Gateway
Definition
A network component that acts as an entry point or intermediary between different networks or services, facilitating communication and data flow.
Use Cases
- Netflix: Front-door API layer for microservices used by many client devices — Netflix built and operates an API gateway layer (commonly referenced as Zuul) to route requests to backend microservices and apply cross-cutting controls like routing and filtering. (Simplified client integration (one entry point), improved resilience and operational control over service-to-client traffic as the microservice ecosystem scaled.)
- Airbnb: Secure partner and internal API access with centralized policy enforcement — Airbnb has discussed using an API gateway approach to centralize authentication/authorization and routing for service APIs, reducing the need for each service to implement the same edge concerns. (More consistent security controls and easier evolution of backend services without breaking clients.)
- Capital One: Hybrid connectivity between on-premises environments and public cloud — Uses VPN gateway connectivity patterns to extend private networks into cloud environments for secure access to cloud workloads and services. (Enabled phased cloud adoption while maintaining secure connectivity to legacy systems and meeting enterprise security requirements.)
Provider Equivalents
- AWS: Amazon API Gateway / NAT Gateway / AWS VPN Gateway / Internet Gateway
- Azure: Azure API Management / NAT Gateway / VPN Gateway / (no direct 'Internet Gateway'; uses public IPs, route tables, and Azure Firewall/NVA patterns)
- GCP: API Gateway (or Apigee) / Cloud NAT / Cloud VPN / Cloud Router (with routes) + external IPs (no single 'Internet Gateway' resource)
- OCI: API Gateway / NAT Gateway / VPN Connect / Internet Gateway
Frequently Asked Questions
- What's the difference between a Gateway and a Load Balancer?
- A load balancer mainly distributes incoming traffic across multiple healthy backends (often within the same application tier) to improve availability and performance. A gateway is an entry point that can also enforce policies and translate or route traffic between different networks or services. For example, an API gateway can authenticate requests, apply rate limits, and route to different microservices, while a load balancer typically focuses on spreading traffic across instances of the same service.
- When should I use a Gateway?
- Use an API gateway when you want one stable endpoint for many backend services and need features like authentication, authorization, throttling/rate limiting, request routing, and observability. Use a NAT gateway when private subnets need outbound internet access (for updates, calling external APIs) without allowing inbound connections from the internet. Use a VPN gateway when you need encrypted connectivity between on-premises networks and cloud networks. Use an internet gateway (or equivalent internet egress/ingress design) when resources must be reachable from the public internet.
- How much does a Gateway cost?
- Costs depend on the gateway type and traffic. API gateways are commonly priced by number of requests, data transfer, and optional features (e.g., caching, custom domains, WAF integration). NAT gateways typically charge per hour (or per gateway) plus per-GB data processed, so high egress can become expensive. VPN gateways usually charge per hour per tunnel/gateway plus data transfer, and may add costs for additional connections or higher throughput SKUs. Internet gateway-style connectivity is often not billed as a standalone resource in some clouds, but you still pay for public IPs (where applicable) and data egress to the internet.
Category: networking
Difficulty: intermediate
Related Terms
See Also