- 新しい順
- 投票が多い順
- コメントが多い順
I'm not sure what is meant by "local network". Are you adding another range to your VPC? Are you connecting your VPC to somewhere else via VPN or Direct connect?
You can (pretty much) use any IP range in your VPC that you like although there are some restrictions: https://docs.aws.amazon.com/vpc/latest/userguide/vpc-cidr-blocks.html but for most purposes, creating a VPC with a private IP address range as listed in RFC1918 is fine. That covers the 10.x, 172.16.x and 192.168.x ranges.
You can use the 100.64.x.x range but why do that if you don't have to. There's nothing specifically "wrong" about it - there are the same risks as with any other private (ish) IP range that you might choose a range that someone else is using and you want to communicate with them. Ref: https://en.wikipedia.org/wiki/Reserved_IP_addresses
Otherwise, choose an IP range that is private and doesn't conflict with any other network that you wish to communicate with.
Hi,
The ranges of IP addresses that you can use to avoid overlapping with publicly routable Internet addresses were defined as standard RFC1918.
See https://en.wikipedia.org/wiki/Private_network for all details.
To avoid any accessibility issues of public internet sites from your VPC, you should strictly adhere to the ranges of RFC1918.
(Note: for security purposes, I have seen folks using non-1918 ranges in their VPC to make them very private: all requests from the outside could never reach them because all Internet routers would divert the IP packets somewhere else. But, it was for very special use cases.)
Best,
Didier
Hi Brettski, Thank you for answer. However, I would like to know if I use the range 100.0.0.0/16 for example then there is another IP in pubic internet which has an IP 100.0.0.1/32, so are there any issues with this situation.
The Wikipedia article has some details; that range was designed to be used inside carrier networks for large-scale NAT operations. You won't see it on the open internet but if it were me I'd be sticking to the RFC1918 ranges unless you had a good reason not to.