[AWS] VPC – NAT Gateway

NAT (Network Address Translation)

NAT remaps source IPs or destination IPs. (It translates private IPs to public IPs and vice versa.)

  • Static NAT
    • A private IP is mapped to a public IP at a 1:1 ratio. (such as Internet Gateway).
  • Dynamic NAT
    • A range of private IPs are dynamically mapped to one or more public IPs (Home router or NAT Gateways).
    • To achieve high availably, create one dynamic NAT per AZ.
Continue reading “[AWS] VPC – NAT Gateway”


Internet Gateway (IGW)

Internet Gateway (IGW) is an entry point to the VPC from the public.

  • IGW provides NAT (Network Address Translation) for instances that have a public IP assigned:
  • Translation between public IP to Private IP
  • Only 1 IGW can be attached to a VPC.
  • The default VPC is already attached to an IGW.
Continue reading “[AWS] VPC – IGW”

[AWS] VPC – Subnets and Routing Tables


  • A subnet is an isolated local network confined in a single AZ.
  • Different application tiers are in different subnets.
  • 5 IPs are reserved for a subnet (ex. /24 network  251 IPs available)
    • 0 (first) – Network, 1 – Router, 2 – DNS, 3 – Future, X (last) – Broadcast
  • Subnets must be associated with a route table.
  • Subnets are by default private unless created in a default VPC.
  • The CIDR block of a subnet cannot overlap the CIDR blocks of other subnets in the same VPC.
Continue reading “[AWS] VPC – Subnets and Routing Tables”