NAT Instances
Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or
Already have an account? Sign In »
Time
19 hours 19 minutes
Difficulty
Intermediate
CEU/CPE
20
Video Transcription
00:00
>> Hey, everybody, and welcome back.
00:00
In this lesson, we're going to be
00:00
talking about NAT Instances.
00:00
The learning objectives are going to be to
00:00
describe the service of NAT instances.
00:00
We're going to talk a little bit about why
00:00
we no longer use this service,
00:00
but we want to make sure we cover it
00:00
for this exam because it's still in the exam,
00:00
which is odd for AWS in my opinion.
00:00
But anyways, I'll take my personal opinions out of this.
00:00
NAT instances do what
00:00
NAT does is Network Address Translation
00:00
is technically an EC2 instance that you put
00:00
inside of a subnet and your VPC,
00:00
and it allows for that network translation
00:00
of public and private IP addresses,
00:00
but it goes through an EC2 instance, so to speak.
00:00
This isn't a very scalable way to do this.
00:00
If we're talking about NAT gateways,
00:00
which is a managed scalable way
00:00
of doing something like this,
00:00
NAT instances can technically become a bottleneck
00:00
because it's one EC2 instance
00:00
that's doing the translation for you.
00:00
If that EC2 instance fails for whatever the reason, well,
00:00
then you have to rebuild it or you have to
00:00
scale it out in a manual way.
00:00
It's not managed.
00:00
You're going to have to architect this
00:00
yourself instead of just
00:00
letting AWS take the reins
00:00
and take the responsibility from you.
00:00
When you're launching a NAT instance and
00:00
must be launched in a public subnet.
00:00
Another thing that you have to
00:00
keep in mind is that you have to have
00:00
an elastic IP so that public IP,
00:00
we call it and AWS is elastic.
00:00
Elastic IP has to be attached
00:00
to the NAT instance in order for this to work.
00:00
In order for you to do this,
00:00
you're going to have to disable
00:00
something called source and destination checking,
00:00
and the route table must be
00:00
configured to route traffic from
00:00
private subnets to the NAT instance
00:00
for it to go outbound.
00:00
That's really it. Like I said,
00:00
NAT instances is no longer really
00:00
a thing that we had to utilize back in.
00:00
I think it was December of 2020 or something like that,
00:00
but it's still could appear on the exam.
00:00
We're going to go ahead and cover it just in case,
00:00
but don't be surprised if you don't see it.
00:00
You may see more questions on NAT gateways,
00:00
and Internet gateway. Be on the lookout for that.
00:00
Make sure you brush up on that.
00:00
But as far as this goes,
00:00
just make sure you understand
00:00
legacy NAT instances. This is what it does.
00:00
It's not managed, it's very manual,
00:00
so you have to babysit it yourself.
00:00
That wraps up this lecture and this lecture
00:00
we did an overview of the NAT instance service.
00:00
We talked a little bit about some of
00:00
the details that you need to know
00:00
about the NAT instance service for this exam.
00:00
We covered, I guess,
00:00
the configuration setup for NAT instances in general.
00:00
Anyways, if you have any questions,
00:00
feel free to reach out to me.
00:00
If not, I will see you in the next lecture.
Up Next
Similar Content
