vpruthi/doc-exports
1
0
Fork 0
forked from docs/doc-exports
Code Pull Requests Activity
doc-exports/docs/natgw/umn/nat_pro_0002.html
Qin Ying, Fan 3a9c34b627 NATGW UMN 0930 version 
Reviewed-by: Kucerak, Kristian <kristian.kucerak@t-systems.com>
Co-authored-by: Qin Ying, Fan <fanqinying@huawei.com>
Co-committed-by: Qin Ying, Fan <fanqinying@huawei.com>
2022-10-04 06:59:58 +00:00

3.9 KiB
Raw Permalink Blame History

Application Scenarios

Using SNAT to Access the Internet

If your servers in a VPC require Internet access, you can use SNAT to let the servers share one or more EIPs to access the Internet without exposing their IP addresses. In a VPC, each subnet corresponds to an SNAT rule, and each SNAT rule is configured with an EIP. NAT Gateway provides different types of NAT gateways that support different numbers of connections. You can create multiple SNAT rules to meet your service requirements.

Figure 1 shows how servers in a VPC access the Internet using SNAT.

Figure 1 Using SNAT to access the Internet

Using DNAT to Allow Servers to Provide Services Accessible from the Internet

To allow your servers in a VPC to provide services accessible from the Internet, you can use DNAT.

You can associate an EIP with a DNAT rule. As requests with a specific protocol and port access the EIP, NAT Gateway only forwards requests to the port of the target server through the mapping between the ports. NAT Gateway can also forward requests on the EIP to your servers based on IP address mapping. NAT Gateway allows multiple servers to share an EIP, saving costs on bandwidth.

A DNAT rule is configured for one server. If there are multiple servers, you can create several DNAT rules to make the servers share one or more EIPs.

Figure 2 shows how servers in a VPC use DNAT to provide services accessible from the Internet. The servers shown in the following figure can be an ECS or BMS.

Figure 2 Using DNAT to allow servers to provide services accessible from the Internet

Using SNAT or DNAT to Communicate with the Internet at a High Speed

If a large number of servers in a private cloud or those connect to a VPC through Direct Connect or VPN need secure, high-speed Internet access or need to provide services accessible from the Internet, SNAT and DNAT provide this access. Typical scenarios include Internet, games, e-commerce, and finance across clouds.

Figure 3 shows how to communicate with the Internet at a high speed.

Figure 3 Using SNAT or DNAT to communicate with the Internet at a high speed
Parent topic: Overview