Creating Subnets in a VPC

Customer Scenario

As a cloud support engineer at AWS, I received the following ticket from a startup customer:

Ticket from customer

Hello, Cloud Support!

I'm new to AWS, and I need help setting up a VPC. Can you please help me through the setup process? I would like to build only the VPC part and would like to make it look something like the following picture. Can you help me ensure I have around 15,000 private IP addresses in this VPC available? I would also like the VPC IPv4 CIDR block to be a 192.x.x.x. I don't remember which is a private range though. Can you confirm that? I would also like to allocate at least 50 IP addresses for the public subnet.

Thanks!
Paulo Santos
Startup Owner

In the customer's VPC architecture, Paulo needed approximately 15,000 IP addresses for their Seattle office headquarters and 50 IP addresses for their operations department, which would be in the public subnet.

Task 1: Investigating the Customer's Needs

Before starting the implementation, I took some time to review what a VPC is and the key concepts involved:

A VPC is essentially a data center in the cloud - logically isolated from other virtual networks, allowing for quick AWS resource deployment
Resources within a VPC communicate through private IP addresses, while public IP addresses are needed for external communication
A CIDR block defines a range of private IP addresses used within the VPC (e.g., 192.168.0.0/16)
Subnets are ranges of IP addresses within the VPC

To determine the appropriate CIDR range for the customer's requirements, I utilized these resources:

Subnet calculator: https://www.subnet-calculator.com/
RFC 1918 private address ranges: https://datatracker.ietf.org/doc/html/rfc1918

For the task, I needed to investigate Paulo's requirements and build a VPC environment based on these needs, then create a simple walkthrough for him to follow. Paulo had switched to AWS and needed help launching his first VPC. He had some networking knowledge but was new to AWS, needing around 15,000 IP addresses in the private range and at least 50 IP addresses in a public subnet.

Building the VPC Solution

I logged into the AWS Management Console and navigated to the VPC service by typing "VPC" in the search bar at the top-left corner.

From the Amazon VPC dashboard, I clicked the Launch VPC Wizard button to start creating the VPC. This launched a step-by-step process to set up a VPC with its basic components.

When building a VPC and its components, follow the order of the navigation pane on the left side to build your VPC and its resources in order

In the wizard, I followed these steps to launch the VPC:

Step 1: Select VPC Configuration

I took a moment to review the four available VPC configuration options. Based on Paulo's requirements, I selected VPC with a Single Public Subnet and clicked Select to proceed.

I reflected on which VPC configurations had been used in previous setups. They had been using VPCs with one subnet, depending on customer needs - some with multiple public-only subnets or combinations of public and private subnets.

I also considered why there are both private and public subnets:

Public subnets are for instances that can be accessed by the internet and that access the internet with a public IP and internet gateway
Private subnets keep instances private and cannot be addressed by the internet
For instances within a private subnet to connect to the internet, they need a network address translation (NAT) gateway

Step 2: Configure VPC Settings

For the "VPC with a Single Public Subnet" option, I configured the following settings:

I deleted the pre-filled IPv4 CIDR block
To determine the correct 192.x.x.x private address range and CIDR block that fits 15,000+ IP addresses, I referenced:
- RFC 1918: https://datatracker.ietf.org/doc/html/rfc1918
- IP address calculator: https://www.subnet-calculator.com/
I determined that a CIDR block of 192.168.0.0/18 would provide 16,384 IP addresses, which satisfies the requirement for 15,000+ addresses
For IPv6 CIDR block, I left "No IPv6 CIDR Block" selected, as we weren't using IPv6 in this setup
For the VPC name, I entered First VPC
For Public subnet's IPv4 CIDR, I entered 192.168.1.0/26, which provides 62 usable IP addresses, meeting the requirement for at least 50 addresses
For Availability Zone, I selected "No Preference"
For Subnet name, I left it set to "Public subnet"
I left the remaining options at their default settings

I thought about why private IP addresses are used within the VPC and concluded that they're not reachable over or from the internet, which keeps resources and communications private within the VPC.

After configuring all settings, I clicked Create VPC at the lower-right of the screen.

Verification and Summary

Once I successfully created the VPC, I saw a pop-up message saying "VPC Successfully Created." To verify that my VPC was available, I checked the "Your VPCs" section in the left navigation menu and confirmed that my VPC was listed.

To summarize what I accomplished for Paulo:

Created a VPC with a 192.168.0.0/18 CIDR block, providing 16,384 IP addresses (exceeding the required 15,000)
Created a public subnet with a 192.168.1.0/26 CIDR block, providing 62 usable IP addresses (exceeding the required 50)
Confirmed that the VPC uses the 192.x.x.x private IP address range as requested
Ensured the VPC follows AWS best practices for networking

This solution satisfies all of Paulo's requirements and provides a solid foundation for him to build his AWS infrastructure upon.

Creating Subnets and Allocating IP Addresses in an Amazon VPC