CIDR Blocks in AWS | DeployFast Blog

Assigning Addresses in the Cloud

Every network in AWS needs an addressing system to identify resources like servers, databases, or applications. AWS uses CIDR (Classless Inter-Domain Routing) to manage these addresses efficiently. In this article, we’ll break down what CIDR blocks are, how they work, and how to assign them in AWS, along with an intuitive explanation of binary math for those curious about the details.

What Are CIDR Blocks?

A CIDR block defines the range of IP addresses your network can use. It combines:

An IP address to identify the network.
A prefix to define the size of the network.

For example:
10.0.0.0/16 means:

10.0 is the network portion (fixed part).
The /16 tells you how many addresses can exist in this range.

The Basics of CIDR

CIDR works by splitting an IP address into two parts:

Network Portion: Identifies the network itself.
Host Portion: Identifies individual devices (hosts) within the network.

The number after the slash (/) in CIDR notation indicates how many bits are allocated to the network portion. The remaining bits are for the host portion.

How Numbers Are Built in Binary

Binary is the foundation of CIDR. It uses 0s and 1s, where each slot (bit) represents a power of 2. Moving from right to left, the powers of 2 grow larger.

The Rule:

If you place a 0 in a slot, you don’t count that power of 2.
If you place a 1 in a slot, you count that power of 2.

Step-by-Step: Converting Binary to Decimal

Let’s convert the binary number 00001010 to decimal:

Write out the powers of 2:

Slots:   0     0     0     0     1     0     1     0
Powers:  2^7   2^6   2^5   2^4   2^3   2^2   2^1   2^0
Values: 128    64    32    16     8     4     2     1

Check each slot (from the right):
- The 1st slot (2^0): 0, so it contributes 0.
- The 2nd slot (2^1): 1, so it contributes 2.
- The 3rd slot (2^2): 0, so it contributes 0.
- The 4th slot (2^3): 1, so it contributes 8.
- All other slots are 0, so they contribute 0.
Add the contributions:
```
8 + 2 = 10
```
- The 8 comes from the 4th slot (2^3).
- The 2 comes from the 2nd slot (2^1).
Tying It All Together:
Therefore, the binary number 00001010 translates to 10 in decimal.
For an IP address, 00001010.00000000.00000000.00000000 is equivalent to 10.0.0.0.

How Many IP Addresses in a CIDR Block?

The number of IP addresses in a CIDR block depends on the number of bits allocated to the host portion. It is calculated using the formula:

Total IPs = 2^(Number of Host Bits)

Example: /16 CIDR Block

A /16 CIDR block reserves the first 16 bits for the network portion.
The remaining 16 bits (32 − 16) are for the host portion.
The total number of IP addresses is:
```
2^16 = 65,536
```

How CIDR Blocks Work in AWS

When you create a VPC in AWS, you assign it a CIDR block. This block defines the IP address range for all resources in the VPC.

Example CIDR Blocks:

10.0.0.0/16: Allows 65,536 IP addresses.
10.0.0.0/24: Allows 256 IP addresses.

Step-by-Step: Assigning CIDR Blocks in Your VPC

Choose an IP Range: Use private ranges like 10.0.0.0/8.
Decide the Size: Select /16 for 65,536 IPs or /24 for 256 IPs.
Create Your VPC: In AWS, assign your CIDR block (e.g., 10.0.0.0/16).
Divide for Subnets: Carve smaller blocks (e.g., 10.0.1.0/24 for subnets).

Avoiding Overlaps

Make sure CIDR ranges don’t overlap to avoid routing conflicts:

Good:
- VPC 1: 10.0.0.0/16
- VPC 2: 192.168.0.0/16
Bad:
- VPC 1: 10.0.0.0/16
- VPC 2: 10.0.0.0/24 (overlaps with the first).

Key Takeaways

Plan CIDR blocks carefully to avoid overlaps.
Subnetting divides blocks into smaller, more manageable sections.

Big Words Defined

CIDR Block: A range of IP addresses grouped together for efficient management.
Prefix: The number after the slash (/).

What’s Next?

Next, we’ll explore Routing Tables — the internal roadmaps that direct traffic within your VPC and to the outside world.