Diagnose an Internet NAT gateway - NAT Gateway - Alibaba Cloud Documentation Center

Internet NAT Gateway is integrated with Network Intelligence Service (NIS) to provide the instance diagnostics feature. You can use this feature to check the configurations and status of instances and troubleshoot issues based on suggestions provided by NAT. The diagnostics include information about connectivity, configurations, quotas, and fees. You can also view diagnostic records.

Prerequisites

NIS is activated. To use NIS, go to the service activation page and activate the service.
If this is the first time that you perform a diagnostic, the system automatically creates the AliyunServiceRoleForNis service-linked role. For more information, see Service-linked roles.
An Internet NAT gateway is created. For more information, see Create and manage Internet NAT gateways.

Instance diagnostics

You can use the instance diagnostics feature to diagnose an Internet NAT gateway. Virtual Private Cloud (VPC) NAT gateways do not support instance diagnostics.

Log on to the NAT Gateway console.
On the Internet NAT Gateway page, find the Internet NAT gateway that you want to diagnose and click Diagnose in the Diagnose column.
In the Instance Diagnostics panel, view the progress, summary, and details of the diagnostic.
- If an exception is detected, the diagnostic item is displayed in the Instance Diagnostics panel. You can click the diagnostic item to view its details.
- In the Diagnostic Item Details section, select Show All Diagnostic Items. All diagnostic items supported by the Internet NAT gateway are displayed. You can expand the diagnostic items to view its details.
You can also click Go to the NIS console to view diagnostic records in the Instance Diagnostics panel to go to the NIS console and view more information about the diagnostic task.

Diagnostic items and details

The following table describes the diagnostic items supported by Internet NAT gateways.

Category	Diagnostic item and description
Connectivity diagnostics	Packet Dropped Due to Capacity Limit: check whether packets of the NAT gateway are dropped due to capacity limits. SNAT Source Port Allocation: checks whether the SNAT source port of the Internet NAT gateway is allocated.
Configurations	Route Missing: checks whether there are routes that point to the Internet NAT gateway in the VPC. Instance Status: checks the status of the Internet NAT gateway. NAT Configurations: checks whether SNAT entries and DNAT entries are configured on the Internet NAT gateway. EIP Status: checks whether an elastic IP address (EIP) is associated with the Internet NAT Gateway. DNAT and Security Group Configuration: checks whether the security group is matched. DNAT Conflicts: checks whether DNAT entries conflict with backend EIPs. IPv4 Gateway Compatibility: checks whether the IPv4 gateway is compatible with NAT configurations.
Capacity Diagnostics	Rate of NAT Gateway Traffic Processing: checks whether the traffic processing rate on the Internet NAT gateway is normal. Usage of Concurrent Connections of NAT Gateway: checks whether the usage of concurrent connections on the Internet NAT gateway is normal.
Cost Diagnostics	Alerts for Expiration: checks whether the Internet NAT gateway expires in the next 15 days. Alerts for Overdue Payments: checks whether the Internet NAT gateway has overdue payments.