AWS NAT vs AWS IGW vs AWS Router
As per this answer, router and gateway are same devices, in terms of functionality.
In AWS world, we have internet gateway, NAT gateway and router
Are these three not the same?
amazon-web-services amazon-vpc gateway amazon-nat-gateway
New contributor
add a comment |
As per this answer, router and gateway are same devices, in terms of functionality.
In AWS world, we have internet gateway, NAT gateway and router
Are these three not the same?
amazon-web-services amazon-vpc gateway amazon-nat-gateway
New contributor
add a comment |
As per this answer, router and gateway are same devices, in terms of functionality.
In AWS world, we have internet gateway, NAT gateway and router
Are these three not the same?
amazon-web-services amazon-vpc gateway amazon-nat-gateway
New contributor
As per this answer, router and gateway are same devices, in terms of functionality.
In AWS world, we have internet gateway, NAT gateway and router
Are these three not the same?
amazon-web-services amazon-vpc gateway amazon-nat-gateway
amazon-web-services amazon-vpc gateway amazon-nat-gateway
New contributor
New contributor
edited 21 hours ago
I-P-X
1289
1289
New contributor
asked yesterday
user1787812user1787812
1544
1544
New contributor
New contributor
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
No they are not the same.
Internet Gateway
- Routes traffic from instances with Public IPs to the Internet.
- It simply forwards traffic between Public IPs in your VPC and Public IPs in the internet back and forth, mostly unchanged.
- Gateways can sometimes be called routers but AWS doesn't use this term.
NAT Gateway
- Routes traffic from instances with only Private IPs (i.e. without Public IPs) to the Internet.
- It translates the Private source IPs of your instances to the NAT Gateway's Public IP - hence it's called NAT - Network Address Translation.
VPN Gateway
- Routes traffic between Private IPs in your VPC and Private IPs in your data-centre.
- It's not used to access Internet and doesn't change any addresses.
VPC Peering
- Routes traffic between Private IPs of instances in different VPCs
- It's not used to access Internet and doesn't change any addresses.
- Routes traffic between Private IPs of instances in different VPCs
Hosted router appliances
- Routing / firewalling software running on EC2, e.g. Cisco CSR 1000, OpenVPN or similar gateways.
- Used for special purposes, if you need it you probably know what you're doing.
Your link to "router" actually links to Route Tables
Route Table is essentially a list of rules - IP address prefixes and their gateways.- The rules are evaluated from the most specific to the least specific, i.e. the best match is used.
- Default route
0.0.0.0/0
covers all addresses in the whole internet.
- In Public VPC subnets this default route usually points to IGW
- In Private VPC subnets this default route usually points to NAT GW
- In Public VPC subnets this default route usually points to IGW
- More specific routes (e.g.
10.20.30.0/24
) may point to VPN GW or VPC Peering GW or Router appliance.
Hope that answers the question :)
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "2"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
user1787812 is a new contributor. Be nice, and check out our Code of Conduct.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f948018%2faws-nat-vs-aws-igw-vs-aws-router%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
No they are not the same.
Internet Gateway
- Routes traffic from instances with Public IPs to the Internet.
- It simply forwards traffic between Public IPs in your VPC and Public IPs in the internet back and forth, mostly unchanged.
- Gateways can sometimes be called routers but AWS doesn't use this term.
NAT Gateway
- Routes traffic from instances with only Private IPs (i.e. without Public IPs) to the Internet.
- It translates the Private source IPs of your instances to the NAT Gateway's Public IP - hence it's called NAT - Network Address Translation.
VPN Gateway
- Routes traffic between Private IPs in your VPC and Private IPs in your data-centre.
- It's not used to access Internet and doesn't change any addresses.
VPC Peering
- Routes traffic between Private IPs of instances in different VPCs
- It's not used to access Internet and doesn't change any addresses.
- Routes traffic between Private IPs of instances in different VPCs
Hosted router appliances
- Routing / firewalling software running on EC2, e.g. Cisco CSR 1000, OpenVPN or similar gateways.
- Used for special purposes, if you need it you probably know what you're doing.
Your link to "router" actually links to Route Tables
Route Table is essentially a list of rules - IP address prefixes and their gateways.- The rules are evaluated from the most specific to the least specific, i.e. the best match is used.
- Default route
0.0.0.0/0
covers all addresses in the whole internet.
- In Public VPC subnets this default route usually points to IGW
- In Private VPC subnets this default route usually points to NAT GW
- In Public VPC subnets this default route usually points to IGW
- More specific routes (e.g.
10.20.30.0/24
) may point to VPN GW or VPC Peering GW or Router appliance.
Hope that answers the question :)
add a comment |
No they are not the same.
Internet Gateway
- Routes traffic from instances with Public IPs to the Internet.
- It simply forwards traffic between Public IPs in your VPC and Public IPs in the internet back and forth, mostly unchanged.
- Gateways can sometimes be called routers but AWS doesn't use this term.
NAT Gateway
- Routes traffic from instances with only Private IPs (i.e. without Public IPs) to the Internet.
