SAP-C02 Amazon AWS Certified Solutions Architect Professional – New Domain 3 – Migration Planning part 4
- IP Address Reservation in AWS
Hey everyone and welcome back to the Knowledge Pool video series. And in today’s lecture we are going to speak about IP address reservation in AWS. So generally whenever we create a network, be it in AWS or be it in a data center, there are certain addresses which needs to be reserved for a specific functionality. Now, in today days lecture, we’ll be looking into what are the IP addresses which are being reserved when we create a subnet under the VPC in AWS. So let’s get started. Now by default, EC two and VPC uses the IPV four addressing protocol. Now, IPV six addressing is also supported. So thus when we create a VPC, we must assign an IP v four CIDR block. So let’s just revise this specific aspect. Now under the VPC console when I go and create a VPC, so in the VPC I have to give the IPV four CIDR block as a mandatory option.
Now the question is can I create any IPV four CIDR block? Let’s try it out. So if I do a ten 0008 network, you see it is giving an error saying that the block size must be between a slash 16 net mask and a 28. Netmask. And this is very very important for us to understand. So the maximum amount of IP address we can have would be under the slash 16 and the minimum amount of IP address that we can have would be slash 28. Now, for those who are not much aware about subnet, there is a nice little website from MX Toolbox which basically calculates the net mark. So if you want to know on how many IP address there will be in total under the 16. Netmark, let’s try this out. So let me put 100 zero zero and in the net mask I’ll put it as 16. And if I click on view subnet, you see it is saying that the maximum amount of IP address that we can have is 65536.
So under a VPC we can have a maximum of 65536 IP addresses that we can assign as far as the private IPS are concerned. Now, this is the maximum limit and the minimum limit it has said is 28. So let’s try 28 as well and see on what is the IP address that we can have if we select a 28. So I’ll select 28 over here and I click on view subnet and you see the maximum amount of IP address under slash 28 is 16. So in short, the minimum amount of subnet range that we can have or minimum amount of IP addresses that we can have is slash 28 and maximum is 16. So this is very important for us to remember. So coming back to the PowerPoint presentation, the IP v four block must be between slash 16 and slash 28. So this is something that we have already discussed.
Now, when we specify 16, we can have maximum of 65536 IP addresses. And when we specify 28, we can have maximum of 16 IP addresses. So whenever you create a VPC, make sure that you design in such a way that it fulfills your future requirements. So if I put a slash 16 over here, I can create multiple subnets. One for Slash 24 which will have 256 IPS and another for 24 which will have 256 IPS again. Now, many people make a lot of mistakes. Like let’s assume that you only need maximum of let’s assume 200 machines in a specific subnet. Now, if maximum you need 200 machines, do not assign a larger range like do not assign a Slash 16 for the subnet, then a lot of IP addresses will get wasted. If you only need ten machines in this subnet, then give the range of 28.
Do not give slash 24 wire and this will save you a lot and a lot of trouble. Specifically, when you are going to do a tunneling between your organization and different organization. Let me just show you. Let’s create a VPC. I’ll just say KP Labs Hyphen Demo and I’ll give the range of 100 zero 00:16, okay? And I’ll click on Create. So once this VPC gets created, we can have a maximum of 65536 IP addresses within this specific VPC. Now let’s go ahead and create a subnet. I’ll name this subnet as KP Labs hyphen subnet One eight. Now, what should be the CIDR block of this subnet is a question. Now, in order to understand this, you have to map out on what is the maximum amount of servers that you will be needing in a subnet as far as future is concerned. So let’s consider next five years.
And if you are 100% sure that the maximum amount of servers in this subnet will be no longer than 200, then you can assign the CIDR range of 100 zero 00:24. So I’ll click on yes, create. So if you select 24, then maximum amount of IP addresses would be 256. Let’s just quickly verify. I’ll select the 24 and click on view subnet. You see maximum would be 256. So you cannot really have more than 256 IP addresses in this specific subnet. So after five years, if you want to launch more servers like 300 servers in this specific subnet, you will not be able to do that. Very, very important to remember. Now, let’s create one more subnet. And I’ll say KP. Labs. Hyphen subnet two A. Now in this specific subnet, you have a requirement that there will be around 3000 to 4000 machines as far as the future is concerned.So what is the IPV for CIT or block? You cannot have Slash 24 because slash 24 will not accommodate more than 256 servers.
