What is VPC? Why do we need?
VPC is better knows as Virtual Private Cloud, a virtual private network where you can create your AWS resources S3, EC2 etc., It is isolated virtual network defined by you.
Also you have privilege to:
- Choose your own IP address range
- Choose your gateways
- Configure route tables
- Add subnets
- And create VPN connection
- ACL - Access Control Lists
You must have and default VPC, otherwise you cannot create any AWS resources. Its is like an Data Center without networking. You can access any resource within this VPC from public internet through Internet Gateway. Route tables enables router which routes the traffic from public internet to resources, between resources, etc.,
You can create custom VPC and configure if you do not want to use default VPC. Else you can edit the default VPC and configure according to your needs.
They are highly scalable and without any bandwidth limitations.
Using ACLs and Security Groups you can control your inbound and outbound traffic. ACLs for subnets and Security Groups for instances.
What is Subnet? How to configure?
It is just range of IP addresses within your VPC. You can create any resource and it will have the IP address assigned to it and within the Subnet range. By editing CIDR IPV4 or IPV6 you can increase IP address range. See below for detailed explanation.
Subnet Selection : IPV4
When we work on AWS, we all must come across a mandate step, that is defining our subnets and setting subnet ranges based on our required IP addresses needed for our components with in the VPC. Here let us see how to choose Subnet and range.
Lets define Subnet: What is Subnet?
Subnets are part of available networks within the Availability zone. Each VPC has its own isolated virtual private networks which are parts of available network addresses with-in the availability zone. The subnets cannot span across multiple availability zones.
Here we will see how to choose the subnet and define its range.
When we create VPC, we have to choose the Subnet block either in IPV4 block or IPV6 block. We will discuss the differences between IPV4 and IPV6 later. Let us look at the IPV4 block now.
Here are the default options 10.0.0.0/24.
Now lets decode the 10.0.0./24.
IPV4 has the address ranges of 2^32 it is equal to 4,29,49,67,296 different IP addresses.
If we define 10.0.0.0/0 - it means 32-0 = 32, so 2^32 = 4,29,49,67,296 addresses with in the VPC. But we are not going to have such big number of AWS Services or EC2 instances with-in our VPC. So we are going to have less number of IP addresses.
If we want 16 addresses in our VPC, we have to go for 10.0.0.0/28 it means, 32-28=4, 2^4=16. So we will be having the 16 IP addresses range.
OK that's cool. What will be my IP addresses.
If we have chosen, 10.0.0.0/28, then it is 32-28=4, 2^4=16, ranges from 10.0.0.0 to 10.0.0.15.
If we have chosen, 10.0.0.0/24, then it is 32-24=8, 2^8= 256, ranges from 10.0.0.0 to 10.0.0.255.
Lets see what happen is the range is beyond 256. Lets choose, 10.0.0.0/16.
32-20=12, 2^16= 4096, ranges from 10.0.0.0 to 10.0.15.255.
Let's see if we have chosen 10.0.0.0/16, 32-16=16, 2^16=65536, ranges from 10.0.0.0 to 10.0.255.255.
Can we have only one IP address in my VPC?
Yes it is possible. Give 10.0.00/32, 32-32=0, 2^0=1, ranges from 10.0.0.0 to 10.0.0.0.
IPV6 Subnet:
If you want to set bigger range of IP addresses, then go with IPV6, where you can set 2^64