NAT GATEWAY
A NAT gateway is a Network Address Translation (NAT) service in AWS that allows instances in a private subnet to access the internet but prevents inbound traffic from accessing the internal instance.
ADVANTAGES OF NAT-GW
- It enhances security for private networks by keeping internal addressing private from the external network.
- A NAT gateway supports 5 Gbps of bandwidth and automatically scales up to 45 Gbps.
- It is AWS managed service that has higher bandwidth, better availability, and no admin work required.
Conditions for NAT-GW Implementation
a. NAT is created in a specific availability zone using an elastic IP address (EIP). Note that NAT GW does not support inter-AZ. That is , you cannot create instances in different AZs communicating with each other via NAT GW.
b. For a NAT GW to be created, there must be an existing internet gateway attached to the public VPC where you want to create your NAT GW.
c. NAT GW only works within the VPC; separate subnets should be created for private and public subnets within the same VPC.
d. A NAT GW is created inside the public subnet, but the default route is added on the private network using the NAT GW to access the internet.
STEPS TO SET UP NAT GW
a. Create the NAT GW in the public subnet.
b. Add a default route pointing to the NAT-GW on the private subnet.
c. SSH into the public EC2 instance and import key pairs for the private EC2 instance created.
d. Give permission to the private EC2 keypair.
e. SSH from the public instance to the private instance.
f. login Successfully to the private instance and ping any websites on internet
Thanks for your time
Great post