Skip to content

Commit 3db9393

Browse files
cozhang8cozhang8
authored
Update nat-gateway-design.md
updated tables and descriptions to better match the diagrams
1 parent d59412f commit 3db9393

File tree

1 file changed

+11
-11
lines changed

1 file changed

+11
-11
lines changed

articles/nat-gateway/nat-gateway-design.md

Lines changed: 11 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -61,11 +61,11 @@ The following examples demonstrate coexistence of a load balancer or instance-le
6161

6262
| Resource | Traffic flow direction | Connectivity method used |
6363
| --- | --- | --- |
64-
| VM (Subnet B) | Inbound </br> Outbound | NA </br> NAT gateway |
65-
| Virtual machine scale set (Subnet B) | Inbound </br> Outbound | NA </br> NAT gateway |
66-
| VMs (Subnet A) | Inbound </br> Outbound | Instance-level public IP </br> NAT gateway |
64+
| VM (Subnet 1) | Inbound </br> Outbound | Instance-level public IP </br> NAT gateway |
65+
| Virtual machine scale set (Subnet 1) | Inbound </br> Outbound | NA </br> NAT gateway |
66+
| VMs (Subnet 2) | Inbound </br> Outbound | NA </br> NAT gateway |
6767

68-
The virtual machine uses the NAT gateway for outbound and return traffic. Inbound originated traffic passes through the instance level public IP directly associated with the virtual machine in subnet A. The virtual machine scale set from subnet B and VMs from subnet B can only egress and receive response traffic through the NAT gateway. No inbound originated traffic can be received.
68+
The virtual machine uses the NAT gateway for outbound and return traffic. Inbound originated traffic passes through the instance level public IP directly associated with the virtual machine in subnet 1. The virtual machine scale set from subnet 1 and VMs from subnet 2 can only egress and receive response traffic through the NAT gateway. No inbound originated traffic can be received.
6969

7070
### A NAT gateway and VM with a standard public load balancer
7171

@@ -75,10 +75,10 @@ The virtual machine uses the NAT gateway for outbound and return traffic. Inboun
7575

7676
| Resource | Traffic flow direction | Connectivity method used |
7777
| --- | --- | --- |
78-
| VMs in backend pool | Inbound </br> Outbound | Load balancer </br> NAT gateway |
79-
| VM and virtual machine scale set (Subnet B) | Inbound </br> Outbound | NA </br> NAT gateway |
78+
|VM and virtual machine scale set (Subnet 1) | Inbound </br> Outbound | Load balancer </br> NAT gateway |
79+
|VMs (Subnet 2) | Inbound </br> Outbound | NA </br> NAT gateway |
8080

81-
NAT Gateway supersedes any outbound configuration from a load-balancing rule or outbound rules on the load balancer. VM instances in the backend pool use the NAT gateway to send outbound traffic and receive return traffic. Inbound originated traffic passes through the load balancer for all VM instances within the load balancer’s backend pool. VM and the virtual machine scale set from subnet B can only egress and receive response traffic through the NAT gateway. No inbound originated traffic can be received.
81+
NAT Gateway supersedes any outbound configuration from a load-balancing rule or outbound rules on the load balancer. VM instances in the backend pool use the NAT gateway to send outbound traffic and receive return traffic. Inbound originated traffic passes through the load balancer for all VM instances (Subnet 1) within the load balancer’s backend pool. VMs from subnet 2 can only egress and receive response traffic through the NAT gateway. No inbound originated traffic can be received.
8282

8383
### A NAT gateway and VM with an instance-level public IP and a standard public load balancer
8484

@@ -88,11 +88,11 @@ NAT Gateway supersedes any outbound configuration from a load-balancing rule or
8888

8989
| Resource | Traffic flow direction | Connectivity method used |
9090
| --- | --- | --- |
91-
| VM (Subnet A) | Inbound </br> Outbound | Instance-level public IP </br> NAT gateway |
92-
| Virtual machine scale set | Inbound </br> Outbound | NA </br> NAT gateway |
93-
| VM (Subnet B) | Inbound </br> Outbound | NA </br> NAT gateway |
91+
| VM (Subnet 1) | Inbound </br> Outbound | Instance-level public IP </br> NAT gateway |
92+
| Virtual machine scale set (Subnet 1) | Inbound </br> Outbound | Load balancer </br> NAT gateway |
93+
| VMs (Subnet 2) | Inbound </br> Outbound | NA </br> NAT gateway |
9494

95-
The NAT gateway supersedes any outbound configuration from a load-balancing rule or outbound rules on a load balancer and instance level public IPs on a virtual machine. All virtual machines in subnets A and B use the NAT gateway exclusively for outbound and return traffic. Instance level public IPs take precedence over load balancer. The VM in subnet A uses the instance level public IP for inbound originating traffic.
95+
The NAT gateway supersedes any outbound configuration from a load-balancing rule or outbound rules on a load balancer and instance level public IPs on a virtual machine. All virtual machines in subnets 1 and 2 use the NAT gateway exclusively for outbound and return traffic. Instance-level public IPs take precedence over load balancer. The VM in subnet 1 uses the instance level public IP for inbound originating traffic. VMSS do not have instance-level public IPs.
9696

9797
## Monitor outbound network traffic with NSG flow logs
9898

0 commit comments

Comments
 (0)