Cutting Networking Costs: Alternatives to NAT Gateway for Budget-Conscious Enterprises
If you have been using NAT gateway with your AWS resources and it is pain-staking for your budget, then I got a good alternative for you.
Step-1: You need to setup 3 instances for the proof of concept.
1.1 — Go to Launch Instance and select a community based AMI for NAT server in AMI catalogue.
1.2 — Now after setting up the NAT server, you need to setup two instances in private and public sub-nets —
1.3 — You have stop the “change of source/destination check” on NAT server
But, why we do that, right?
By default, EC2 instances have source/destination checking enabled, which means that Amazon EC2 checks the IP packets that are sent to and from the instance and verifies that the packets are sent from and to their expected sources and destinations.
However, there are certain scenarios where you may want to disable source/destination checks. For example, if you have a NAT instance that’s routing traffic for instances in a private sub-net, you’ll want to disable source/destination checks for the NAT instance. This is because the NAT instance modifies the source and destination IP addresses of the packets that it routes, and source/destination checking would cause the packets to be dropped.
Make sure that your NAT server is in the public sub-net. And for the info, the public instance we have launched is required to secure shell into private instance and to check the connectivity.
Step 2: Take a look at your private and public sub-nets — And make sure you have your resources deployed in the correct sub-nets.
2.1 — For the sake of this walk-through, I have associated only one sub-net 172.31.80.0/20 to private route table and all others have the public sub-net.
Congratulations! You have successfully setup the NAT Server for your private instance.
