NAT Route Tables–Multi AZ Deployments– AWS
Simple ROUTEs for a SINGLE NAT Instance
- Configuration – ELB in front of NAT instance.
- NAT instance in it’s own security group (NAT_SG); ELB in it’s own Security Group (ELB_SG)
- Inbound Rules – HTTP/S with a source of ELB_SG
- Outbound Rules – HTTP/S with a Destination of 0.0.0.0/0 (all)
Multi AZ Deployments -and NATS
- Each AZ needs it’s own NAT instance. This allows the NAT to retain the session for returning traffic – and route it back to the same instance that sent the traffic out.
- NAT instances go straight to the IgW – not through the ALB / ELB or any firewall.
For cloud migration projects or cloud consulting on AWS, GCP or Azure, contact Cloud Migration Architect
Leave a Reply