CIDR for VPC creation on below use case
I am new on AWS, Could someone have to verify it?
Create a VPC that should be able to accommodate 20000 IPs The network should be further subdivided into 8 Sub Networks, across 2 Availability Zones 2 Public Subnets ( 100 IPs every subnet) 2 Private Application Subnets ( 2000 IPs each subnet) 2 Private Database Subnets (500 IPs each subnet) 2 Private Middleware Subnets (1000 IPs each subnet)
Please suggest the correct CIDR. Could you please verify the attached diagram or let me is there any issue with that.
Appreciate your efforts.
You've calculated the CIDR ranges appropriately. However, that's a very large VPC. Having a lot of instances/containers in that VPC means a significantly large blast radius if things start to fail.
You might consider splitting the public and private subnets across a third Availability Zone. In the model you have, in order to survive a catastrophic failure of an AZ you need to have 100% of the capacity in a single AZ (meaning that you need to have 200% of your available capacity running at any one time). If you are working across three AZs then you only need to have 50% in each AZ (150% of your available capacity). It's less expensive to run in three AZs than it is in two.
Given the large scale at which you wish to operate I strongly recommend you reach out to your local AWS Solutions Architect to discuss this design.
Relevant questions
Is possible to use RHEL Developer Subscription on AWS EC2?
asked 4 months agoDirect Connect Hide VPC CIDR Blocks from BGP Peer
Accepted Answerasked 3 years agoWhat is the best way to generate a visual diagram of the AWS environment which includes VPC, VPN
Accepted Answerasked 2 years agoAWS PrivateLink use case validation
Accepted Answerasked 15 days agoWhy would a Case ID be completely missing on my AWS account?
asked 7 months agoSecondary CIDR VPC block - Direct Connect
Accepted Answerasked 4 years agoVery new to IoT. Is AWS IoT correct for my business use case?
asked 3 years agoAdvice on creating VPC for EC2 to use IPSec connection
asked 5 months agoCIDR for VPC creation on below use case
asked 25 days agoVPC/CIDR IPv4 issue
asked 2 months ago
Thanks for brief explain and response, However /16 have lot of waste/extra IP, our requirement only 20000 across VCP. Then further subdivided into subnets as explained on main post. What is your thought for /17.
Given that you're using private IP address space, whether you use a /16 or /17 is going to depend on your expansion plans in the future. If you need to expand the VPC to accommodate more resources then a /16 is good. If you are planning on using additional VPCs then a /17 is probably the right thing. Again, I would talk with your local Solutions Architect.