Error in creating multiple subnets in AWS VPC

Question

I am trying to create a VPC with multiple subnets in AWS. I am pretty sure I am get the concepts of CIDR to mask networks and available hosts.

Unfortunately, whenever I am trying to design the VPC I am getting errors. This is my VPC design:

• VPC: 10.0.0.0/16
• Public subnet 1: 10.0.1.0/16

Error:

Must be a valid CIDR block. Did you mean 10.0.0.0/16?

Then I assign my Public subnet as 10.0.0.0/16 due to the error.

Then I proceed to create my private network as 10.0.1.0/16 - I get an error:

CIDR block 10.0.1.0/16 overlaps with pre-existing CIDR block 10.0.0.0/16

What am I doing wrong? I just want to create two private network and one public network.

Answer 1

A VPC range of 10.0.0.0/16 means that all addresses starting with 10.0.x.x are part of the VPC.

When you create the subnet, you want it to be a portion of the VPC. People typically assign an address like 10.0.1.0/24 -- the /24 means that the subnet has every IP address starting with 10.0.1.x.

The error you received is because you tried to make a /16 subnet within a /16 VPC. This will work (as it did in your 2nd try), but you can then only have one subnet.

Bottom line: Use /24, or at least something smaller than /16 (which in CIDR actually means a bigger number!).

Answer 2

I think you're mixing up because you don't understand how the IP address masking works. Here is a little breakdown of how I'd create a VPC with 1 public and 2 private subnets:

• vpc 10.0.0.0/16 (that means 10.0.x.x will be under your vpc)
• public subnet 10.0.1.0/24 - that means all 10.0.1.x addresses are public
• private subnet 10.0.2.0/24 - that means all 10.0.2.x addresses are private
• private subnet 10.0.3.0/24 - that means all 10.0.3.x addresses are private

There is a nice little diagram that shows you at a high level how a VPC should be set up: