AWS Certified Advanced Networking - Specialty Exam: Incorrect Information about NAT Gateway

Incorrect Information about NAT Gateway

Prev Question Next Question

Question

Which of the following is incorrect when it comes to the NAT gateway.

Answers

A. You can associate a security group with the NAT gateway

B. A NAT gateway supports bursts of up to 10 Gbps of bandwidth

C. You can associate exactly one Elastic IP address with a NAT gateway

D. A NAT gateway supports the following protocols: TCP, UDP, and ICMP.

Show Answer

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

Answer - A.

The AWS documentation mentions the following.

A NAT gateway has the following characteristics:

A NAT gateway supports bursts of up to 10 Gbps of bandwidth.

If you require more than 10 Gbps bursts, you can distribute the workload by splitting your resources into multiple subnets, and creating a NAT gateway in each subnet.

You can associate exactly one Elastic IP address with a NAT gateway.

You cannot disassociate an Elastic IP address from a NAT gateway after it's created.

To use a different Elastic IP address for your NAT gateway, you must create a new NAT gateway with the required address, update your route tables, and then delete the existing NAT gateway if it's no longer required.

A NAT gateway supports the following protocols: TCP, UDP, and ICMP.

You cannot associate a security group with a NAT gateway.

You can use security groups for your instances in the private subnets to control the traffic to and from those instances.

For more information on the NAT gateway, please refer to the below link:

http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/vpc-nat-gateway.html

The incorrect statement regarding the NAT gateway is:

B. A NAT gateway supports bursts of up to 10 Gbps of bandwidth.

Explanation:

A NAT gateway is an AWS managed service that allows instances in a private subnet to connect to the internet or other AWS services but prevents the internet from initiating connections with those instances.

Let's review the given options:

A. You can associate a security group with the NAT gateway: This statement is correct. You can associate a security group with the NAT gateway to control traffic to and from the internet.

B. A NAT gateway supports bursts of up to 10 Gbps of bandwidth: This statement is incorrect. The maximum bandwidth for a NAT gateway is 45 Gbps. However, this maximum throughput is only achievable with an instance size of cg1.4xlarge. The actual throughput of the NAT gateway will depend on the selected instance size.

C. You can associate exactly one Elastic IP address with a NAT gateway: This statement is correct. You can associate only one Elastic IP address with a NAT gateway.

D. A NAT gateway supports the following protocols: TCP, UDP, and ICMP: This statement is correct. NAT gateway supports TCP, UDP, and ICMP protocols.

In conclusion, the correct answer to this question is option B, which is incorrect as a NAT gateway can support up to 45 Gbps of bandwidth, depending on the instance size.

Prev Question Next Question