After NAT gateway is deployed, zonal configurations can't be changed. You won't have visibility into which zone Azure chooses for your NAT gateway. When NAT gateway is placed in no zone, Azure places the resource in a zone for you. If no zone is selected at the time that the NAT gateway resource is deployed, then it's placed in ‘no zone’ by default. For more information on how to safeguard against zonal outages, see Design considerations later in this article. While virtual machines in subnets from different availability zones can all be configured to a single zonal NAT gateway resource, this configuration doesn't provide the most effective method for ensuring zone-resiliency against zonal outages. Additionally, multiple subnets can be configured to the same NAT gateway resource. The virtual machine’s subnet needs to be configured to the NAT gateway resource to provide outbound connectivity. NAT gateway can provide outbound connectivity for virtual machines from other availability zones different from itself. NAT gateway resources with public IP addresses from a different zone, zone-redundancy or with no zone aren't allowed. The public IP address or prefix configured to NAT gateway must match the same zone. When NAT gateway is deployed to a specific zone, it will provide outbound connectivity to the internet explicitly from that zone. You can place your NAT gateway resource in a specific zone for a region. Availability zones build on this resiliency with zone isolation scenarios for NAT gateway. It can survive multiple infrastructure component failures. NAT gateway infrastructure has built in redundancy. NAT gateway uses software defined networking to operate as a fully managed and distributed service. ![]() ![]() While NAT gateway is a zonal resource, it's a highly resilient and reliable method by which to connect outbound to the internet from virtual network subnets. Virtual networks and their subnets are regional. Which zone property you select for your NAT gateway resource will inform the zone property of the public IP address that can be used for outbound connectivity as well. NAT gateway can either be designated to a specific zone within a region or to ‘no zone’. Review this document to understand key concepts and fundamental design guidance.įigure 1: Zonal deployment of NAT gateway. With zone isolation scenarios, you can align your zonal NAT gateway resources with zonally designated IP based resources, such as virtual machines, to provide zone resiliency against outages. ![]() NAT gateway is a zonal resource, which means it can be deployed and operate out of individual availability zones.
0 Comments
Leave a Reply. |