The role of Internet Gateway
Let the resources in the public subnet connect to the Internet, and also let the Internet connect to the resources in the public subnet
The role of NAT Gateway
The NAT gateway is between the private subnet and the Internet gateway, which can map multiple private IPs in the private subnet to one public IP, so that resources in the private subnet can access the Internet
A NAT gateway is a computing resource located in a public subnet at the same level as EC2, and is responsible for private IP and public IP translation and traffic forwarding
EC2 in Availability Zone 1 accesses the Internet through a NAT gateway. And Availability Zone 2 does not have a NAT gateway, so EC2s in that Availability Zone cannot access the Internet
the difference
- The NAT gateway is responsible for allowing the private subnet to access the Internet; the Internet gateway is responsible for allowing the public subnet to access the Internet.
- The connection of the NAT gateway is one-way, the private subnet can access the Internet, but the Internet cannot access the private subnet (unless the access is explicitly allowed, which is beyond the scope of this article); the connection of the Internet gateway is two-way .
- The NAT gateway works in the Availability Zone, and the Internet gateway works in the VPC.
- The NAT gateway runs on a specific physical device, and the bandwidth ranges from 5Gbps to 45Gbps, so there will be additional charges for using the NAT gateway; the Internet gateway is just a logical connection, there is no bandwidth limit, and no charges will be incurred.
Post comment 取消回复