Deze pagina is nog niet beschikbaar in uw eigen taal. We werken er hard aan om meer taalversies toe te voegen. Bedankt voor uw steun.

NAT Gateway
NAT Gateway

    All results for "" in this service

    Compute
    Elastic Cloud Server
    Bare Metal Server
    Auto Scaling
    Image Management Service
    FunctionGraph
    Management & Governance
    Identity and Access Management
    Cloud Eye
    Resource Formation Service
    Simple Message Notification
    Cloud Trace Service
    Application Operations Management
    Tag Management Service
    Log Tank Service
    Config
    Cloud Ecosystem
    KooGallery
    Partner Center
    User Support
    My Account
    Billing Center
    Cost Center
    My Credentials
    Enterprise Management
    Support Plans
    Partner Support Plans
    Professional Services
    Service Tickets
    Customer Operation Capabilities
    Resource Center
    Security & Compliance
    Web Application Firewall
    Data Encryption Workshop
    Database Security Service
    Data Security Center
    Anti-DDoS
    Host Security Service
    Cloud Firewall
    Cloud Bastion Host
    Cloud Certificate Manager
    SecMaster
    Storage
    Object Storage Service
    Elastic Volume Service
    Cloud Backup and Recovery
    Scalable File Service Turbo
    Scalable File Service
    Databases
    Relational Database Service
    Document Database Service
    Data Replication Service
    Distributed Database Middleware
    GeminiDB
    Data Admin Service
    TaurusDB
    Analytics
    MapReduce Service
    Data Lake Insight
    Cloud Search Service
    GaussDB(DWS)
    DataArts Studio
    Others
    System Permissions
    Common FAQs
    Instructions for Associating with a HUAWEI CLOUD Partner
    Message Center
    Developer Services
    CodeArts
    CodeArts Req
    CodeArts Pipeline
    CodeArts Check
    CodeArts Build
    CodeArts Deploy
    CodeArts TestPlan
    CodeArts Artifact
    CodeArts Repo
    Networking
    Virtual Private Cloud
    Elastic IP
    Elastic Load Balance
    NAT Gateway
    Direct Connect
    Virtual Private Network
    VPC Endpoint
    Global Accelerator
    Enterprise Router
    Cloud Connect
    Migration
    Cloud Data Migration
    Server Migration Service
    Object Storage Migration Service
    AI
    ModelArts
    Graph Engine Service
    Business Applications
    Domain Name Service
    Workspace
    Media Services
    Live
    Containers
    Cloud Container Engine
    SoftWare Repository for Container
    Application Service Mesh
    Middleware
    Distributed Cache Service
    API Gateway
    Distributed Message Service for Kafka
    Distributed Message Service for RocketMQ
    Distributed Message Service for RabbitMQ
    EventGrid
    Developer Tools
    API Request Signing Guide
    Koo Command Line Interface
    Terraform
    Content Delivery & Edge Computing
    Content Delivery Network
    Compute
    Elastic Cloud Server
    Bare Metal Server
    Auto Scaling
    Image Management Service
    FunctionGraph
    Networking
    Virtual Private Cloud
    Elastic IP
    Elastic Load Balance
    NAT Gateway
    Direct Connect
    Virtual Private Network
    VPC Endpoint
    Global Accelerator
    Enterprise Router
    Cloud Connect
    Management & Governance
    Identity and Access Management
    Cloud Eye
    Resource Formation Service
    Simple Message Notification
    Cloud Trace Service
    Application Operations Management
    Tag Management Service
    Log Tank Service
    Config
    Migration
    Cloud Data Migration
    Server Migration Service
    Object Storage Migration Service
    Cloud Ecosystem
    KooGallery
    Partner Center
    AI
    ModelArts
    Graph Engine Service
    User Support
    My Account
    Billing Center
    Cost Center
    My Credentials
    Enterprise Management
    Support Plans
    Partner Support Plans
    Professional Services
    Service Tickets
    Customer Operation Capabilities
    Resource Center
    Business Applications
    Domain Name Service
    Workspace
    Security & Compliance
    Web Application Firewall
    Data Encryption Workshop
    Database Security Service
    Data Security Center
    Anti-DDoS
    Host Security Service
    Cloud Firewall
    Cloud Bastion Host
    Cloud Certificate Manager
    SecMaster
    Media Services
    Live
    Storage
    Object Storage Service
    Elastic Volume Service
    Cloud Backup and Recovery
    Scalable File Service Turbo
    Scalable File Service
    Containers
    Cloud Container Engine
    SoftWare Repository for Container
    Application Service Mesh
    Databases
    Relational Database Service
    Document Database Service
    Data Replication Service
    Distributed Database Middleware
    GeminiDB
    Data Admin Service
    TaurusDB
    Middleware
    Distributed Cache Service
    API Gateway
    Distributed Message Service for Kafka
    Distributed Message Service for RocketMQ
    Distributed Message Service for RabbitMQ
    EventGrid
    Analytics
    MapReduce Service
    Data Lake Insight
    Cloud Search Service
    GaussDB(DWS)
    DataArts Studio
    Developer Tools
    API Request Signing Guide
    Koo Command Line Interface
    Terraform
    Others
    System Permissions
    Common FAQs
    Instructions for Associating with a HUAWEI CLOUD Partner
    Message Center
    Content Delivery & Edge Computing
    Content Delivery Network
    Developer Services
    CodeArts
    CodeArts Req
    CodeArts Pipeline
    CodeArts Check
    CodeArts Build
    CodeArts Deploy
    CodeArts TestPlan
    CodeArts Artifact
    CodeArts Repo

