Amazon Web Service – VPC, Subnet and CIDR
What is CIDR?
CIDR-Classless Inter-Domain Routing. Classless Inter-Domain Routing is a method for creating additional addresses on the Internet. These addresses are provided to service providers (ISPs).And then assigned by the ISP to the customer. CIDR brings together the routes so that an IP address represents thousands of IP addresses served by the primary backbone provider, thereby relieving the burden on the Internet router.
Why choose CIDR
There are two main roles:
- As described earlier, CIDR can reduce the burden on Internet routers.
- CIDR can improve the utilization of IP address
One of the most important actions of CIDR is route aggregation, which can achieve the above two functions.
1) CIDR function to reduce the burden on Internet routers
Suppose we have the following four class C IP addresses
You can see more than four IP address of the network address are not the same, so the routing table above the need to configure the corresponding four routes to reach the appropriate network
Then do the route aggregation, you can see the above four IP addresses of the first 22 binary addresses are the same, it can be aggregated into a network address, the network address CIDR expression format 220.127.116.11/22, the address Of the explanation is that the address of the network 18.104.22.168, and the first 22 for the network address, the latter 10 for the host address.
So now can be allocated before the four C-class address to the network below, this way only need to configure a router in the above 22.214.171.124/22 network can be a route to achieve the purpose of reducing the burden on the router.
2) CIDR function to improve the utilization of IP addresses
Suppose we create a local area network, the LAN initial planning will have 500 hosts, so need 500 IP address, 500 IP address on the need for this address is a B class address, the B class address format is as follows
This class B address has 256*256=65536 host addresses, but only need 500 host address; this results in a waste of IP address. Now let’s do the route aggregation for only 500 host addresses, so we need for last 9-bits as the host address.
The last 9-bit host address means that there will be 512 host address, so the waste of IP addresses will be greatly reduced, the address of the utilization rate will increase substantially after the route aggregation of the network address is as follows:
192.168.254.0/23 （192.168.254.0 / 255.255.254.0 /11000000.10101000.11111110.00000000）
How to use CIDR on AWS VPC and Subnet
In AWS, we need to create a VPC(Virtual Private Cloud) virtual private cloud, we need to assign a CIDR address for the cloud, and then add the subnet to this subnet and specify the CIDR address for each subnet, and finally we add subnet to the host, AWS will be based on the subnet CIDR has a host address automatically assigned host address to the host, the following examples illustrate the process:
First create a VPC, the VPC’s CIDR address is as follows, default VPC
The following can be added to the inside of this VPC subnet
From the above binary address can see all the subnet and VPC network address intersection is 10101100.00011111, that is the first 16 bits of the same, this is exactly the VPC network address, so you can successfully add the three subnet to VPC
Next, we can try to add a subnet to the VPC to see if it can be successful
This address can not be added to the VPC, the reason for the 21-bit test-subnet network address and default-subnet 20-bit network address is overlapping, and therefore failed to join
From this we can summarize the rules of configuring VPC and subnet on AWS: the network of all subnet must be a subset of VPC network address and can not overlap with the network address of other subnet, that can be reached inside the VPC all Subnet.