Your company has deployed 2000 VMs in a private subnet of your VPC in the us-east1 region. Each VM requires at least 128 concurrent TCP connections to a public repository for downloading software updates and packages over the internet. You must implement a Cloud NAT gateway to enable outbound NAT for these VMs while ensuring all 2000 VMs can simultaneously establish connections. Which two approaches achieve this? (Select two.)