      All results for "" in this service

      On this page

      Show all

      Help Center/ NAT Gateway/ Service Overview/ Constraints and Limitations

      Constraints and Limitations

      Updated on 2023-09-12 GMT+08:00
      View PDF

      Public NAT Gateway

      When using a public NAT gateway, note the following:

      • Common restrictions
        • Rules on one public NAT gateway can use the same EIP, but rules on different NAT gateways must use different EIPs.
        • Each VPC can be associated with multiple public NAT gateways.
        • SNAT and DNAT rules can use the same EIP to save resources. However, an SNAT rule cannot share an EIP with a DNAT rule whose Port Type is set to All ports, because the resource in the DNAT rule will preferentially use all ports of the EIP.
        • The public NAT gateway does not translate IP addresses for Enterprise Edition VPN.
        • If both an EIP and a public NAT gateway are configured for a server, data will be forwarded through the EIP.
        • After you perform operations on backend resources, such as changing the specifications of an ECS, the existing NAT gateway rules will become invalid. Delete the rules and create some new rules for the ECS of the new specifications.
        • Private IP addresses used by load balancers cannot be selected when you add DNAT rules on public NAT gateways for Internet communications.
        • Some carriers will block the following ports for security reasons. It is recommended that you do not use the following ports.

          Protocol

          Port

          TCP

          42 135 137 138 139 444 445 593 1025 1068 1434 3127 3128 3129 3130 4444 4789 4790 5554 5800 5900 9996

          UDP

          135~139 1026 1027 1028 1068 1433 1434 4789 4790 5554 9996
        NOTE:
        • The system does not add a default route for a public NAT gateway. You need to add a route pointing to the public NAT gateway to the corresponding route table.
        • Each public NAT gateway has an associated route table. The number of public NAT gateways that can be created in a VPC is determined by the number of route tables for the VPC.
      • SNAT restrictions
        • Only one SNAT rule can be added for each VPC subnet.
        • When you add an SNAT rule in the VPC scenario, the custom CIDR block must be a subset of the NAT gateway's VPC subnets.
        • If an SNAT rule is used in the Direct Connect scenario, the custom CIDR block must be a CIDR block of a Direct Connect connection and cannot overlap with the NAT gateway's VPC subnets.
        • There is no limit on the number of SNAT rules that can be added on a public NAT gateway.
      • DNAT restrictions
        • Only one DNAT rule can be configured for each port on a server. One port can be mapped to only one EIP.
        • A maximum of 200 DNAT rules can be added on a public NAT gateway.

      Private NAT Gateway

      When using a private NAT gateway, note the following:

      • Common restrictions:
        • Manually add routes in a VPC to connect it to a remote private network through a VPC peering connection, Direct Connect, or VPN connection.
        • SNAT and DNAT rules cannot share a transit IP address.
        • The total number of DNAT and SNAT rules that can be added on a private NAT gateway varies with the private NAT gateway specifications.
          • Small: 20 or less
          • Medium: 50 or less
          • Large: 200 or less
          • Extra-large: 500 or less
      • SNAT restrictions
        • Only one SNAT rule can be added for each VPC subnet.
      • DNAT restrictions
        • A DNAT rule with Port Type set to All ports cannot share a transit IP address with a DNAT rule with Port Type set to Specific port.
      Feedback

      Feedback

      Feedback

      0/500

      Selected Content

      Submit selected content with the feedback