AWS Certified Solutions Architect - Professional 2020

Sign Up Free or Log In to participate!

Internet Gateway doing network address translation for public IPV4 address?

Hi Cloud Gurus, 

I checked the internet Gateway userguide on the below link and found something I wanted to share with you.


In this page, its written "An internet gateway serves two purposes: to provide a target in your VPC route tables for internet-routable traffic, and to perform network address translation (NAT) for instances that have been assigned public IPv4 addresses."

Now, if it had been IPv6, this could have made some sense because since all IPv6 address are unique and public and there is no private IP addressing in IPv6, we could need a NAT to secure (or hide) the addresses used in our network. But IPv6 is handled by Egress only gateway and not the internet gateway. 

Now we know that NAT Gateway/instance does the Network address translation for instances with private IP addresses to talk to the internet. That is required since private IPs are not addressable on the internet.

Now, it is difficult to understand why would instances having public IPv4 address require network address translation (NAT)?


Could anybody spare a few minutes for this question. Thank you so much.

1 Answers

Hi AWS_learner,

If you read further down on that page in the documentation, you’ll find the explanation–about the 3rd paragraph.   Within a VPC, the EC2 instance is only aware if its private IP address and the Internet Gateway provides a 1-to-1 map to the public address from the instance.


Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?