Skip to content

Instantly share code, notes, and snippets.

@kwilczynski
Last active October 9, 2018 01:19
Show Gist options
  • Save kwilczynski/551ee616c2c688c0e177daedd030fef9 to your computer and use it in GitHub Desktop.
Save kwilczynski/551ee616c2c688c0e177daedd030fef9 to your computer and use it in GitHub Desktop.
Amazon AWS - VPC network/subnet plan
VPC Network (CIDR) Designation Region
=== ============== =========== ======
1 10.100.0.0/16 Management Asia Pacific (Tokyo)
2 10.110.0.0/16 Production Asia Pacific (Tokyo)
3 10.120.0.0/16 Staging Asia Pacific (Tokyo)
Addressing scheme:
10.XXX.YYY.0/16
| `------ Subnet (e.g. Public and/or Private)
`---------- VPC (e.g. Management, Production, etc.)
Note: VPC peering is NOT possible across AWS regions.
Subnet (CIDR) Designation Availability Zone
============= =========== =================
10.XXX.1.0/24 Public 1 (DMZ) Asia Pacific (Tokyo) - A -.
10.XXX.2.0/24 Public 2 (DMZ) Asia Pacific (Tokyo) - B |- Public network (NAT, bastion, etc.)
10.XXX.3.0/24 Public 2 (DMZ) Asia Pacific (Tokyo) - C -'
10.XXX.10.0/24 Private 1 (Services) Asia Pacific (Tokyo) - A -.
10.XXX.20.0/24 Private 2 (Services) Asia Pacific (Tokyo) - B |- Web tier (front-end)
10.XXX.30.0/24 Private 3 (Services) Asia Pacific (Tokyo) - C _'
10.XXX.110.0/24 Private 4 (Persistence) Asia Pacific (Tokyo) - A -.
10.XXX.120.0/24 Private 5 (Persistence) Asia Pacific (Tokyo) - B |- Database tier (back-end)
10.XXX.130.0/24 Private 6 (Persistence) Asia Pacific (Tokyo) - C _'
Note: The subnet 10.XXX.0.0/24 was left alone as Amazon reserves first
five (5) addresses for an internal use.
Address allocation:
10.XXX.YYY.0/24
`- 10.XXX.YYY.1 - 10.XXX.YYY.10 (Reserved - Internal Use Only)
`- 10.XXX.YYY.11 - 10.XXX.YYY.254
Note: First ten usable IP addresses of each subnet are reserved for internal use
only e.g. NAT instances, internal and/or external ELBs, utility servers, etc.
Alternatively, this can be done using 172.16.0.0/12 range split into /16 which is then
split into corresponding /24 e.g.
* 172.16.0.0/16
|
+- 172.16.0.0/24
+- 172.16.1.0/24
`- 172.16.2.0/24
* 172.17.0.0/16
* 172.18.0.0/16
* 172.19.0.0/16
@rkt2spc
Copy link

rkt2spc commented Oct 9, 2018

Cross region VPC peering is now available 🐼

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment