VPC Basics

Introduction

• No of IP Addresses in a VPC = 2^{(32-CIDR Range)} e.g a /28 CIDR will have 2^(32-28) = 2⁴=16 IP Addresses
• VPC are regional services, are regionally resilient & operate within multiple AZ in a region
• VPC is by default Private & Isolated.
• An Account can have 1 default VPC & multiple custom VPCs
• An account gets 1 default VPC per region
• VPC CIDR defines start & end IP for a VPC
• Each VPC is subdivided in subnets. Each subnet is located in one AZ. This is set on creation & can not be changed later
• Tenancy can be set to default or Dedicated at VPC level. If it is set to Dedicated for a VPC, all the EC2s in the VPC get Dedicated Tenants which has a cost implication.
• A VPC with Default tenancy can have EC2s with dedicated tenancy on per instance basis
• A VPC has 1 primary Private IPV4 CIDR block by defailt. It can additionally have upto 5 secondary IPV4 blocks
• The VPC CIDR range can be between Min /28 (i.e. 16 IP) to Max/16(i.e. 65,536 IP)
• Optionally a single IPV6/56 CIDR block can be assigned

Default VPC

• Always has the same CIDR 172.31.0.0/16
• Has one subnet in every availability zone. Each subnet has a /20 CIDR
• Default VPC can be deleted and recreated
• Some services assume presume presence of default VPC
• It is provided with Internet Gateway, Security Group & NACL automatically
• Anything placed in default VPC is automatically assigned a public IPV4 address

VPC Sizing

• VPCs can be minimum /28(16 IPs) & maximum /16(65536 IPs)

DNS in VPC

• Have fully featured DNS provided by Route53
• Available on base IP address + 2
• enableDnsHostnames - gives instances with public ip addresses get public DNS name
• enableDnsSupport - DNS resolution is enabled or disabled within a VPC