Updated on 2024-03-07 GMT+08:00

Creating a Public NAT Gateway

Function

This API is used to create a public NAT gateway.

Calling Method

For details, see Calling APIs.

URI

POST /v2/{project_id}/nat_gateways

Table 1 Path Parameters

Parameter

Mandatory

Type

Description

project_id

Yes

String

Specifies the project ID.

Minimum: 1

Maximum: 36

Request Parameters

Table 2 Request header parameters

Parameter

Mandatory

Type

Description

X-Auth-Token

Yes

String

Specifies the user token. It is a response to the API for obtaining a user token. This API is the only one that does not require authentication. The value of X-Subject-Token in the response header is the token.

Minimum: 1

Maximum: 10240

Table 3 Request body parameters

Parameter

Mandatory

Type

Description

nat_gateway

Yes

CreateNatGatewayOption object

Specifies the request body for creating the public NAT gateway.

Table 4 CreateNatGatewayOption

Parameter

Mandatory

Type

Description

name

Yes

String

Specifies the public NAT gateway name. You can enter up to 64 characters. Only digits, letters, underscores (_), and hyphens (-) are allowed.

Minimum: 1

Maximum: 64

router_id

Yes

String

Specifies the VPC ID.

Minimum: 36

Maximum: 36

internal_network_id

Yes

String

Specifies the network ID of the downstream interface (the next hop of DVR) of the public NAT gateway. DVR is Distributed Virtual Routing.

Minimum: 36

Maximum: 36

description

No

String

Provides supplementary information about the public NAT gateway. The description can contain up to 255 characters and cannot contain angle brackets (<>).

Minimum: 0

Maximum: 255

spec

Yes

String

Specifies the public NAT gateway specifications. The value can be: 1: small, which supports a maximum of 10,000 SNAT connections 2: medium, which supports up to 50,000 SNAT connections. 3: large, which supports up to 200,000 SNAT connections. 4: extra-large, which supports up to 1,000,000 SNAT connections.

Enumeration values:

  • 1

  • 2

  • 3

  • 4

enterprise_project_id

No

String

Specifies the ID of the enterprise project associated with the public NAT gateway when the gateway is created. For more information about enterprise projects and how to obtain enterprise project IDs, see Enterprise Management User Guide.

Default: 0

Minimum: 1

Maximum: 36

session_conf

No

SessionConfiguration object

Specifies the session parameters for the public NAT gateway.

ngport_ip_address

No

String

Specifies the private IP address of the public NAT gateway, which is assigned by the VPC subnet.

Minimum: 7

Maximum: 15

Table 5 SessionConfiguration

Parameter

Mandatory

Type

Description

tcp_session_expire_time

No

Integer

Specifies the TCP session duration.

Minimum: 40

Maximum: 7200

udp_session_expire_time

No

Integer

Specifies the UDP session duration.

Minimum: 40

Maximum: 7200

icmp_session_expire_time

No

Integer

Specifies the ICMP session duration.

Minimum: 10

Maximum: 7200

tcp_time_wait_time

No

Integer

Specifies how long the side that actively closed the TCP connection is in the TIME_WAIT state.

Minimum: 0

Maximum: 1800

Response Parameters

Status code: 201

Table 6 Response body parameters

Parameter

Type

Description

nat_gateway

NatGatewayResponseBody object

Specifies the response body for a public NAT gateway.

Table 7 NatGatewayResponseBody

Parameter

Type

Description

id

String

Specifies the public NAT gateway ID.

Minimum: 36

Maximum: 36

tenant_id

String

Specifies the project ID.

Minimum: 1

Maximum: 36

name

String

Specifies the public NAT gateway name. You can enter up to 64 characters.

Minimum: 1

Maximum: 64

description

String

Provides supplementary information about the public NAT gateway. The description can contain up to 255 characters and cannot contain angle brackets (<>).

Minimum: 0

Maximum: 255

spec

String

Specifies the public NAT gateway specifications. The value can be: 1: small, which supports a maximum of 10,000 SNAT connections 2: medium, which supports up to 50,000 SNAT connections. 3: large, which supports up to 200,000 SNAT connections. 4: extra-large, which supports up to 1,000,000 SNAT connections.

Enumeration values:

  • 1

  • 2

  • 3

  • 4

status

String

Specifies the public NAT gateway status. The value can be: ACTIVE: The public NAT gateway is available. PENDING_CREATE: The public NAT gateway is being created. PENDING_UPDATE: The public NAT gateway is being updated. PENDING_DELETE: The public NAT gateway is being deleted. INACTIVE: The public NAT gateway is unavailable.

