Important concepts related to AWS VPCs

To Nha Notes | May 17, 2022, 6:39 p.m.

Let's quickly go through some important concepts related to AWS VPCs:

  • AWS VPCs consist of subresources such as internet gateways, route tables, NACLs, subnets, and security groups.
  • AWS creates a default VPC ready for us to use in every region. The following are some of its important characteristics:
    • Subnets in the default VPC have are routed to the internet.
    • A subnet is created per availability zone.
    • DHCP Options Set is updated.
  • VPC peering can be used to connect one VPC to another through a direct route using private IP addresses, making the associated instances behave like they are on the same network.
  • VPC peering can be done within the same region, across regions, and even across AWS accounts.
  • Transitive peering is currently not supported for AWS VPCs. Every VPC has to be peered to every other required VPC in a star topology-like structure.
  • To avoid the overhead of managing many point-to-point connections with VPC peering, we can make use of the AWS Transit Gateway to connect all the VPCs and even on-premise networks to a single gateway.
  • Apart from the standard reserved IP addresses of network address and broadcast address, AWS also reserves three more IP addresses. So, a total of five addresses are reserved in a VPC.
  • The following are the reserved IP addresses in an AWS VPC with a CIDR block range of 10.0.0.0/16:
    • Network address: 10.0.0.0
    • Reserved for VPC Router: 10.0.0.1
    • Reserved for DNS: 10.0.0.2
    • Reserved for future use: 10.0.0.3
    • Broadcast address: 10.0.255.255

If more CIDR blocks are configured for a VPC, the IP address of the first one will be used as a DNS server. The broadcast address is the last address of the block. If the CIDR block range is 10.0.0.0/24, the broadcast address would be 10.0.0.255.

  • RFC 1918 recommends the use of the following ranges for private IPv4 addresses, as does AWS. However, AWS will only allow ranges with a netmask size of between /16 and /24:
    • 10.0.0.0 - 10.255.255.255 (10/8 prefix)
    • 172.16.0.0 - 172.31.255.255 (172.16/12 prefix)
    • 192.168.0.0 - 192.168.255.255 (192.168/16 prefix)

Posts
Technical AI Startup Work Learning Tools Books Kinh doanh Đọc sách Làm bánh Cuộc sống Tài chính Bất động sản Đầu tư Thuế Nice words