tencent cloud

NAT Gateway

Release Notes and Announcements
Release Notes
Announcements
Product Introduction
Overview
Features
Use Cases
Product Specifications
Relevant Products
Purchase Guide
Public NAT Gateway Billing Overview
Private NAT Gateway Operation Guide
Purchasing in the Console
Overdue Payment and Service Expiration Policies
Getting Started
Public NAT Gateway Operation Guide
Modifying NAT Gateway Configuration
Managing EIPs of NAT Gateway
Routing to NAT Gateway
Managing SNAT Rules
Managing Port Forwarding Rules
Public NAT Usage Limits
NAT Gateway Flow Logs
Binding with Anti-DDoS Pro
Monitoring and Alarms
Deleting NAT Gateway
Adjusting the Priorities of NAT Gateways and EIPs
Private NAT Gateway Operation Guide
Creating and Managing a NAT Gateway
Configuring a Route to Private NAT Gateway
Managing SNAT Rules
Managing DNAT Rules
Cloud Access Management
Practical Tutorial
Enabling Cross-VPC Access to Public Network via Standard NAT Gateway
Enabling Mutual Access between a Specified VPC Subnet and Public Network Resources via Private NAT Gateway
Enabling Secure Mutual Access with Public Network via Public CLB and NAT Gateway
Adjusting the Priorities of NAT Gateways and EIPs
API Documentation
FAQ
Billing
Concepts
Features
Service Level Agreement
Contact Us
Glossary
ドキュメントNAT GatewayPublic NAT Gateway Operation GuidePublic NAT Usage Limits

Public NAT Usage Limits

PDF
フォーカスモード
フォントサイズ
最終更新日: 2024-01-04 21:49:21
This document describes the usage rules and limits of NAT gateways.
Note:
NAT Gateway supports TCP, UDP and ICMP, while ESP and AH for the GRE tunnel and IPSec cannot be used for the NAT Gateway, and ALG technologies are not supported. This is specific to NAT Gateway and irrelevant to service providers. Nevertheless, these supported protocols can mostly meet your application demands.

Use Rules

Note the following when using NAT Gateway:
After a NAT Gateway is deleted, the associated EIPs are disassociated but not released.
A NAT Gateway cannot be associated with security groups. However, you can bind security groups to instances within the VPC subnet to control their inbound and outbound traffic.
The inbound and outbound traffic of the NAT Gateway cannot be directly controlled by the network ACL. Instead, you can use network ACL to control the traffic of the subnet associated with the NAT Gateway.
You cannot use VPC peering connection or VPN connection to route traffic to a NAT Gateway. For example, a NAT Gateway enables traffic from VPC1 to the Internet, and VPC1 establishes a peering connection with VPC2. In this case, all the resources within VPC2 can access VPC1, but cannot access the Internet through the NAT Gateway.

Rule Limits

When an EIP is disassociated from a NAT gateway, the SANT rule is also deleted if the EIP is the only EIP.
If the subnet configured for a SNAT rule does not exist, the SNAT rule is deleted as well.
If the CVM configured for a SNAT rule does not exist, the SNAT rule is also deleted if this is the last CVM; otherwise, the CVM is deleted from the SNAT rule.
Restricted by standard protocols, for the NAT gateways with the same protocol/destination IP/destination port, the number of maximum connections = the number of bound EIPs × 55000. To increase the number of connections, bind new EIPs or adjust the destination IP/port.

Service Quota

The following table lists the restrictions on the supported resources for the NAT Gateway. For limits on other VPC resources, see Quota Limit.
Resource
Limit
Number of NAT Gateways per VPC
3
Number of EIPs per NAT Gateway
10
Maximum forwarding capability per NAT Gateway
5 Gbps
Maximum number of forwarding rules per NAT Gateway
200
Number of SNAT rules per NAT Gateway
200

前の記事へ: Querying Port Forwarding Rule次の記事へ: NAT Gateway Flow Logs

ヘルプとサポート

この記事はお役に立ちましたか?

フィードバック