VPC

Notes on AWS VPC #

Subnets #

Based on a 172.31.16.0/20 CIDR example, here are IPv4 addresses reserved by the AWS service in any subnet:

  • 172.31.16.0/20 - subnet CIDR (start of the CIDR block)
  • 172.31.16.1/20 - router (CIDR block + 1)
  • 172.31.16.2/20 - DNS server (CIDR block + 2)
  • 172.31.16.3/20 - future use (CIDR block + 3)
  • 172.31.31.255/20 - broadcast (end of the CIDR block)

So, effectively for /20 subnet, we have 4091 usable addresses (CIDR block size - 5).

Routing Tables #

  • By default, there is one subnet per AZ, and and all of them (three in ap-northeast-1) are attached to the same default routing table.
  • So, a single routing table can be associated with multiple subnets in the same region (different AZs).
  • The default routing table is configured with the default route to the internet.
  • To create a fully isolated cluster, we can associate a subnet with a routing table that does not have a default route.

Pre-Configured Network Interfaces #

If we create a network interface separately, we can associate it with security groups and an Elastic IP address. This way, a new instance (either on demand or spot), can be launched with pre-configured firewall and a static IP address. This is useful when re-creating multiple times the same kind of instance multiple times, e.g. when modifying and testing launch templates.

Previous Amazon Linuz 2023 S3 as a Backup Target Next