none
Equivalent of AWS Internet Gateways in Azure

    Question

  • Hi,

    We have internet gateways(route tables) in the aws. Can you please let us know, what is the equivalent in azure?

    Thanks


    • Edited by Loydon Mendonca Saturday, March 25, 2017 11:49 AM Edited the title.
    Friday, March 24, 2017 1:25 PM

All replies

  • If you could specify the purpose of the AWS Internet Gateway in your setup it would be great to give you more elaboration.

    As far as I understand, the AWS Internet Gateway is a pathway used by your VPC instances to direct traffic to the internet and vice versa having a 1 to 1 relationship associated with the traffic leaving and coming into your VPC instances.

    I would not get into the details while comparing the AWS Internet Gateway and Azure. However, the Azure infrastructure automatically source NATs the Azure Virtual Network private IP address of the instance to the public IP address assigned to it by the address space defined in the Virtual Network. So it takes care of representing the private IP of the instance as the associated public IP address thereby presenting your instance as a public entity. This would be for outbound traffic. For inbound traffic to your instance, the public IP address is automatically mapped to the private IP of the instance thereby facilitating a 1 to 1 relationship of the public and private IP address as mentioned earlier.

    As far as route tables are concerned, Azure has system defined routes that take care of the above process for any traffic within the VNet and also from the Internet. The system routes take care of most of the routing needs and you do not need to worry about this. One of the system routes is the Internet Rule which handles all traffic destined to the public Internet (address prefix 0.0.0.0/0) and uses the infrastructure internet gateway as the next hop for all traffic destined to the Internet. However, if you want the traffic to be routed to a specific instances (for example a Network Virtual Appliance for Firewall or internal NAT) then you can set a UDR and IP forwarding to route the traffic via the NVA but this will only apply for internal private IP addresses native to the VNet subnets and not the internet traffic.

    I guess this is quite a lengthy answer to your short question but I am hoping to give you a proper overview since there isn't a exact counterpart for the AWS Internet Gateway in Azure.

    • Proposed as answer by SamCoganMVP Saturday, March 25, 2017 11:20 PM
    Saturday, March 25, 2017 12:07 PM