NAT Gateway provides the DNAT and SNAT features. NAT gateways are classified into Internet NAT gateways and Virtual Private Cloud (VPC) NAT gateways. Internet NAT gateways provide NAT services for public IP addresses, while VPC NAT gateways provide NAT services for private IP addresses. You can choose Internet NAT gateways or VPC NAT gateways based on your business requirements.
Service type
Internet NAT Gateway: provides NAT services for public IP addresses and supports a throughput capacity of 100 Gbit/s. Cross-zone disaster recovery is supported. For more information, see What is an Internet NAT gateway?
VPC NAT Gateway: allows Elastic Compute Service (ECS) instances in a VPC to communicate with external private networks. For more information, see What is a VPC NAT gateway?
Benefits
Security
The SNAT feature provided by NAT Gateway offers additional security protection: After you enable the SNAT feature, external networks cannot communicate with ECS instances in the VPC unless the ECS instances initiate requests to access external networks. This prevents intrusion and attacks from external networks.
High performance
NAT gateways are distributed gateways that use the software-defined networking (SDN) technology. Each Internet NAT gateway provides a forwarding capacity of 100 Gbit/s, and can serve a large number of Internet applications.
Cost-effectiveness
You can resize a NAT gateway, and change the number and specification of elastic IP addresses (EIPs) that are associated with the NAT gateway. NAT gateways also support the pay-as-you-go billing method. Therefore, you can use NAT gateways to withstand traffic fluctuations. For more information, see Billing overview.
High availability
You can deploy a NAT gateway across zones to implement high availability. If one zone is down, network traffic is distributed to another zone to prevent service interruptions.