Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Amazon VPC n^2 -4 IP Addresses? CIDR Block

I was in the process of creating a new AWS VPC for my instances. However, I noticed that when I used CIDR Notation to create the VPC & Public Subnet, AWS indicates that I have n^2 - 4 (where n is the # of bits) available IP addresses? Why is this?

I understand that when n^2 -2 occurs it is usually to remove the case where bits are all 0s or all 1s. But am not sure why it is - 4 in this case.

AWS VPC Screen

Here the /28 indicates 11 IP addresses available when I expected 15 or 13, and 251 when I expected 255 or 253

like image 612
steviesh Avatar asked Dec 14 '22 13:12

steviesh


2 Answers

Important

AWS reserves both the first four IP addresses and the last IP address in each subnet CIDR block; they're not available for you to use. For example, in a subnet with CIDR block 10.0.0.0/24, the following IP addresses are reserved: 10.0.0.0, 10.0.0.1, 10.0.0.2, 10.0.0.3, and 10.0.0.255.

— http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Subnets.html

In addition to the network and broadcast addresses, there's a default gateway automatically provisioned, as well as IP addresses used for delivering services automatically provided by the VPC infrastricture in each subnet (like DNS resolvers and DHCP). These are largely transparent to you, but that is where the addresses are going and the reason why they aren't available for assignment to instances in the subnet.

like image 81
Michael - sqlbot Avatar answered Jan 17 '23 22:01

Michael - sqlbot


The first four IP addresses and the last IP address in each subnet CIDR block are not available for you to use, and cannot be assigned to an instance. For example, in a subnet with CIDR block 10.0.0.0/24,the following five IP addresses are reserved:

• 10.0.0.0: Network address.

• 10.0.0.1: Reserved by AWS for the VPC router.

• 10.0.0.2: Reserved by AWS for mapping to the Amazon-provided DNS.

• 10.0.0.3: Reserved by AWS for future use.

• 10.0.0.255: Network broadcast address.

Since AWS does not support broadcast in a VPC, therefore they reserve this address.

like image 35
Himanshu Chauhan Avatar answered Jan 18 '23 00:01

Himanshu Chauhan