(AWS VPC) IP networks
Contents
Notes
one could replace 10.x.x.x with 100.64.x.x if using version-1 of the schema (see IANA-Reserved IPv4 Prefix for Shared Address Space);
- there are constraints regarding the network address in the context of VPC:
the whole address range of a VPC can't be larger than /16;
the address range of a VPC subnet can't be smaller than /28;
- RDS databases require dedicated subnets in at least two (recommended three) availability zones;
- routing between VPC is allowed (via VPC peering) but only if the two address ranges don't overlap;
- once a VPC and subnet is created the address range can't be changed;
see the links section for links to documentation;
Cluster address ranges
Examples
- ranges for networks of various applications:
10.104.0.0/16
services
96+8+0
10.108.0.0/16
application-1
96+12+0
10.112.0.0/16
application-2
96+16+0
10.116.0.0/16
testing
96+20+0
- ranges for networks of belonging to the same application but in different regions:
10.114.0.0/16
cluster in region-1
96+18+0
10.115.0.0/16
cluster in region-1
96+18+1
- CIDR classes:
10.104.0.0/15
all hosts belonging to services regardless of region
Schema
10.[<s:3>+<c:4>+<r:1>].0.0/16:
<schema> (3 bits):
0
(reserved)
000.cccc.r (00000000)
32
(reserved)
001.cccc.r (00100000)
64
(extension)
010.cccc.r (01000000)
96
version-1
011.cccc.r (01100000)
128
(reserved)
100.cccc.r (10000000)
160
(reserved)
101.cccc.r (10100000)
192
(reserved)
110.cccc.r (11000000)
224
(reserved)
111.cccc.r (11100000)
<cluster> (4 bits):
always use from 1 to 8; (this allows, for example if one doesn't use cluster 5, to extend cluster 1 with more addresses, etc.;)
0,2,4,6
(reserved)
00??.r (00000 -> 00110)
8
cluster-1
0100.r (01000)
10
cluster-5
0101.r (01010)
12
cluster-2
0110.r (01100)
14
cluster-6
0111.r (01110)
16
cluster-3
1000.r (10000)
18
cluster-7
1001.r (10010)
20
cluster-4
1010.r (10100)
22
cluster-8
1011.r (10110)
24,26,28,30
(reserved)
11??.r (11000 -> 11110)
<region> (1 bit):
always start with 0;
this can be combined with <cluster> to get up-to 32 clusters;
this can be combined with <region> and perhaps <zone> from the subnet address to get up-to 4 regions or 16 zones;
Subnet address ranges
Examples
ranges for networks belonging to the same application (all in region-1) but in different zones and different purposes:
10.x.4.0/24
public servers in zone-1
0+0+4
10.x.36.0/24
public servers in zone-2
0+32+4
10.x.6.0/24
private servers in zone-1
0+0+6
10.x.38.0/24
private servers in zone-2
0+32+6
10.x.10.0/24
private databases in zone-1
0+0+10
10.x.42.0/24
private databases in zone-2
0+32+10
- CIDR classes:
10.x.0.0/17
all hosts in region-1
0
10.x.128.0/17
all hosts in region-2
128
10.x.0.0/20
all hosts in region-1 / zone-1
0+0
10.x.32.0/20
all hosts in region-1 / zone-2
0+32
10.x.128.0/20
all hosts in region-2 / zone-1
128+0
10.x.160.0/20
all hosts in region-2 / zone-2
128+32
Schema
10.x.[<r:1>+<z:3>+<n:4>].0:
<region> (1 bit):
0
region-1
0.zzz.nnnn (00000000)
128
region-2
1.zzz.nnnn (10000000)
<zone> (3 bits):
always use from 1 to 8; (this allows, for example if one doesn't use zone 5, to extend zone 1 with more networks, etc.;)
0
zone-1
000.nnnn (0000000)
16
zone-5
001.nnnn (0010000)
32
zone-2
010.nnnn (0100000)
48
zone-6
011.nnnn (0110000)
64
zone-3
100.nnnn (1000000)
80
zone-7
101.nnnn (1010000)
96
zone-4
110.nnnn (1100000)
112
zone-8
111.nnnn (1110000)
<network> (4 bits):
always use from 1 to 8; (this allows, for example if one doesn't use network 5, to extend network 1 with more hosts, etc.;)
always use networks 1, 2, 5, and 6 for public networks;
always use networks 3, 4, 7, and 8 for private networks (like RDS);
0,1,2,3
(reserved)
0000 -> 0011
4
network-1
0100
5
network-5
0101
6
network-2
0110
7
network-6
0111
8
network-3
1000
9
network-7
1001
10
network-4
1010
11
network-8
1011
12,13,14,15
(reserved)
1100 -> 1111