has been created.

                      -

                      Procedure

                      1. Log in to the management console.
                      2. Click in the upper left corner and select the desired region and project.
                      3. Under Network, choose NAT Gateway.
                      4. On the displayed page, click the name of the NAT gateway for which you want to add the DNAT rule.
                      5. On the NAT gateway details page, click the DNAT Rules tab.
                      6. Click Add DNAT Rule.
                        Figure 1 Add DNAT Rule
                        +

                        Procedure

                        1. Log in to the management console.
                        2. Click in the upper left corner and select the desired region and project.
                        3. Under Network, select NAT Gateway.
                        4. On the displayed page, click the name of the NAT gateway for which you want to add the DNAT rule.
                        5. On the NAT gateway details page, click the DNAT Rules tab.
                        6. Click Add DNAT Rule.
                          Figure 1 Add DNAT Rule

                        7. Configure the parameters as prompted. For details, see Table 1.
                          - + + + + + + - + + +
                          Table 1 Parameter descriptions

                          Parameter

                          @@ -32,7 +32,7 @@

                          The protocol can be TCP or UDP. This parameter is available if you select Specific port for Port Type. If you select All ports, the value of this parameter will be All by default.

                          EIP

                          +

                          EIP

                          The EIP that will be used by the server to provide services accessible from the Internet.

                          You can select an EIP that either is not bound to any resource, has been bound to a DNAT rule with Port Type set to Specific port of the current NAT gateway, or has been bound to an SNAT rule of the current NAT gateway.

                          @@ -49,12 +49,28 @@

                          The IP address of the server in the local data center or the user's private IP address. With DNAT, a server using this private IP address in your data center that is connected to a VPC through Direct Connect or VPN can provide services accessible from the Internet.

                          Instance Type

                          +

                          The type of the instance that will be providing services accessible from on-premises data centers or remote VPCs. Possible values are:

                          +
                          • Server
                          • Virtual IP address
                          • Custom
                          +

                          NIC

                          +

                          The NIC of the server. This parameter is available when you set Instance Type to Server.

                          +

                          Inside Port

                          The port of the server that provides services accessible from the Internet through the DNAT rule. This parameter is available if you select Specific port for Port Type. The value ranges from 1 to 65535.

                          +

                          The port of the server that provides services accessible from the Internet through the DNAT rule. This parameter is available if you select Specific port for Port Type. The value ranges from 1 to 65535.

                          You can enter a single port number, for example, 80.

                          Description

                          +

                          Supplementary information about the DNAT rule. The description can contain up to 255 characters.

                          +
                          @@ -63,7 +79,7 @@
                        diff --git a/docs/natgw/umn/nat_snat_0000.html b/docs/natgw/umn/nat_snat_0000.html index c9ac9965..cd272b7b 100644 --- a/docs/natgw/umn/nat_snat_0000.html +++ b/docs/natgw/umn/nat_snat_0000.html @@ -8,6 +8,8 @@
                      7. Viewing an SNAT Rule
                        8. +
                      8. Modifying an SNAT Rule
                        +
                      9. Deleting an SNAT Rule
                        10. diff --git a/docs/natgw/umn/nat_snat_0002.html b/docs/natgw/umn/nat_snat_0002.html new file mode 100644 index 00000000..30465c12 --- /dev/null +++ b/docs/natgw/umn/nat_snat_0002.html @@ -0,0 +1,17 @@ + + +

                        Modifying an SNAT Rule

                        +

                        Scenarios

                        After an SNAT rule is added, you can modify parameters in the SNAT rule as required.

                        +
                        +

                        Prerequisites

                        An SNAT rule has been added for the NAT gateway.

                        +
                        +

                        Procedure

                        1. Log in to the management console.
                        2. Click in the upper left corner and select the desired region and project.
                        3. Under Network, choose NAT Gateway.
                        4. On the displayed page, click the name of the target NAT gateway.
                        5. On the SNAT Rules tab, locate the row that contains the SNAT rule you want to modify.
                        6. Click Modify in the Operation column.
                        7. In the displayed dialog box, modify the required parameters.
                          Figure 1 Modify SNAT Rule
                          +
                        8. Click OK.
                        +
                        +
                        +
                        +
                        +
                        Parent topic: Managing SNAT Rules
                        +
                        +
                        + diff --git a/docs/natgw/umn/nat_snat_0003.html b/docs/natgw/umn/nat_snat_0003.html index a5c8a069..2dff3628 100644 --- a/docs/natgw/umn/nat_snat_0003.html +++ b/docs/natgw/umn/nat_snat_0003.html @@ -5,7 +5,7 @@

                      Prerequisites

                      An SNAT rule has been added for the NAT gateway.

                      -

                      Procedure

                      1. Log in to the management console.
                      2. Click in the upper left corner and select the desired region and project.
                      3. Under Network, choose NAT Gateway.
                      4. On the displayed page, click the name of the target NAT gateway.
                      5. In the SNAT rule list, locate the row that contains the target SNAT rule and click Delete in the Operation column.
                      6. In the displayed dialog box, click Yes.
                      +

                      Procedure

                      1. Log in to the management console.
                      2. Click in the upper left corner and select the desired region and project.
                      3. Under Network, select NAT Gateway.
                      4. On the displayed page, click the name of the target NAT gateway.
                      5. In the SNAT rule list, locate the row that contains the target SNAT rule and click Delete in the Operation column.
                      6. In the displayed dialog box, click Yes.
                      diff --git a/docs/natgw/umn/nat_tag_0000.html b/docs/natgw/umn/nat_tag_0000.html index 4422b9ec..2b28829d 100644 --- a/docs/natgw/umn/nat_tag_0000.html +++ b/docs/natgw/umn/nat_tag_0000.html @@ -11,14 +11,12 @@

                      Key

                      • Cannot be left blank.
                      • Must be unique for each NAT gateway.
                      • Contains a maximum of 36 characters.
                      • Can contain only the following character types:
                        • Letter
                        • Digits
                        • Special characters, including hyphens (-) and underscores (_)
                        -
                      +
                      • Cannot be left blank.
                      • Must be unique for each NAT gateway.
                      • Contains a maximum of 36 characters.
                      • Contains only letters, digits, hyphens (-), underscores (_), and at signs (@).

                      Value

                      • Can contain a maximum of 43 characters.
                      • Can contain only the following character types:
                        • Letter
                        • Digits
                        • Special characters, including hyphens (-) and underscores (_)
                        -
                      +
                      • Can contain a maximum of 43 characters.
                      • Contains only letters, digits, hyphens (-), underscores (_), and at signs (@).