AWS NAT vs AWS IGW vs AWS Router
As per this answer, router and gateway are same devices, in terms of functionality.
In AWS world, we have internet gateway, NAT gateway and router
Are these three not the same?
No they are not the same.
-
Internet Gateway
- Routes traffic from instances with Public IPs to the Internet.
- It simply forwards traffic between Public IPs in your VPC and Public IPs in the internet back and forth, mostly unchanged.
- Gateways can sometimes be called routers but AWS doesn't use this term.
-
NAT Gateway
- Routes traffic from instances with only Private IPs (i.e. without Public IPs) to the Internet.
- It translates the Private source IPs of your instances to the NAT Gateway's Public IP - hence it's called NAT - Network Address Translation.
-
VPN Gateway
- Routes traffic between Private IPs in your VPC and Private IPs in your data-centre.
- It's not used to access Internet and doesn't change any addresses.
-
VPC Peering
- Routes traffic between Private IPs of instances in different VPCs
- It's not used to access Internet and doesn't change any addresses.
-
Hosted router appliances
- Routing / firewalling software running on EC2, e.g. Cisco CSR 1000, OpenVPN or similar gateways.
- Used for special purposes, if you need it you probably know what you're doing.
Your link to "router" actually links to Route Tables
- Route Table is essentially a list of rules - IP address prefixes and their gateways.
- The rules are evaluated from the most specific to the least specific, i.e. the best match is used.
- Default route
0.0.0.0/0
covers all addresses in the whole internet.- In Public VPC subnets this default route usually points to IGW
- In Private VPC subnets this default route usually points to NAT GW
- More specific routes (e.g.
10.20.30.0/24
) may point to VPN GW or VPC Peering GW or Router appliance.
Hope that answers the question :)