Introduction
You are creating your first Virtual Private Cloud (VPC) on AWS and you get to allocate an IPv4 CIDR block. Everything’s going smoothly till you set your subnets and you get this error:
Facing this error at the first step of your project can be frustrating, however keep calm I will work you through it.
What are VPCs
A VPC on AWS means a Virtual Private Cloud. It can be likened to having your own private house in a neighborhood. The house represents the private cloud - meaning it is just for you and nobody else can access it.
Your house is in a neighborhood, and it's surrounded by a wall so no one can get in without your permission. Inside your house, you can do whatever you want. You can have as many rooms as you want, with different kinds of furniture, paint the walls any color you like, and so on.
You can also invite people to come over, like a party or a barbecue, but only if you want them to.
Now, imagine that the neighborhood is like the internet. All the houses in the neighborhood are connected, but your house is still private. Nobody else can access it, but you can access all the other houses (or services) on the internet.
A VPC on AWS is having your private cloud on the internet. It's secure and private, and you can customize it to fit your needs.
A Virtual Private Cloud is often referred to as a logically isolated portion of AWS within a region. This means it is not realistically isolated, as it is on the internet, but it is isolated as other VPCs and the internet can not communicate with it unless it is explicitly stated. It is also restricted to a region, a Virtual Private Cloud can not span regions
What are IP addresses and Subnetting?
On the Internet, devices communicate with each via Identification numbers. These numbers are referred to as an IP address meaning an Internet Protocol address. Every device that connects to the internet has an IP address, your phone has one, and your laptop has one.
In a Virtual Private Cloud, we have to communicate with the internet and other VPCs with identification numbers hence the need for an IP address.
Let's say you have a friend who lives in a big city. To get to your friend's house, you need to know the address of their house so you can find it. IP addresses are like that, but for computers.
Let's say your friend's address is 123 Main Street, Abuja. That address is made up of two parts:
The street name and number: 123 Main Street
The city: Abuja
The street name and number tell you exactly where your friend's house is located. The city tells you what part of the world it's in. IP addresses work the same way.
They are made up of two parts:
1. The host ID: This is like the street name and number. It tells you exactly which computer you're trying to reach.
2. The network ID: This is like the city. It tells you what part of the internet the computer is on.
For example, let's say the IP address of your friend's computer is 192.168.1.5. This IP address is made up of two parts:
The network ID: 192.168.1
The host ID: 192.168.1.5
The host ID tells you the exact location of your friend's computer. The network ID tells you what part of the internet it's on.
SUBNETTING AND CIDR IN AWS
Subnetting and CIDR in virtual private clouds on AWS are ways to divide up a single network into smaller parts. Subnetting is a process of dividing a network into multiple sub-networks, each with its unique range of IP addresses. Each subnet is a distinct network with its security and access policies, allowing you to control access to the subnets from other networks.
CIDR
CIDR stands for Classless Inter-Domain Routing. In virtual private clouds on AWS, CIDR is used to divide your virtual cloud into multiple subnets, or small networks within a larger network.
Let's say you have a big house with a big garden. Just like this big house, your virtual cloud is like a big network, and the garden is like the subnet within that network. A CIDR is like a fence that we put around the garden to separate it from the rest of the house.
This fence will limit who can come and go from the garden. So, if you want to allow your friends to come into the garden, you can put a gate in the fence and give them the key to the gate. In your virtual cloud, the CIDR works similarly. It is like a fence that separates the different subnets from each other, and it has gateways that allow connections between them.
You can set up the CIDR to decide who can access the subnets and who can't. CIDR is important in virtual private clouds on AWS because it helps keep your data secure. By setting up the CIDR, you can control who can access the different subnets and keep unwanted visitors out.
Subnetting and CIDR are useful tools in virtual private clouds on AWS because they allow you to divide up large networks into smaller, more manageable parts. This allows you to control access to your network, as well as assign different levels of access to different parts of the network.
To summarize, subnetting and CIDR in virtual private clouds on AWS help you divide a single network into smaller parts, allowing you to control access to different parts of the network. CIDR is used to assign IP addresses to each subnet.
RULES GUIDING CIDR IN AWS
There are rules guiding the allocation of CIDR blocks in AWS
- CIDR blocks in Amazon Web Services (AWS) must be within the private IP address range as defined by RFC 1918.
CIDR blocks must be a minimum size of /28 and can go up to /16.
CIDR blocks must be non-overlapping, meaning they must not overlap with any other CIDR blocks, including those assigned to the VPC or any other VPCs within the same region.
A subnet mask can be used to determine the number of available IP addresses within a given CIDR block.
CIDR blocks can be divided into smaller CIDR blocks, as long as the new blocks remain within the original CIDR block's range.
Alternatively, some tools help you calculate the IP addresses and subnets that are available from a CIDR block.
For more details check the AWS official documentation
CONCLUSION
A CIDR block is a range of IP addresses that are grouped for the purpose of routing traffic on the internet. In AWS, CIDR blocks are used to define the range of IP addresses available to a Virtual Private Cloud (VPC). Subnetting in AWS VPC is the process of dividing a network into multiple sub-networks, or subnets, each with its own CIDR block. Subnets are used to segment a network into smaller, more manageable pieces. By using subnets, customers can control which resources can communicate with each other, improve network performance, and better secure their networks.