Creating NAT Gateways in AWS

Lab Details

1. This lab walks you through the steps to create a NAT Gateway and allow internet access to an Instance in a private subnet.

2. Duration: 1 hour 30 minutes

3. AWS Region: US East (N. Virginia) us-east-1

Introduction

What is NAT Gateways?

• NAT stands for Network Address Translation.

• A NAT Gateway is a device used to enable instances in a private subnet to connect to the internet or other AWS services.

• It prevents the internet from initiating connections with the instances present in the private subnet.

• It forwards traffic from the instance in the private subnet to the internet or other AWS services, and then sends the response back to the instances.

• Changes the instances IP address with the NAT device's address when the traffic goes to the Internet.

• We have 2 kinds of NAT devices:

• NAT Instance

• NAT Gateway

• NAT Instance uses Amazon Linux AMIs.

• NAT Instance limit depends on your instance type limit for the region.

• NAT Instance does not support IPv6 traffic.

• NAT Gateway usage is charged to the customer on an hourly basis.

• NAT Gateway does not support IPv6 traffic.

• AWS recommends the usage of NAT Gateway, since they provide better availability and bandwidth over NAT Instances.

Task Details

1. Log into AWS Management Console.

2. Create a VPC. Create public and private subnet and attached Internet Gateway to public subnet.

3. Create EC2 instances for each public and private subnet. 

4. SSH and test the internet access from an instance in private subnet.

5. To provide internet access to the Instance in the private subnet, create a NAT Gateway and attach it to the VPC.

6. Attach NAT Gateway to correct route table.

7. Test the internet access from the Instance created inside the private subnet.

Architecture Diagram