IP Addressing

We see how to handle IP addresses when creating a VPC and thinking about the subnets.

The VPC gets an IP range of private network IP addresses.

The three networks you can choose to create from are:

  1. (or smaller)
  2. (or smaller)
  3. (or smaller)

I usually create smaller networks, such as, which is half as large as the /16 IP address range. We use this tool to help calculate IP address ranges.

Once you create VPC with an IP address range, you can split that range up using Subnets.


Some basic Subnet facts to know when creating them:

  1. Each Subnets is non-overlapping IP address range within the VPC's IP address range
  2. Each Subnet is created within a specific AZ in the current region.

You'll typically create at least one subnet per availability zone, but often multiple to handle multiple cases.

For example, I like to create 2 subnets per AZ:

  1. Each AZ gets a Public Subnet - with an IGW to allow public internet access to resource in this subnet
  2. Each AZ gets a Private Subnet - with a NAT Gateway, to allow outbound internet access, but disallow the outside world from reaching a server in this subnet

It's very common to have multiple VPC's as well, to segment applications, environments, development teams, or any logical separation you can think of.

Don't miss out

Sign up to learn when new content is released! Courses are in production now.