So in that case, what you need to do is you need to go down less. So the more less you go down, let me show you. The more down you go, the more larger the IP sets you will get. So let’s try slash 22 and I’ll click on view subnet. So 22 is giving me 100:24. That is quite interesting. If I go more down, let’s go to 2020 is giving me 40 96. So since our futuristic is requirement is around 3000 to 4000 servers, slash 20 is the optimal net mask for a second subnet. So if I do 100 zero 00:20 and I’ll click on yes Create. And you know what it says? It says that this CIDR block is overlapping with one more CIDR block. So this is very important to remember that two CIDR blocks cannot overlap each other. This is extremely important to understand as far as the exams are concerned. So let’s do one thing. Let me just delete the CID R block and let me create one more.
I’ll say KP Labs subnet two A and let’s give the range of 100 zero 00:20. And when I do a yes create. Any instances that you will be launching within this can have a maximum of these many IP addresses. So this is one very important thing to consider. Now, one mistake, as we already discussed, that lot of organization makes that they blindly give the CID a block of like 16 even for subnets. And this is not an ideal solution if you only need maximum of 200 servers, never give 20, give only 24. So this is one important thing that I would really encourage you to follow. Perfect. So let’s go back to our presentation. Now, talking about reservation, as far as Amazon is concerned, whenever we create a subnet, there are five IP addresses within that subnet which are always reserved.
So what are those five addresses? Among those five addresses, the first four IP address and the last IP address in each subnet is not available for us to use and cannot be assigned to an instance. So, whenever you create a subnet, remember, the total of five IP address will not be available for you to use. So, let’s take an example for that. So, if you have a subnet block of 100 zero 00:24, we know that among this five IP address will not be available for us to use. Now, what are these five IP addresses? The first is the network address. So network address and broadcast address are generally reserved for most of the networks. So 100 zero zero and 100 zero 255. So this is the first and this is the last IP address. They are always reserved. Then Amazon uses 100 zero one for the VPC router.
So this is the IP address reserved for the VPC router. 100 zero two is reserved for the AWS DNS. And my mistake, this should be 100 zero three and that is reserved for the futureistic use. So let’s do one thing. Let me just make the changes right now so that it will not be confusing to us. So as a solutions architect, we need to remember that there are five IP addresses which are reserved. First is for network address, last is for broadcast. Then we have one for VPC router, second for VPC DNS, and third is reserved for future use. So, let’s try this out. So, we know that within 1024, let’s try, you know how many IP addresses can be reserved. So there will be total of 256 IP addresses within the 24 subnet. So you see, 24 is 256 IP addresses. Now, we know that whenever we create a subnet with 24, five IP addresses will always be reserved.
And if you subtract five from 256, you will get 251. So in total, you will have 251 IP addresses that you can assign to your EC two instances. So, let’s try this out. I’ll delete the older subnet and let’s try and create the subnet of this is a Skeptic subnet. Let’s create a subnet of 100 zero 00:24. Now, we know this will have 256. Minus five would be 251. So there will be total of 251 IP addresses that you can assign. Let’s check. So, good thing about AWS is that under the available IPV four, it will tell on how many IP addresses are available. And you will see total is 251 only. Although this subnet has 256 IP addresses in total, the only available you have is 251.Now, one last thing I wanted to show you is that the IP address for AWS DNS.
So let me log into one of the EC two instance, and generally what happens is the dot two at the end is generally reserved for DNS. So whenever you launch an EC two instance, if you do a cat on, etcresult. Conf, you will see that the last octave two, this is generally reserved for the AWS VPC DNS. So this is something that you need to remember very well for exams. So this is it. About this Lecture important points to remember for exams, understand the minimum and maximum net mask that you can have, which is 16 and 28. Know that phi IP address in each subnet is reserved. And as we discuss, IP address of subnet cannot overlap each other like two people cannot have the same phone numbers. Similarly, IP addresses cannot overlap.