Amazon VPC n^2 -4 IP Addresses? CIDR Block

Question

I was in the process of creating a new AWS VPC for my instances. However, I noticed that when I used CIDR Notation to create the VPC & Public Subnet, AWS indicates that I have n^2 - 4 (where n is the # of bits) available IP addresses? Why is this?

I understand that when n^2 -2 occurs it is usually to remove the case where bits are all 0s or all 1s. But am not sure why it is - 4 in this case.

Here the /28 indicates 11 IP addresses available when I expected 15 or 13, and 251 when I expected 255 or 253

Answer 1

Important

AWS reserves both the first four IP addresses and the last IP address in each subnet CIDR block; they're not available for you to use. For example, in a subnet with CIDR block 10.0.0.0/24, the following IP addresses are reserved: 10.0.0.0, 10.0.0.1, 10.0.0.2, 10.0.0.3, and 10.0.0.255.

— http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Subnets.html

In addition to the network and broadcast addresses, there's a default gateway automatically provisioned, as well as IP addresses used for delivering services automatically provided by the VPC infrastricture in each subnet (like DNS resolvers and DHCP). These are largely transparent to you, but that is where the addresses are going and the reason why they aren't available for assignment to instances in the subnet.

Answer 2

The first four IP addresses and the last IP address in each subnet CIDR block are not available for you to use, and cannot be assigned to an instance. For example, in a subnet with CIDR block 10.0.0.0/24,the following five IP addresses are reserved:

• 10.0.0.0: Network address.

• 10.0.0.1: Reserved by AWS for the VPC router.

• 10.0.0.2: Reserved by AWS for mapping to the Amazon-provided DNS.

• 10.0.0.3: Reserved by AWS for future use.

• 10.0.0.255: Network broadcast address.

Since AWS does not support broadcast in a VPC, therefore they reserve this address.