Hacker News new | past | comments | ask | show | jobs | submit login

> If someone could do Managed NAT Gateway next I'd appreciate it!

Yes please! Such a useful networking tool, but so expensive to run as a managed service.

Yes, you can run your own EC2 instance (searching turned up this guide, which looks useful: http://evertrue.github.io/blog/2015/07/06/the-right-way-to-s... ) but it'd be great to have this run by a cloud provider, yet be affordable.




We (Cloudflare) have got some things cooking here :)

I'd love to hear more about what problems you're trying to solve/features you'd like to see besides "cheaper" — can you email me at rustam at cloudflare ?


Not OP but I'll add:

AWS can only have a single NAT gateway per subnet/availability zone(they are usually added in the route table as 0.0.0.0/0). Nat GWs can only scale up so much. If we blow past the limits, then the only option is to use resources from a different subnet. I realize things cannot scale vertically forever, but the fact that one can scale horizontally (by adding more NAT GWs in different subnets) tells me that there could be an architecture that would make this a non-issue to customers.

Also if a NAT Gateway has issues (see the outage on Aug 31st) we, the customers, have to figure out how to route around it.

In Google Cloud you can (easily) add multiple NAT gateways as your requirements grow, while staying in the same subnet. Not sure how far one can go (didn't go past 20 Nat GWs or so). We still have to worry about that (specially since in GCP the number of allowed connections is much smaller), ideally we shouldn't have to worry about this either :)

Azure does not have the same concept because they are bonkers (outgoing traffic goes out of your load balancer (?!))


Are you running TCP/UDP workloads or is NAT for any IP protocol needed?


This is our major need right now:

https://github.com/FusionAuth/fusionauth-issues/issues/1393

Basically, providing a static IP to some EC2 instance traffic so that folks can add an IP to their firewall.


A single EC2 instance might not cut it. The AWS Managed NAT GW scales up to 45Gbps. They can also support 55k connections to a single destination (multiply that by the number of permutations on your triple - IP addr, destination port, protocol).

If you have single EC2 instance doing the job of a managed NAT, another equivalent EC2 instance is enough to max it out.

You may need a fleet of instances if your requirements are large. Which means that you have a bunch of operational aspects to worry about and the NAT Gateway calculation starts to become more palatable (once you start adding the human cost of maintaining your own, etc).

Pricing is still outrageous though. AWS has economies of scale that we don't.




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: