Creating Your VPCStep-by-step guide to creating your first AWS Virtual Private Cloud (VPC) and understanding CIDR for efficient network management.
ByAnis Mer_

Creating Your VPC

Creating Your Virtual Private Cloud (VPC)

AWS Virtual Private Cloud (VPC) is the backbone of your cloud infrastructure. Think of it as your private, customizable office building in the cloud. In this section, we’ll create your first VPC step-by-step and explore the key concept of CIDR (Classless Inter-Domain Routing), which is crucial for managing your network’s IP addresses.

What is a VPC?

A Virtual Private Cloud (VPC) is a logically isolated network within AWS that you control. It’s your private space in the cloud where you can securely run applications, organize resources, and manage traffic.

Mental Model:
Think of a VPC as your office building:

  • You decide how to divide it into floors (subnets).
  • You control who enters, exits, and what areas are restricted (security groups and NACLs).
  • You can connect it to the outside world (Internet Gateway) or keep it private.

CIDR (Classless Inter-Domain Routing)

Before we create your VPC, let’s understand how CIDR blocks define the IP address range for your network.

What is CIDR?

  • Definition: CIDR uses a combination of an IP address and a number (e.g., 10.0.0.0/16) to describe a network and its size.
  • Purpose: It enables you to allocate IP addresses efficiently, avoiding wasted space.

Mental Model: CIDR as a Neighborhood Plan

Think of CIDR like designing a neighborhood:

  • The IP address (e.g., 10.0.0.0) is like the name of the neighborhood.
  • The prefix size (e.g., /16) tells you how many houses (addresses) you can fit in that neighborhood.
  • A smaller number after the slash (e.g., /8) creates a larger neighborhood with more houses, while a larger number (e.g., /24) creates a smaller neighborhood.

For example:

  • A /16 block is like a sprawling suburb with thousands of houses.
  • A /24 block is a small street with just 256 houses.

Visualizing Bits in CIDR

CIDR relies on binary representation to define the network portion and host portion of an IP address. Let’s take 10.0.0.0/16 as an example:

  • In binary, 10.0.0.0 looks like this:
    00001010.00000000.00000000.00000000

  • The /16 means the first 16 bits (shown in bold below) are reserved for the network portion:
    00001010.00000000.00000000.00000000

  • The remaining 16 bits are for the host portion, allowing up to 65,536 devices in this network.

We’ll dive deeper into how binary and subnet masks work in a future article. For now, just understand that /16 reserves the first half of the address for the network, leaving the rest for devices.

Breaking Down CIDR Notation: /16 or /24?

The number after the slash (/) tells us how many bits are used for the network portion of the address:

  • Network Portion: The fixed part of the address, used to identify the network.
  • Host Portion: The remaining bits, used to assign unique addresses to devices within the network.

Examples:

  1. 10.0.0.0/16:

    • The first 16 bits (10.0) identify the network.
    • The remaining 16 bits are for devices (hosts), allowing up to 65,536 unique addresses.

  2. 10.0.0.0/24:

    • The first 24 bits (10.0.0) identify the network.
    • The remaining 8 bits are for devices, allowing up to 256 unique addresses.

Why Does CIDR Matter in AWS?

CIDR blocks help organize and manage your VPC network efficiently. They determine:

  • The size of your VPC (total available addresses).
  • How you divide addresses among subnets.

For instance, assigning a large /16 block to your VPC ensures you have plenty of room to create smaller subnets for specific applications or departments.

Step-by-Step: Creating Your First VPC

Now that we understand CIDR, let’s create your VPC:

  1. Log in to the AWS Management Console

    • Navigate to the VPC Dashboard.
    • Click Create VPC.

  2. Define Your VPC Settings

    • Name Tag: Give your VPC a name (e.g., MyFirstVPC).
    • IPv4 CIDR Block: Assign an IP range, such as 10.0.0.0/16.
    • IPv6 CIDR Block (Optional): Leave disabled unless you need IPv6 support.
    • Tenancy: Stick with Default (shared hardware) for cost efficiency.

  3. Click “Create VPC”

    • AWS will provision your VPC in seconds.

Enhanced Mental Model

Picture your VPC as an office building:

  • The CIDR block is your building’s address, defining its boundaries.
  • You’ll create rooms (subnets) for public visitors or internal workspaces.
  • Security measures (firewalls and access rules) keep the building safe.

Validating Your VPC

Once your VPC is created:

  • Go to the VPC Dashboard and confirm your new VPC is listed.
  • Verify the CIDR block to ensure it matches your configuration.

Big Words Defined

  • VPC (Virtual Private Cloud): A private, isolated network in AWS where you run resources.
  • CIDR Block: A range of IP addresses assigned to your VPC.
  • Prefix: The number after the slash (/), showing how many bits identify the network.
  • Network Portion: Fixed part of the address, identifying the network.
  • Host Portion: Variable part of the address, identifying individual devices.

What’s Next?

Next, we’ll explore Subnets — the neighborhoods of your VPC — and learn how to divide your network into public and private spaces for better organization and security.

Back