Once you’ve integrated with AWS CloudWatch, you have access to metrics from AWS NAT Gateway, which is a Network Address Translation (NAT) service. Any instances in a private subnet can connect to services outside your VPC using a NAT gateway, but external services can’t connect directly to those instances.
See all AWS integrations.
To verify metrics are reporting, search for the metrics on the Metric details page in Settings.
The following table shows the NAT gateway metrics ingested by Cloud Observability.
| Metric Name | Unit | Description |
|---|---|---|
| aws.natgateway.active_connection_count | count | The total number of active TCP connections that are being used by the NAT gateway at any one time. No connections are now active through the NAT gateway, which is indicated by a value of zero. |
| aws.natgateway.bytes_in_from_destination | bytes | The volume of data that the NAT gateway successfully received from the destination. Data loss during NAT gateway processing or traffic being actively blocked by the NAT gateway may occur if the value for BytesOutToSource is smaller than the value for BytesInFromDestination. |
| aws.natgateway.bytes_in_from_source | bytes | The volume of data that customers in your VPC's received as bytes across the NAT gateway. It is possible for data loss to occur during NAT gateway processing if the value for BytesOutToDestination is lower than the value for BytesInFromSource. |
| aws.natgateway.bytes_out_to_destination | bytes | The quantity of bytes that were transferred to the destination through the NAT gateway A value larger than zero signifies that there is traffic coming from clients that are behind the NAT gateway and going to the internet. It is possible for data loss to occur during NAT gateway processing if the value for BytesOutToDestination is less than the value for BytesInFromSource. |
| aws.natgateway.bytes_out_to_source | bytes | The volume of data that is transferred to clients inside your VPC via the NAT gateway. A value larger than zero signifies that there is traffic going to clients that are behind the NAT gateway from the internet. If the BytesOutToSource value is smaller than the BytesInFromDestination value, there may be data loss during NAT gateway processing or active NAT gateway traffic blocking. |
| aws.natgateway.connection_attempt_count | count | The quantity of connection attempts made through the NAT gateway. If ConnectionEstablishedCount is fewer than ConnectionAttemptCount, clients behind the NAT gateway attempted to establish new connections for which there was no response. |
| aws.natgateway.connection_established_count | count | The quantity of connections made through the NAT gateway. If ConnectionEstablishedCount is fewer than ConnectionAttemptCount, clients behind the NAT gateway attempted to establish new connections for which there was no response. |
| aws.natgateway.error_port_allocation | count | The number of times the NAT gateway was unable to assign a source port. A value greater than zero signifies that the NAT gateway is currently handling an excessive number of concurrent connections. |
| aws.natgateway.idle_timeout_count | count | The quantity of connections that changed from being active to being idle. If an active connection is not gracefully ended and has been inactive for 350 seconds, it becomes idle. The presence of connections that have been switched to an idle state is indicated by a value greater than zero. If the IdleTimeoutCount value rises, clients behind the NAT gateway may be reusing old connections, according to some experts. |
| aws.natgateway.packets_drop_count | count | The quantity of packets the NAT gateway dropped. A value greater than zero can signify a temporary problem with the NAT gateway that is still present today. Check the AWS service health dashboard if this figure is greater than 0.01 percent of the total volume of traffic on the NAT gateway. |
| aws.natgateway.packets_in_from_destination | count | The quantity of packets that were delivered to the NAT gateway from the destination. Data loss during NAT gateway processing or traffic being actively blocked by the NAT gateway may occur if the value for PacketsOutToSource is smaller than the value for PacketsInFromDestination. |
| aws.natgateway.packets_in_from_source | count | The quantity of packets that customers in your VPC's received and were forwarded to the NAT gateway. It is possible for data loss to occur during NAT gateway processing if the value for PacketsOutToDestination is lower than the value for PacketsInFromSource. |
| aws.natgateway.packets_out_to_destination | count | The quantity of packets that were forwarded to the destination through the NAT gateway. A value larger than zero signifies that there is traffic coming from clients that are behind the NAT gateway and going to the internet. It is possible for data loss to occur during NAT gateway processing if the value for PacketsOutToDestination is less than the value for PacketsInFromSource. |
| aws.natgateway.packets_out_to_source | count | The quantity of data packets that are routed to the customers in your VPC through the NAT gateway. A value larger than zero signifies that there is traffic going to clients that are behind the NAT gateway from the internet. There may be data loss during NAT gateway processing or active traffic blocking by the NAT gateway if the value for PacketsOutToSource is smaller than the value for PacketsInFromDestination. |
| aws.natgateway.nat_gateway_id | count | Use the NAT gateway ID to filter the metrics data. |
See also
Updated Dec 1, 2022