Slowness within the AWS (EC2 and Workspaces) in Internet browsing itself, sometimes almost impossible to access a simple website.

0

Hello,

We are experiencing browsing internet related slowness within the AWS (EC2 and Workspaces), browsing in simple websites itself is slow.

We had the same problem on 03/2022, we hired support business, but they didn't solve the problem and it went back to normal on its own.

Monitoring via CloudWatch, we noticed that the slowness is related to the NAT Gateway, as the documentation says the following:

"If the value of ConnectionEstablishedCount is less than the value of ConnectionAttemptCount, clients behind the NAT gateway tried to establish new connections for which there was no response."

And as you can see in the attached graphs, whenever there is a slowdown, the ConnectionEstablishedCount metric is lower than the ConnectionAttemptCount metric

Enter image description here

Internet browsing itself is slow, sometimes almost impossible to access a simple website, and this is directly impacting our internal use and customer service, as all our internal and support applications require the internet.

It is also worth mentioning that we migrated our entire On-Premise structure to AWS in October/2021, and this is the second time this has happened.

We even set up a new NAT Gateway in another AZ but it didn't work and it was still slow.

Has anyone ever experienced this? Do you know what it could be and how to fix it?

Thanks

1 Answer
0
Accepted Answer

If NAT Gateway is truly the reason for slowness as you're hitting the limits of throughput, have you considered having separate VPCs for each workload? Amazon WorkSpaces ideally should be in its own VPC regardless, as it is a very different workload than EC2 servers.

AWS
EXPERT
answered 2 years ago
  • Thanks for your reply @StevieStets

    Today we have 6 EC2 servers and 20 Workspaces in the same VPC and using the same NAT Gateway, and at night I transfer backups from EC2 to S3.

    Do you think this could be what is hitting the NAT Gateway limit? What would that limit be? Separating into 2 VPC each with its NAT Gateway solves this problem?

    Thanks

  • Have you also considered using a VPC Endpoint interface for S3? This would remove the traffic from EC2 to S3 through the NAT Gateway.

  • And yes, generally speaking, WorkSpaces and EC2 server instances would be in their own VPCs with their own public Subnets and NAT Gateways.

  • Thanks for your reply @StevieStets I had not yet configured endpoint for s3, but on the 29th I created an endpoint and I already noticed a difference in the processed data from the nat gateway which is much smaller now. I'll follow up now.

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions