Difference Between Internet Gateway and NAT Gateway
Pre-requisite: AWS
In the world of networking, the terms "Internet Gateway" and "NAT Gateway" are commonly used, but they can often be confusing. In this article, we will explain the difference between an Internet Gateway and NAT Gateway. We will define each term and explain how they work, their use cases, and the main differences between them.
Internet Gateway
An Internet Gateway allows resources within a VPC to communicate with the internet. It is a horizontally scaled, redundant, and highly available VPC component that enables bidirectional communication between instances in a VPC and the internet. An Internet Gateway is also known as a virtual router because it routes traffic between your VPC and the internet. An Internet Gateway works by establishing a connection between a VPC and the internet. The VPC must have a public subnet, and the instances within that subnet must have a public IP address to communicate with the internet. An Internet Gateway acts as a bridge between the VPC and the internet, and it is responsible for translating private IP addresses within the VPC to public IP addresses. An Internet Gateway is commonly used when you want resources within a VPC to be accessible from the internet. For example, if you have a web server running within your VPC, you can use an Internet Gateway to make it accessible from the internet.
Steps to Create an Internet Gateway:
Step 1: Open the Amazon VPC console.
Step 2: In the navigation pane, choose "Internet Gateways".
Step 3: Choose "Create Internet Gateway".
Step 4: Enter a name for your Internet Gateway and choose "Create".
NAT Gateway
A NAT Gateway enables instances in a private subnet to connect to the internet or other AWS services but prevents the internet or other AWS services from initiating a connection with those instances. A NAT Gateway works by translating the private IP addresses of instances within a private subnet to public IP addresses. When an instance in a private subnet wants to communicate with the internet, it sends the traffic to the NAT Gateway. The NAT Gateway then translates the private IP address to a public IP address and sends the traffic to the internet.
A NAT Gateway is commonly used when you have resources within a private subnet that require outbound internet access but should not be directly accessible from the internet. For example, if you have a database server running within your VPC, you can use a NAT Gateway to allow it to access the internet for software updates or to retrieve data from an external source.
Steps to Create a NAT Gateway
Step 1: Open the Amazon VPC console.
Step 2: In the navigation pane, choose "NAT Gateways".
Step 3: Choose "Create NAT Gateway".
Step 4: Select the subnet where you want to create the NAT Gateway.
Step 5: Choose an existing Elastic IP address or create a new one.
Step 6: Choose "Create NAT Gateway".
What difference between IGW & NAT Gateway
| Internet Gateway | NAT Gateway |
|---|---|
| Connects a VPC to the internet | Enables outbound traffic from a private subnet to the internet |
| Acts as a virtual router between a VPC and the internet | Translates private IP addresses of instances to public IP addresses |
| Required for resources within a VPC to be accessible from the internet | Used when resources within a private subnet require internet access but should not be directly accessible from the internet |
| Instances within a public subnet must have public IP addresses to communicate with the internet | Instances within a private subnet can have private IP addresses |
| Used for hosting publicly accessible resources like web servers | Used for instances that need to access the internet for updates or data retrieval |
| Traffic is routed directly to the internet | Traffic is routed through the NAT Gateway before going to the internet |
| Can be attached to only one VPC | Can be shared across multiple VPCs |
| Does not modify the source IP address | Replaces the source IP address with its own IP address |
| It is typically used in corporate networks, where it serves as the default gateway for devices in the network. | A NAT gateway is typically used in smaller networks, such as home networks, where it is used to share a single internet connection between multiple devices. |
| Internet Gateway serves as a point of entry and exit for network traffic between a private network and the internet | NAT Gateway is used to translate private IP addresses into public IP addresses and vice versa |
