IP & Subnet Concepts
How do people identify themselves uniquely? With names ,right. So relating this with tech , that’s exactly how we identify an instance. But, they don’t get fancy names like we do, they are represented in 0s’ and 1's.
A system can have an IP address 192.168.0.1 .We can see that it has got 4 blocks, each block with 8 bits, ie in binary terms, it will be represented as 11000000. 11000000. 00000000. 00000001 .
CIDR and Subnetting
When IPs are grouped together, they are assigned a common group address, using CIDR notations .
CIDR is based on a concept called subnetting. Subnetting allows you to take a class, or block of IP addresses and further chop it up into smaller blocks, or groups of IPs
Suppose we have to track a person . Let the name be ‘Abhay ’. There can be many ‘Abhay’, but if we can uniquely identify ‘Abhay’ based on where he lives, we can definitely eliminate most of places and can shorten the search time. And that is why we need a CIDR concept, so that it can go to the appropriate route to find the instance IP.
Ex 1:
10.100.1.0 to 10.100.1.255 is a group of IPs that can be represented as 10.100.1.0/24.
As mentioned earlier , each block has 8 bits , so the minimum value for each block is 0 and the maximum value being 255 . So ,we would have a total of 256 hosts in this CIDR Block. The first one being 10.100.1.0, then 10.100.1.1, 10.100.1.2, 10.100.1.3 and so on till 10.100.1.255.
We notice that the prefix for the first 3 blocks is the same. That means the first 24 bits will be the same and the next 8 bit is the varying part. And that’s exactly why we see “/24” in the notation.
Ex 2:
15.10.2.0/16 is a CIDR block. Here 16 means that first 16 bits are fixed. hence the different IP subranges that can be formed are 15.10.0.0 to 15.10.255.255 which is 256* 256 =65536 hosts.
Subranges
As in the earlier example, we see that 65536 is a a very huge number. So Here is where subnetting is beneficial.
Ex 3: 20.1.0.0/16
These IPs can be again subgrouped as:
20.1.0.0–20.1.0.225 which can be represented as 20.1.0.0/24
20.1.1.0–20.1.1.255 which can be represented as 20.1.1.0/24
20.1.2.0–20.1.2.255 which can be represented as 20.1.2.0/24
.
.
20.1.255.0–20.1.255.255 which can be represented as 20.1.255.0/24.
VPC Basics:
A VPC is a private isolated space where we can deploy applications through instances. These instances must be present within a Subnet.
A Subnet can be Private or Public, Private by default .
A Route Table is associated with Subnet. The Main route table is created by default. This has all the subnets associated with it. But since it does not have an Internet Gateway resource, it will be Private.
An Internet Gateway (IG) is what Connects the Internet to the VPC. Without it, the Internet can’t connect to its instances .
So in an ideal scenario, there can be 2 subnets, one private and one public.
To make a public subnet, all we have to do it attach an IG Resource to the Route table and the instance is now publicly accessible.
So , lets say we attach the IG to the Main Route Table. And we know that the Main Route Table associates all the subnets. But, we do not want to give access to all the instances and we know that it has both subnets associated with it.
So, to avoid this situation, we can create a custom route table, that is associated to only 1 Subnet that we want to be Public and attach IG Resource there. So now we have the Main Route Table that associates both Subnets, and the Custom Route Table that associates only to the Public Subnet, which has IG associated with it ,so that gives public access to the instance within it.
Concept of Elastic IPs
For every instance, it has an IP associated with it. But , if the instance is stopped and restarted , the IP changes. So if we associate an IP address , it will be a static IP of the Instance . This EIP can then be added to the Route Table.
Here we have an IG attached to Public Subnet & the Custom Route Table. We need VPC Attachment to Associate the VPC to which the subnet is present.
An EIP is associate with the instance. The Private Subnet will be associated only to the Main Route Table which I have avoided to create any confusions.
