In today’s post, we will see regarding NATGateway in OCI.
What is NAT?
NAT is a networking technique commonly used to give entire private network access to the internet without assigning each host a public IPv4 address. The hosts can initiate connections to the internet and receive responses, but not receive inbound connections initiated from the internet.
When a host in the private network initiates an internet-bound connection, the NAT device’s public IP address becomes the source IP address for the outbound traffic. The response traffic from the internet, therefore, uses that public IP address as the destination IP address. The NAT device then routes the response to the host in the private network that initiated the connection.
My Environment Details:
- I subscribed to ASHBURN region in which created a compartment ASH_COMPARTMENT.
- Created ASH_VCN01 (Virtual Cloud Network) with CIDR 220.127.116.11/16.
- Creates subnets in the ASH_VCN01 as
ASH_SUBNET_A with CIDR 18.104.22.168/24 which is associated with the public subnet.
ASH_SUBNET_B with CIDR 22.214.171.124/24 which is associated with the public subnet.
ASH_SUBNET_C with CIDR 126.96.36.199/24 which is associated with the public subnet.
ASH_PRIVATE_D with CIDR 188.8.131.52/24 which is associated with the private subnet.
- Create a NATGateway as ASH_NATGW01 and add to the route table ASH_NAT_RT01.
- Assign the route table ASH_NAT_RT01 to the private subnet ASH_PRIVATE_D.
- Provision the instance using the private subnet ASH_PRIVATE_D where after the creation of the instance there will be only private IP address to the instance, no public IP will be assigned.
- Now, create a tunnel through PUTTY session of Public subnet instance.
- And connect to the private subnet instance through the tunnel of public subnet instance and it should have to connect successfully.
Actually in enterprises, will configure IPsec tunnel or CPE connections through which they will connect to private instances, here we didn’t configure IPsec of CPE connection so using the PUTTY session tunneling.
Going to ASHBURN region, create a private subnet and all the stuff discussed above.
The below instance is already created with public subnet, where it will have public and private ip addresses.
Create a private subnet.
Private subnet creates successfully.
NAT Gateway created successfully.
Create a Route table and add the rule of NAT Gateway to it and assign the same route table to the private subnet.
Now create the instance using private subnet ASH_PRIVATE_D.
Instance provisioned successfully and there is no public ip assigned to this.
Create a tunnel using PUTTY by connecting to public subnet instance.
Now connected to the public instance, when the session created tunnel is also created where it will listen on port 2222 (when we call this port then it will redirect to private instance IP and port) on the localhost.
Now connect to private subnet instance as below from your localhost, it should have to connect successfully.
Hope this post find’s your well !!
Any question please post in comment box !!
Happy learning !!
Firoz Hussain K.