you're reading...
AWS Network

Amazon Web Service – VPC, Subnet and CIDR

Amazon Web Service – VPC, Subnet and CIDR

What is CIDR?

CIDR-Classless Inter-Domain Routing. Classless Inter-Domain Routing is a method for creating additional addresses on the Internet. These addresses are provided to service providers (ISPs).And then assigned by the ISP to the customer. CIDR brings together the routes so that an IP address represents thousands of IP addresses served by the primary backbone provider, thereby relieving the burden on the Internet router.

Why choose CIDR

There are two main roles:

  • As described earlier, CIDR can reduce the burden on Internet routers.
  • CIDR can improve the utilization of IP address

One of the most important actions of CIDR is route aggregation, which can achieve the above two functions.

1) CIDR function to reduce the burden on Internet routers

Suppose we have the following four class C IP addresses /11000000.10101000.00000000.00000000 /11000000.10101000.00000001.00000000 /11000000.10101000.00000010.00000000 /11000000.10101000.00000011.00000000

You can see more than four IP address of the network address are not the same, so the routing table above the need to configure the corresponding four routes to reach the appropriate network

Then do the route aggregation, you can see the above four IP addresses of the first 22 binary addresses are the same, it can be aggregated into a network address, the network address CIDR expression format, the address Of the explanation is that the address of the network, and the first 22 for the network address, the latter 10 for the host address.

So now can be allocated before the four C-class address to the network below, this way only need to configure a router in the above network can be a route to achieve the purpose of reducing the burden on the router.

2) CIDR function to improve the utilization of IP addresses

Suppose we create a local area network, the LAN initial planning will have 500 hosts, so need 500 IP address, 500 IP address on the need for this address is a B class address, the B class address format is as follows /11000000.10101000.00000000.00000000

This class B address has 256*256=65536 host addresses, but only need 500 host address; this results in a waste of IP address. Now let’s do the route aggregation for only 500 host addresses, so we need for last 9-bits as the host address.

The last 9-bit host address means that there will be 512 host address, so the waste of IP addresses will be greatly reduced, the address of the utilization rate will increase substantially after the route aggregation of the network address is as follows: ( / /11000000.10101000.11111110.00000000)

How to use CIDR on AWS VPC and Subnet

In AWS, we need to create a VPC(Virtual Private Cloud) virtual private cloud, we need to assign a CIDR address for the cloud, and then add the subnet to this subnet and specify the CIDR address for each subnet, and finally we add subnet to the host, AWS will be based on the subnet CIDR has a host address automatically assigned host address to the host, the following examples illustrate the process:

First create a VPC, the VPC’s CIDR address is as follows, default VPC, 10101100.00011111.00000000.00000000

The following can be added to the inside of this VPC subnet

Default Subnet, 10101100.00011111.00000000.00000000

Public Subnet, 10101100.00011111.00011000.00000000

Private Subnet, 10101100.00011111.00010000.00000000

From the above binary address can see all the subnet and VPC network address intersection is 10101100.00011111, that is the first 16 bits of the same, this is exactly the VPC network address, so you can successfully add the three subnet to VPC

Next, we can try to add a subnet to the VPC to see if it can be successful

Test Subnet ,10101100.00011111.00000000.00000000

This address can not be added to the VPC, the reason for the 21-bit test-subnet network address and default-subnet 20-bit network address is overlapping, and therefore failed to join

From this we can summarize the rules of configuring VPC and subnet on AWS: the network of all subnet must be a subset of VPC network address and can not overlap with the network address of other subnet, that can be reached inside the VPC all Subnet.

About daviewning

I am an Oracle DBA


No comments yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: