Ask HN: Alternatives to NAT gateways for EC2 instances

6•nodesocket•8mo ago

I’m looking to deploy EC2 instances in multiple availability zones and would like the EC2 instances to only be on the private subnet with no public ip address assigned. However the instances need outbound access for API requests, etc.

NAT gateways cost $32/mo per AZ and that doesn’t include bandwidth which is absurdly expensive. I could manually deploy NAT instances but still looking at a minimum of around $8/mo per for t5g.small instances and EBS. Not to mention the maintenance and setup of the NAT instances.

Any clever tricks for outbound internet access for EC2 instances that are in private subnets?

Comments

spaceprison•8mo ago

You’ll need a vpc subnet connected “something” with outbound access.

Natgw and nat instance are about all there is or something crazy like a site to site vpn attached to your vgw and a server/firewall outside of aws/ec2 connected to the internet acting like a router…?

nodesocket•8mo ago

Thanks, figured as much. AWS hasn't lowered the price of NAT gateways in (ever) I think. It's a bit absurd seeing as the dramatic price reduction of Graviton based instances and such. NAT gateways should be like 1/2 or 1/3 the current cost.

somedanishguy•8mo ago

I can only recommend fck-nat.dev as an alternative to aws’s own nat instances.

nodesocket•8mo ago

Awesome, will look at deploying fck-nat.dev. Love the name. So absurd AWS hasn’t updated their NAT instance AMI since 2018 and running Amazon Linux v1 which is end of life.

romanhn•8mo ago

Fck-nat is great, and I'm running it for the exact same reason that the NAT Gateway is expensive for my hobby project. I configured it with an auto scaling group to bring it back up if the instance dies. The instance doubles as a bastion host as well.

samcat116•8mo ago

The ideal answer is IPv6 subnet with an egress only internet gateway

ecesena•8mo ago

If cost is the main issue, could you route all instances through a single nat, instead of one per AZ?

Show HN: I'm 75, building an OSS Virtual Protest Protocol for digital activism

Show HN: I built Divvy to split restaurant bills from a photo

Hot Reloading in Rust? Subsecond and Dioxus to the Rescue

Skim – vibe review your PRs

Show HN: Open-source AI assistant for interview reasoning

Tech Edge: A Living Playbook for America's Technology Long Game

Golden Cross vs. Death Cross: Crypto Trading Guide

Hoot: Scheme on WebAssembly

What the longevity experts don't tell you

Monzo wrongly denied refunds to fraud and scam victims

They were drawn to Korea with dreams of K-pop stardom – but then let down

Show HN: AI-Powered Merchant Intelligence

Bash parallel tasks and error handling

Let's compile Quake like it's 1997

Reverse Engineering Medium.com's Editor: How Copy, Paste, and Images Work

Go 1.22, SQLite, and Next.js: The "Boring" Back End

Laibach the Whistleblowers [video]

Slop News - The Front Page right now but it's only Slop

Economists vs. Technologists on AI

Life at the Edge

RISC-V Vector Primer

Show HN: Invoxo – Invoicing with automatic EU VAT for cross-border services

A Tale of Two Standards, POSIX and Win32 (2005)

Ask HN: Is the Downfall of SaaS Started?

Flirt: The Native Backend

OpenAI's Latest Platform Targets Enterprise Customers

Goldman Sachs taps Anthropic's Claude to automate accounting, compliance roles

Ai.com bought by Crypto.com founder for $70M in biggest-ever website name deal

Big Tech's AI Push Is Costing More Than the Moon Landing

The AI boom is causing shortages everywhere else