Overview

<p>Internet Gateway (IGW) can provide public network gateway products with VPC-level isolation for the tenants. It mainly provides two functions, DNAT and Internet connection (ECS), and provides Internet network communication functions for the ECS Instances.</p>

Advantages

<p><strong>Simple Configuration</strong></p> <p>Through the console, user can quickly deploy DNAT and Internet connection functions to meet the requirements of all kinds of compute Instances to access the Internet.</p> <p>&nbsp;</p> <p><strong>Secure Access</strong></p> <p>For each access rules in internet gateway, system will automatically execute respective security rules on firewalls.</p> <p>&nbsp;</p> <p><strong>Low-cost</strong></p> <p>Apply for IP bandwidth on demand; Flexibility in charging mode.</p> <p>&nbsp;</p> <p><strong>High Availability Deployment</strong></p> <p>Provide multiple availability zones with high-availability deployment to guarantee stable gateway functions.</p>

Application Scenarios

<p><img src="https://obs-cn-shanghai.yun.pingan.com/pacloud/20172312105631-14966c029c9f.png" style="height:346px; width:554px" /></p> <p><strong>Scenario 1</strong></p> <p>Tenants use ECS Instances to build a cloud server cluster as an Internet server to provide application services to Internet clients. Firstly, they deploy an ECS Instance, configure an ELB Instance and associate the load balancer with the ECS Instance. Then the public IP and the address is purchased in the IGW Instance and the public IP address is mapped to the service IP address of the ELB Instance using the DNAT service. This allows clients from the Internet to access server clusters within the cloud through IGW Instances.</p> <p><strong>Scenario 2</strong></p> <p>When using an ECS Instance as an Internet client to access Internet services outside the cloud, tenants use &quot;ECS&quot; to bind a specific public IP address to an ECS Instance. At this point, the ECS Instance will get an extra network card configured with a public IP address. On IGW, we have configured a security policy for this public IP address to ensure secure access of the ECS Instance.</p> <p>&nbsp;</p>

Terms and Descriptions

<table border="1" cellpadding="0" cellspacing="0" style="width:0px"> <tbody> <tr> <td> <p>Term</p> </td> <td> <p>Description</p> </td> </tr> <tr> <td> <p>IGW, Internet Gateway</p> </td> <td> <p>A public network gateway product that provides tenants with VPC-level isolation and provides internet communications for ECS, BMS and CaaS Instances.</p> </td> </tr> <tr> <td> <p>DNAT Table</p> </td> <td> <p>A user maps a purchased public IP address to the IP address of another intranet instance to implement the DNAT mapping. Users can choose IP Mapping or Port Mapping.</p> </td> </tr> <tr> <td> <p>Internet Connection (ECS)</p> </td> <td> <p>Bind a public IP address to an ECS Instance and configure a security policy for this IP address; provide ECS with one-to-one public IP mapping and access to the Internet.</p> </td> </tr> <tr> <td> <p>Security Policy</p> </td> <td> <p>Provide outbound and inbound security policy configuration; match security rules and take actions (allow or prohibit) accordingly for messaging forwarding and filtering.</p> </td> </tr> </tbody> </table>
Did the above content solve your problem? Yes No
Please complete information!

Call us

400-151-8800

Email us

cloud@pingan.com

Online customer service

Instant reply

Technical Support

cloud products