Enumeration values:

  • ACTIVE

  • PENDING_CREATE

  • PENDING_UPDATE

  • PENDING_DELETE

  • INACTIVE

admin_state_up

Boolean

Specifies whether the public NAT gateway is frozen. The value can be:

  • true: The public NAT gateway is unfrozen.

  • false: The public NAT gateway is frozen.

created_at

String

Specifies when the public NAT gateway was created. The time is in yyyy-mm-dd hh:mm:ss.SSSSSS format.

Minimum: 1

Maximum: 36

router_id

String

Specifies the VPC ID.

Minimum: 36

Maximum: 36

internal_network_id

String

Specifies the network ID of the downstream interface (the next hop of DVR) of the public NAT gateway. DVR is Distributed Virtual Routing.

Minimum: 36

Maximum: 36

enterprise_project_id

String

Specifies the ID of the enterprise project associated with the public NAT gateway when the gateway is created.

Minimum: 1

Maximum: 36

session_conf

SessionConfiguration object

Specifies the session parameters for the public NAT gateway.

ngport_ip_address

String

Specifies the private IP address of the public NAT gateway, which is assigned by the VPC subnet.

Minimum: 7

Maximum: 15

billing_info

String

Specifies the order information. This parameter is available only when you buy yearly/monthly resources. This parameter is left blank when your buy pay-per-use resources.

dnat_rules_limit

Long

Specifies the maximum number of DNAT rules on a public NAT gateway. The default value is 200.

Minimum: 1

Maximum: 100000

snat_rule_public_ip_limit

Integer

Specifies the maximum number of SNAT rules on a public NAT gateway. The default value is 20.

Minimum: 1

Maximum: 100

Table 8 SessionConfiguration

Parameter

Type

Description

tcp_session_expire_time

Integer

Specifies the TCP session duration.

Minimum: 40

Maximum: 7200

udp_session_expire_time

Integer

Specifies the UDP session duration.

Minimum: 40

Maximum: 7200

icmp_session_expire_time

Integer

Specifies the ICMP session duration.

Minimum: 10

Maximum: 7200

tcp_time_wait_time

Integer

Specifies how long the side that actively closed the TCP connection is in the TIME_WAIT state.

Minimum: 0

Maximum: 1800

Example Requests

Creating a public NAT gateway

POST https://{Endpoint}/v2/70505c941b9b4dfd82fd351932328a2f/nat_gateways 

{
  "nat_gateway" : {
    "name" : "nat_001",
    "description" : "my nat gateway 01",
    "router_id" : "d84f345c-80a1-4fa2-a39c-d0d397c3f09a",
    "internal_network_id" : "89d66639-aacb-4929-969d-07080b0f9fd9",
    "spec" : "1",
    "enterprise_project_id" : "0aad99bc-f5f6-4f78-8404-c598d76b0ed2"
  }
}

Example Responses

Status code: 201

Public NAT gateway created.

{
  "nat_gateway" : {
    "id" : "14338426-6afe-4019-996b-3a9525296e11",
    "name" : "nat_001",
    "description" : "my nat gateway 01",
    "router_id" : "d84f345c-80a1-4fa2-a39c-d0d397c3f09a",
    "spec" : "1",
    "admin_state_up" : true,
    "tenant_id" : "70505c941b9b4dfd82fd351932328a2f",
    "internal_network_id" : "89d66639-aacb-4929-969d-07080b0f9fd9",
    "enterprise_project_id" : "0aad99bc-f5f6-4f78-8404-c598d76b0ed2",
    "status" : "PENDING_CREATE",
    "billing_info" : "",
    "dnat_rules_limit" : 200,
    "snat_rule_public_ip_limit" : 20,
    "ngport_ip_address" : "192.168.0.138",
    "created_at" : "2019-04-22 08:47:13.234512"
  }
}

SDK Sample Code

The SDK sample code is as follows.

Creating a public NAT gateway

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
package com.huaweicloud.sdk.test;

import com.huaweicloud.sdk.core.auth.ICredential;
import com.huaweicloud.sdk.core.auth.BasicCredentials;
import com.huaweicloud.sdk.core.exception.ConnectionException;
import com.huaweicloud.sdk.core.exception.RequestTimeoutException;
import com.huaweicloud.sdk.core.exception.ServiceResponseException;
import com.huaweicloud.sdk.nat.v2.region.NatRegion;
import com.huaweicloud.sdk.nat.v2.*;
import com.huaweicloud.sdk.nat.v2.model.*;


public class CreateNatGatewaySolution {

    public static void main(String[] args) {
        // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
        // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
        String ak = System.getenv("CLOUD_SDK_AK");
        String sk = System.getenv("CLOUD_SDK_SK");

        ICredential auth = new BasicCredentials()
                .withAk(ak)
                .withSk(sk);

