0

I've just started learning about how a GCP cluster sends traffic, it's still a little abstract, and I've not seen a lot of resources online that help to understand it.

However, I'm considering deploying a cloud NAT in one of the cluster's regions, and I'm not sure how to only send HTTP and HTTPS traffic, I've considered a firewall, but I'm not sure if that is all I'll need.

Also, I believe sending HTTPS traffic through a NAT gateway is rather unsafe; any opinions on this too?

Thank you.

mia
  • 3
  • 1
  • 3
  • Cloud NAT is designed for outgoing traffic. Calling HTTPS from Cloud Nat is fine. Anyway, you won't be able to be sure that only HTTP traffic is going through Cloud Nat. You can limit the outgoing port (like 80 or 443) but not the protocol used on that port. – guillaume blaquiere Aug 02 '22 at 15:16
  • Edit your question with details and context. 1) Why do you need a NAT Gateway? 2) What is your network topology? 3) NAT Gateways are used to provide a route for default traffic (e.g. to the Internet). To selectively control that traffic will require implementing a router/firewall ahead of (or in replacement of) the NAT Gateway. – John Hanley Aug 02 '22 at 18:33

0 Answers0