Interview Questions/Troubleshooting Scenarios/SNAT Port Exhaustion via NAT Gateway
AdvancedScenario
15 min

SNAT Port Exhaustion via NAT Gateway

Cloud NetworkingNATScalability
Advertisement
Interview Question

Outbound calls from your private subnets start failing intermittently. Investigation suggests SNAT port exhaustion. How do you confirm and fix?

Key Points to Cover
  • Confirm via NAT gateway metrics (connections/ports in use)
  • Correlate to bursty egress patterns and connection reuse
  • Increase NAT gateways or scale subnets; tune timeouts
  • Enable connection pooling/keep-alive and reduce parallel outbound
  • Implement egress proxy or VPC endpoints for popular services
Evaluation Rubric
Confirms SNAT exhaustion with metrics35% weight
Optimizes client connection behavior25% weight
Scales NAT/egress capacity safely20% weight
Reduces reliance via endpoints/proxies20% weight
Hints
  • 💡Ephemeral port reuse and TIME_WAIT tuning matter.
Potential Follow-up Questions
  • How to size NAT capacity?
  • What’s the impact of HTTP/2 multiplexing?
Advertisement
Back to Troubleshooting ScenariosView All Categories