A gateway is a server or router that provides access to networks from other networks or the public internet.
For example, gateways can be use as the single point of access between resources in a VPC network and the public internet. This allows resources, such as Droplets and databases, to connect to the internet while maintaining the isolation of the network.
When using a gateway, all public traffic passes through the gateway server and is routed to its correct destination on a private network.
Most DigitalOcean Droplets that have a gateway address associated with the Droplet’s anchor IP address. This allows the Droplet to send outbound traffic when using a reserved IP address.
DigitalOcean Droplets can be configured as VPC gateways so that you appropriately isolate resources in your VPC network.
A gateway is not required to access VPC networks. However, you can create a gateway as a single access point for multiple resources in a VPC network, such as Droplets. This means you only have to secure one access point to your network. For example, if you have 20 Droplets that access the public internet, that is 20 access points you need to secure against possible attackers. An alternative is to use a gateway. You can route the internet traffic of all 20 Droplets through a gateway instead, which isolates your Droplets and leaves only one public access point you need to protect. Additionally, in-network VPC traffic can be shared between resources using their private IP addresses that are linked to your VPC network.
Gateways can also filter traffic and provide other useful features.