Floating IP (NAT) vs Public IP on NIC (No NAT)
Publisher: Psychz Networks, December 12,2025Floating IP (NAT) vs Public IP on NIC (No NAT)
This article explains the difference between a Floating IP (NAT) and a Public IP assigned directly to your VM’s network interface (No NAT), so you can choose the right option for your workload.
Overview
Floating IP (NAT)
A Floating IP is a public IPv4 address that is mapped to your VM’s private IP by the cloud networking layer. This mapping is implemented using NAT (DNAT/SNAT) on the network edge.
What your VM sees: only a private IP on its NIC.
What the Internet sees: the Floating IP.
Public IP on NIC (No NAT)
A Public IP on NIC means your VM is connected to a public/provider network and receives a public IPv4 as a fixed IP on a port. Traffic is routed to/from the VM without NAT translation.
What your VM sees: the public IP on its NIC.
What the Internet sees: the same public IP.
Quick comparison
| Feature / Behavior | Floating IP (NAT) | Public IP on NIC (No NAT) |
|---|---|---|
| NAT translation | Yes (edge NAT) | No |
| Best for | Websites, APIs, SSH, typical inbound services | GRE tunnels, some routing/VPN designs, workloads that require the VM to “own” the public IP |
| IP portability (moving public IP to another VM) | Typically easy/fast | Typically requires port re-attach / manual steps |
| Security posture by default | Private-first; expose only what you map | Publicly-addressed VM; requires careful firewalling/hardening |
What it looks like inside the VM
Floating IP (NAT)
-
Your VM will show something like:
-
eth0: 10.x.x.x(private address)
-
-
The public Floating IP is not configured inside the VM.
-
Inbound connections to the Floating IP are forwarded to the VM’s private IP by the cloud network.
Public IP on NIC (No NAT)
-
Your VM will show something like:
-
eth0: 203.0.113.x(public address)
-
-
The VM uses this public IP directly for tunnel endpoints and other services.
When to choose each option
Choose Floating IP (NAT) if you want:
-
Standard public access for web apps, control panels, game servers, SSH, etc.
-
A simple “turn on public IP” experience without placing the VM directly on a public network.
-
Easier operational workflows (common examples include quick instance replacement while keeping the same public IP, or IP reassignment in some HA designs).
Choose Public IP on NIC (No NAT) if you need:
-
The public IPv4 bound directly to the VM interface.
-
Protocols or designs that may not work correctly behind NAT, such as:
-
GRE tunnels (common requirement)
-
Certain routing/BGP or VPN architectures
-
Environments where the application or peer expects the VM to “own” the public address at Layer 3
-
Availability and failover considerations
Both approaches can be highly available, but they differ in how IP continuity is handled:
-
Floating IP (NAT) is often used for fast IP mobility (moving a public IP from one VM/port to another in failover or rebuild scenarios).
-
Public IP on NIC (No NAT) ties the public IP to the VM’s network port. Keeping the same public IP during recovery is typically possible, but may require preserving/reusing the same port or additional operational steps, depending on your architecture.
If you have strict requirements around public IP failover time, contact support so we can recommend the correct approach.
Security notes (applies to both)
-
Always restrict access using security groups and/or a host firewall.
-
For tunneling use cases (e.g., GRE), ensure the required protocols/ports are explicitly allowed.
FAQ
Why doesn’t my VM show the Floating IP on the interface?
Because a Floating IP is typically implemented as an edge NAT mapping to your VM’s private IP. The public address exists at the cloud networking layer, not as an IP configured inside the guest.
Is “Public IP on NIC” the same as a Floating IP?
No. A Floating IP is a distinct concept and is usually NAT-mapped. “Public IP on NIC” means the VM has a public IP directly on its interface with no NAT translation.