Home / server / Questions / 753916
In Process
Thiago Figueiro
Asked: 2016-02-04 21:41:48 +0800 CST

What's your experience with the AWS NAT Gateway performance?

  • 772

In December/2015 Amazon launched their VPC NAT Gateway service which is basically a managed alternative to creating your own (and it looks very good in comparison to NAT instances).

I was just about to deploy my own NAT instances and I decided to use the NAT Gateway instead to save me the hassle of configuring and maintaining my own NAT service.

The service works as advertised and I've been a happy chappy until I noticed a strange behaviour.

I use EC2 instances behind the NAT gateway to test a bunch of websites, running up to 4 parallel Firefox+selenium tests per EC2 instance. I noticed that tests that were previously running fine elsewhere had been failing on this environment.

So I spun-up 2x t2.large instances, one with a public elastic IP and direct access to the Internet; the other with a private IP, behind the NAT gateway.

Here are the results of running apache benchmark against some sites:

EIP

ab -kn 1000 -c 20 https://www.pinterest.com/
(...)
Time taken for tests:   17.331 seconds

ab -kn 1000 -c 20 http://speedtest.ftp.otenet.gr/files/test100k.db
(...)
Time taken for tests:   9.610 seconds

ab -kn 1000 -c 20 http://www.bbc.com/
(...)
Time taken for tests:   5.890 seconds

NAT

ab -kn 1000 -c 20 https://www.pinterest.com/
(...)
Time taken for tests:   25.980 seconds

ab -kn 1000 -c 20 http://speedtest.ftp.otenet.gr/files/test100k.db
(...)
Time taken for tests:   14.920 seconds

ab -kn 1000 -c 20 http://www.bbc.com/
(...)
Time taken for tests:   6.552 seconds

The server behind the NAT gateway is outperformed by the service with direct connection by a significant percentage in many cases.

AWS says that the service "Supports bursts of up to 10Gbps" which is more than what the individual instances I used can do.

I noticed that if I turn-off keep-alive (i.e. the -k) the performance becomes similar:

ab -n 1000 -c 20 https://www.pinterest.com/
EIP:   18.316 seconds
NAT:   17.763 seconds

What is this sorcery? What's going on? Are my benchmarks relevant?

What has been your experience?

networking

1 Answers

  1. My Nat gateway setup is fresh new and nothing custom. Here is my result for command 

    siege -c 100 https://www.pinterest.com -v

    with Nat gateway :

    Transactions:              15012 hits
Availability:             100.00 %
Elapsed time:             140.40 secs
Data transferred:         335.43 MB
Response time:              0.43 secs
Transaction rate:         106.92 trans/sec
Throughput:             2.39 MB/sec
Concurrency:               46.39
Successful transactions:       15012
Failed transactions:               0
Longest transaction:            5.90
Shortest transaction:           0.29

    without Nat Gateway

    Transactions:              11519 hits
Availability:             100.00 %
Elapsed time:             107.02 secs
Data transferred:         257.20 MB
Response time:              0.43 secs
Transaction rate:         107.63 trans/sec
Throughput:             2.40 MB/sec
Concurrency:               46.33
Successful transactions:       11519
Failed transactions:               0
Longest transaction:            4.02
Shortest transaction:           0.28

    Almost same.

    • 1