AWS IP Subnet Reservations
Here, we will learn the concept of AWS IP Subnet Reservations.
VPC
- a virtual network dedicated to AWS account.
- logically isolated from other virtual networks in AWS
- launch AWS resources, such as Amazon EC2 instances, into VPC.
- It spans all AZs in region.
- After VPC creation, can add subnets in each AZ
- Each subnet must reside entirely within one AZ and cannot span zones.
- Must specify range of IPv4 addresses during VPC creation, in CIDR, a subset of VPC CIDR block.
- The allowed block size is between a /16 netmask (65,536 IP addresses) and /28 netmask (16 IP addresses).
- primary CIDR block for VPC – 10.0.0.0/16.
- can also assign IPv6 CIDR block to VPC, and assign IPv6 CIDR blocks to subnets.
a new VPC with an IPv4 CIDR block, and route table.
VPC configured with subnets in multiple AZ and 1A, 1B, 2A, and 3A are instances in VPC.
VPC and Subnet Sizing
- VPC supports IPv4 and IPv6 addressing
- VPC has different CIDR block size limits for IPv4 and IPv6
- By default, all VPCs and subnets must have IPv4 CIDR blocks
- can optionally associate an IPv6 CIDR block with VPC.
- IP addresses enable resources in VPC to communicate with each other or over the Internet.
- Private IPv4 addresses are not reachable over Internet.
- Public endpoints by assigning globally-unique public IPv4 address to instance, needed to
- To connect to instance over Internet
- to enable communication between instances and other AWS services
- IPv6 addresses are public and reachable over the Internet.
- During VPC creation, specify a CIDR block (of /16 or smaller) from the private IPv4 address ranges as
- 10.0.0.0 – 10.255.255.255 (10/8 prefix)
- 172.16.0.0 – 172.31.255.255 (172.16/12 prefix)
- 192.168.0.0 – 192.168.255.255 (192.168/16 prefix)
- first four IP addresses and the last IP address in each subnet CIDR block are not available or be assigned to an instance, as for 10.0.0.0/24
- 10.0.0.0: Network address.
- 10.0.0.1: Reserved for VPC router.
- 10.0.0.2: Reserved by AWS.
- 10.0.0.3: Reserved by AWS for future use.
- 10.0.0.255: Network broadcast address.
Rules to add a CIDR block to VPC
- allowed block size is between a /28 netmask and /16 netmask.
- CIDR block must not overlap with any existing CIDR block that’s associated with VPC.
- restrictions on ranges of IPv4 addresses to use.
- cannot increase or decrease size of an existing CIDR block.
- limit on
- number of CIDR blocks to associate with a VPC and
- number of routes can add to a route table.
- CIDR block must not be same or larger than CIDR range of a route in any of VPC route tables.
AWS Certified Solutions Architect Associate Free Practice TestTake a Quiz