- It translates the Private source IPs of your instances to the NAT Gateway's Public IP - hence it's called NAT - Network Address Translation.
VPN Gateway
- Routes traffic between Private IPs in your VPC and Private IPs in your data-centre.
- It's not used to access Internet and doesn't change any addresses.
VPC Peering
- Routes traffic between Private IPs of instances in different VPCs
- It's not used to access Internet and doesn't change any addresses.
- Routes traffic between Private IPs of instances in different VPCs
Hosted router appliances
- Routing / firewalling software running on EC2, e.g. Cisco CSR 1000, OpenVPN or similar gateways.
- Used for special purposes, if you need it you probably know what you're doing.
Your link to "router" actually links to Route Tables
Route Table is essentially a list of rules - IP address prefixes and their gateways.- The rules are evaluated from the most specific to the least specific, i.e. the best match is used.
- Default route
0.0.0.0/0
covers all addresses in the whole internet.
- In Public VPC subnets this default route usually points to IGW
- In Private VPC subnets this default route usually points to NAT GW
- In Public VPC subnets this default route usually points to IGW
- More specific routes (e.g.
10.20.30.0/24
) may point to VPN GW or VPC Peering GW or Router appliance.
Hope that answers the question :)
add a comment |
No they are not the same.
Internet Gateway
- Routes traffic from instances with Public IPs to the Internet.
- It simply forwards traffic between Public IPs in your VPC and Public IPs in the internet back and forth, mostly unchanged.
- Gateways can sometimes be called routers but AWS doesn't use this term.
NAT Gateway
- Routes traffic from instances with only Private IPs (i.e. without Public IPs) to the Internet.
- It translates the Private source IPs of your instances to the NAT Gateway's Public IP - hence it's called NAT - Network Address Translation.
VPN Gateway
- Routes traffic between Private IPs in your VPC and Private IPs in your data-centre.
- It's not used to access Internet and doesn't change any addresses.
VPC Peering
- Routes traffic between Private IPs of instances in different VPCs
- It's not used to access Internet and doesn't change any addresses.
- Routes traffic between Private IPs of instances in different VPCs
Hosted router appliances
- Routing / firewalling software running on EC2, e.g. Cisco CSR 1000, OpenVPN or similar gateways.
- Used for special purposes, if you need it you probably know what you're doing.
Your link to "router" actually links to Route Tables
Route Table is essentially a list of rules - IP address prefixes and their gateways.- The rules are evaluated from the most specific to the least specific, i.e. the best match is used.
- Default route
0.0.0.0/0
covers all addresses in the whole internet.
- In Public VPC subnets this default route usually points to IGW
- In Private VPC subnets this default route usually points to NAT GW
- In Public VPC subnets this default route usually points to IGW
- More specific routes (e.g.
10.20.30.0/24
) may point to VPN GW or VPC Peering GW or Router appliance.
Hope that answers the question :)
No they are not the same.
Internet Gateway
- Routes traffic from instances with Public IPs to the Internet.
- It simply forwards traffic between Public IPs in your VPC and Public IPs in the internet back and forth, mostly unchanged.
- Gateways can sometimes be called routers but AWS doesn't use this term.
NAT Gateway
- Routes traffic from instances with only Private IPs (i.e. without Public IPs) to the Internet.
- It translates the Private source IPs of your instances to the NAT Gateway's Public IP - hence it's called NAT - Network Address Translation.
VPN Gateway
- Routes traffic between Private IPs in your VPC and Private IPs in your data-centre.
- It's not used to access Internet and doesn't change any addresses.
VPC Peering
- Routes traffic between Private IPs of instances in different VPCs
- It's not used to access Internet and doesn't change any addresses.
- Routes traffic between Private IPs of instances in different VPCs
Hosted router appliances
- Routing / firewalling software running on EC2, e.g. Cisco CSR 1000, OpenVPN or similar gateways.
- Used for special purposes, if you need it you probably know what you're doing.
Your link to "router" actually links to Route Tables
Route Table is essentially a list of rules - IP address prefixes and their gateways.- The rules are evaluated from the most specific to the least specific, i.e. the best match is used.
- Default route
0.0.0.0/0
covers all addresses in the whole internet.
- In Public VPC subnets this default route usually points to IGW
- In Private VPC subnets this default route usually points to NAT GW
- In Public VPC subnets this default route usually points to IGW
- More specific routes (e.g.
10.20.30.0/24
) may point to VPN GW or VPC Peering GW or Router appliance.
Hope that answers the question :)
answered yesterday
MLuMLu
6,53711639
6,53711639
add a comment |
add a comment |
user1787812 is a new contributor. Be nice, and check out our Code of Conduct.
user1787812 is a new contributor. Be nice, and check out our Code of Conduct.
user1787812 is a new contributor. Be nice, and check out our Code of Conduct.
user1787812 is a new contributor. Be nice, and check out our Code of Conduct.
Thanks for contributing an answer to Server Fault!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Some of your past answers have not been well-received, and you're in danger of being blocked from answering.
Please pay close attention to the following guidance:
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f948018%2faws-nat-vs-aws-igw-vs-aws-router%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown