NAT Gateway
- In AWS ec2 instances in private subnet are not connected to internet.
- For outbound/egress internet connectivity (one-direction), we need to use NAT (Network Adress Translations)
- AWS provides to ways of creating NAT
- NAT Instance:
- We create a ec2 instance with special AMI with elastic ip and configure the private route table to forward packets to ec2 instance when it needs to connect to internet
- This is not recommended approach as we have Single Point of Failure.
- NAT Gateway:
- This is NAT as a Service with SLA
- This is chargable
- NAT Instance:
- Practical stuff
- Create a vpc with two public and two private subnets
- Create an ec2 instance in public subnet and one in private subnet
- EC2 instance in public subnet can connect to internet
- EC2 instance in private subnet cannot connect to internet
- Lets create a NAT Gateway in any public subnet with elastic ip
- Now lets add route to private router to forward packets to NAT Gateway
- Now private ec2 instance should be able to connect to internet
- Overview
Exercise
- What will nord vpn do