        NatClient client = NatClient.newBuilder()
                .withCredential(auth)
                .withRegion(NatRegion.valueOf("<YOUR REGION>"))
                .build();
        CreateNatGatewayRequest request = new CreateNatGatewayRequest();
        CreateNatGatewayRequestBody body = new CreateNatGatewayRequestBody();
        CreateNatGatewayOption natGatewaybody = new CreateNatGatewayOption();
        natGatewaybody.withName("nat_001")
            .withRouterId("d84f345c-80a1-4fa2-a39c-d0d397c3f09a")
            .withInternalNetworkId("89d66639-aacb-4929-969d-07080b0f9fd9")
            .withDescription("my nat gateway 01")
            .withSpec(CreateNatGatewayOption.SpecEnum.fromValue("1"))
            .withEnterpriseProjectId("0aad99bc-f5f6-4f78-8404-c598d76b0ed2");
        body.withNatGateway(natGatewaybody);
        request.withBody(body);
        try {
            CreateNatGatewayResponse response = client.createNatGateway(request);
            System.out.println(response.toString());
        } catch (ConnectionException e) {
            e.printStackTrace();
        } catch (RequestTimeoutException e) {
            e.printStackTrace();
        } catch (ServiceResponseException e) {
            e.printStackTrace();
            System.out.println(e.getHttpStatusCode());
            System.out.println(e.getRequestId());
            System.out.println(e.getErrorCode());
            System.out.println(e.getErrorMsg());
        }
    }
}

Creating a public NAT gateway

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
# coding: utf-8

from huaweicloudsdkcore.auth.credentials import BasicCredentials
from huaweicloudsdknat.v2.region.nat_region import NatRegion
from huaweicloudsdkcore.exceptions import exceptions
from huaweicloudsdknat.v2 import *

if __name__ == "__main__":
    # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
    # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
    ak = __import__('os').getenv("CLOUD_SDK_AK")
    sk = __import__('os').getenv("CLOUD_SDK_SK")

    credentials = BasicCredentials(ak, sk) \

    client = NatClient.new_builder() \
        .with_credentials(credentials) \
        .with_region(NatRegion.value_of("<YOUR REGION>")) \
        .build()

    try:
        request = CreateNatGatewayRequest()
        natGatewaybody = CreateNatGatewayOption(
            name="nat_001",
            router_id="d84f345c-80a1-4fa2-a39c-d0d397c3f09a",
            internal_network_id="89d66639-aacb-4929-969d-07080b0f9fd9",
            description="my nat gateway 01",
            spec="1",
            enterprise_project_id="0aad99bc-f5f6-4f78-8404-c598d76b0ed2"
        )
        request.body = CreateNatGatewayRequestBody(
            nat_gateway=natGatewaybody
        )
        response = client.create_nat_gateway(request)
        print(response)
    except exceptions.ClientRequestException as e:
        print(e.status_code)
        print(e.request_id)
        print(e.error_code)
        print(e.error_msg)

Creating a public NAT gateway

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
package main

import (
	"fmt"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic"
    nat "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/nat/v2"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/services/nat/v2/model"
    region "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/nat/v2/region"
)

func main() {
    // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
    // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
    ak := os.Getenv("CLOUD_SDK_AK")
    sk := os.Getenv("CLOUD_SDK_SK")

    auth := basic.NewCredentialsBuilder().
        WithAk(ak).
        WithSk(sk).
        Build()

    client := nat.NewNatClient(
        nat.NatClientBuilder().
            WithRegion(region.ValueOf("<YOUR REGION>")).
            WithCredential(auth).
            Build())

    request := &model.CreateNatGatewayRequest{}
	descriptionNatGateway:= "my nat gateway 01"
	enterpriseProjectIdNatGateway:= "0aad99bc-f5f6-4f78-8404-c598d76b0ed2"
	natGatewaybody := &model.CreateNatGatewayOption{
		Name: "nat_001",
		RouterId: "d84f345c-80a1-4fa2-a39c-d0d397c3f09a",
		InternalNetworkId: "89d66639-aacb-4929-969d-07080b0f9fd9",
		Description: &descriptionNatGateway,
		Spec: model.GetCreateNatGatewayOptionSpecEnum().E_1,
		EnterpriseProjectId: &enterpriseProjectIdNatGateway,
	}
	request.Body = &model.CreateNatGatewayRequestBody{
		NatGateway: natGatewaybody,
	}
	response, err := client.CreateNatGateway(request)
	if err == nil {
        fmt.Printf("%+v\n", response)
    } else {
        fmt.Println(err)
    }
}

For SDK sample code of more programming languages, see the Sample Code tab in API Explorer. SDK sample code can be automatically generated.

Status Codes

Status Code

Description

201

Public NAT gateway created.

Error Codes

See Error Codes.