AWS Technical Essentials -XI

My notes as I venture towards the land of AWS. Networking, IPv4, Subnetting, Subnet Mask , CIDR

Yash Agarwal

Published in

AWS Tip

15 min readSep 25, 2023

Previous Articles in the Series

Since this article is a series intended to cover AWS concepts I would highly recommend to go through the previous ones before proceeding further, else some of the concepts explained here might not ring a bell to you.

Introduction to AWS

Part I (AWS Regions, Availability Zones and Edge Location ): https://y-agarwal.medium.com/aws-technical-essentials-i-f34d8239b23f
Part II ( Interacting with AWS, Security and Shared Responsibility Model, Root User ): https://medium.com/@y-agarwal/aws-technical-essentials-ii-fedd774db31e
Part III ( IAM ): https://medium.com/@y-agarwal/aws-technical-essentials-iii-e3b42de8e187
Part IV ( Implementing Security with IAM User, Groups and Policies ): https://medium.com/@y-agarwal/aws-technical-essentials-iv-ea99716f9bd2

AWS Compute Services

Part V ( Compute as a Service, Servers , Virtual Machine Instances ): https://y-agarwal.medium.com/aws-technical-essentials-v-2333d2a938f8
Part VI ( Amazon Elastic Compute Cloud (EC2), Amazon Machine Image ( AMI ) ): https://medium.com/@y-agarwal/aws-technical-essentials-vi-670e50b3e2a1
Part VII ( Amazon EC2 Instance Lifecycle, EC2 Pricing ): https://y-agarwal.medium.com/aws-technical-essentials-vii-b91ce71dcb3b
Part VIII( Launching an Application on EC2 using AWS Console ): https://y-agarwal.medium.com/aws-technical-essentials-viii-c0b5f34b974c
Part IX ( Containers, VM vs Containers , Container Orchestration, Introduction to Amazon ECS and EKS ): https://medium.com/aws-tip/aws-technical-essentials-ix-4f38c08e3404
Part X ( Serverless Compute, AWS Fargate, AWS Lambda): https://medium.com/towards-aws/aws-technical-essentials-x-40ead39c228e

TL;DR

As I have been working as a professional Data Scientist since last 6+ years, now since last one year or so I have started yearning to learn something new and I came across the domain of AWS through the ways of Machine Learning deployment activities in one of the projects and found myself attracted to it like I was to programming when I wrote my first code in C back in my school days.

So here I am taking on the this journey to learn AWS via the free course provided by AWS itself https://aws.amazon.com/training/learn-about/architect/?th=tile&tile=learnabout.

So during my career I have come across multiple article and videos on AWS all over the internet but they we were sometimes too technical to understand for me. See I am a simple guy so I understand simple things in life.

That’s the reason while going through this course I thought why not write your own articles in simple terms this way these article will as notes for you in the future as you can refer to them instead of going back to the course or trying to find the notebook in which you wrote them down and maybe this simple language will help other men of culture like you who are out their.

Killing 2 birds with 1 stone. So let’s fly….

Introduction To Networking

We have a lot and important things coming up in the following articles about AWS Network Services. So we will shift our focus little bit in this article from AWS Services to learn some basic things about networking so that when we look into AWS Network Services it will be much faster to understand and we will not go like,”What the hell is going on?” .Also not only just AWS once you have these basics down you can apply this to learn networking on any other cloud provider for example Google. So let’s look at these basic concepts.

What is Networking?

I know everyone know this but still :P , Networking is how you connect computers around the world and allow them to communicate with one another. Seems simple right!!! No it is not, now image you have to create and define and implement the standards for how to connect the computer and how they are suppose to communicate with one another for the entier world….

For example One way to think about networking is to think about sending a letter. When you send a letter, you provide the following three elements:

The letter, inside the envelope
The address of the sender in the from section
The address of the recipient in the to section

Each address must contain specific information:

Name of sender or recipient
Street
City
State or province
Zip, area, or postal code
Country

You need all parts of an address to ensure that your letter gets to its destination. Without the correct address, postal workers cannot properly deliver the letter. In the digital world, computers handle the delivery of messages in a similar way. This is called routing.

IP Addresses

To properly route your messages to a location, you need an address. Just like each home has a mailing address, each computer or device attached to the internet has an IP address. However, instead of using the combination of street, city, state, zip code, and country, the IP address uses a combination of bits, 0s and 1s ( since that’s the only thing that computer understands ). Here is an example of a 32-bit address in binary format:

An IP address serves two main functions: Network Address, and Host Address. Think of Network Address as your society or building address and the Host Address as your flat or house number within that building or society. So an IP Address contains information about your network and as well as the address of your system connected to that network, this way your device is identified over the internet. Every network will have a unique address for example the wifi in your home will have a network address that is different from the network address of the wifi of your neighbour.

Note: there are 2 versions of IP addresses namely IPv4 and IPv6. I will only talk about IPv4 for now since I have to progress further with the concepts of AWS and for now IPv4 should be sufficient enough to understand the upcoming concepts.

IPv4 Notation

Typically, you don’t see an IP address in its binary format. Instead, it’s converted into decimal format and noted as an IPv4 address.

In the following diagram, the 32 bits are grouped into groups of 8 bits, also called octets. Each of these groups is converted into decimal format separated by a period. Each octet can take on the value between 0–255 ( since each octet is 8-bit long hence 2⁸)

So far, so good. Now you might be wondering how should I identify the network interface and the location addressing part from a given IPv4 address since we learned that’s what an IP address is suppose to give us. Don’t work we will learn that as well but before that let’s try to understand more of the basic networking concepts.

Subnet

To explain this concept I will take the help of a Youtube Video.

So we understood so far that an IP address consists of 2 parts: Network and Host address and every device that is connected to the internet has a IP address and we will focus on IPv4 which had a format of 4 numbers called octets separated by a period and each octet can take a value between 0–255.

But let’s ask the question why does an IP address have a network and a host part? Why can’t we just have a unique IP for every device connected over the internet?

So let’s consider that exact scenario where we have just 1 network and all the devices are connected to that network and each device has a unique IP. Now let’s say a device wants to communicate with an other device over that network which has an IP of 192.168.1.30. So the host device will need to send a broadcast message asking who is 192.168.1.30 and now this message will be received by all the devices in that network.

After receiving this message all the other devices will broadcast with their responses for example ‘Not Me’ in case the device does not have that IP which the host is looking for and ‘Me’ in case I device have the IP which the host is looking for.

Now this process needs to repeated by every device on the network whenever they want to communicate with some other device and all the devices start broadcasting messages over the network.

Image this being done with all the devices worldwide the network will start getting slow and have high chances of total collapse to a state of shutdown or frozen in place. So this design of the network is not that optimal in large scale scenario and well Internet is a large scale thing so we needed to come up with some thing else.

The solution was to create Subnets. Meaning splitting the larger network in smaller and manageable networks. Each of these networks have their separate router which is how to create a separate network and all of these networks are connected via router as well. So the process of this is splitting is Subnetting and the smaller networks are called Subnets. So what is the advantage of this,

Now since we have a smaller number of hosts is each subnets a broadcast message will not shutdown the subnet, even if in the worst case scenario where is the subnet is frozen or malfunctioning other subnets and host inside those are not effected by it.
It’s much simpler and faster to communicate with a host within the same subnet.
If a host wants to communicate a host present on a different subnet. The Subnet-Router routes that request to the Main-Router since their are no host within his subnet with that IP and the main router with intelligent algorithm routes that message to the subnets router and then to that host within that subnet.
Since each host is separate via subnets we can be little smart in assigning the IP addresses as well. Meaning that now each Host Address inside a same subnet and the Subnet Address ( Network Address ) needs to be unique. But the Hosts Address inside different subnets can still remain the same since they will have a unique Network Address part in our IP.

We said that an IP address contains two parts a Network and Host Address. Now what I meant by the above mentioned last point was for example :

We say that the last Octet of our IPv4 represents the Host Address and first three octet represent the Network Address. Now we have 2 Subnets. Address of 1st Subnet is 192.168.1.0 and of the 2nd is 192.168.2.0 . Since we said that the last octet is used for host address now the host address within subnet 1 can be 192.168.1.1, 192.168.1.2, 192.168.1.3 and so on.. Similarly the host address in the subnet 2 can be 92.168.2.1, 92.168.2.2, 92.168.2.3 and so on… Note that the Host Address the Last Octet can be same in both the subnet that is because the Network Address part of the IP i.e. First Three Octet are different.

From this you might get an idea of how the network address and the host address is assigned in a network but will look into this in detail in further just wanted to point this out over here as well :))

Now you might be wondering how would we know or decide which part of the IP is for Network Address and which part of the IP is Host Address. That’s where the subnet mask comes into picture.

Subnet Mask

Subnet Mask is a number similar to an IP address in the sense that it is 32-bit and it’s represented in the form of 4 8-bit numbers separated by a period. Each of the 4 numbers are called octet and can take up the values from 0–255.

But the difference between a Subnet Mask and an IP address is that a subnet mask reveals how many bits of the IP address are used for network address and how many are used for host address and how does it do that is by masking the network portion of the IP address.

It means that if we look at the binary notation of a subnet mask and mark the location of 1’s present in that notation, those same bit locations are reserved for the Network Address in the given IP. And the location of 0’s present in the binary notation of the subnet mask gives us the corresponding bit-location of the IP address that can used for Host. Hence it is called a Mask since we are masking the Network Address in the subnet mask using 1’s at the corresponding bit locations.

Let’s look at an example suppose you are given an IP Address 192.168.1.0 along with it’s subnet mask 255.255.255.0 and you want to know which part of the IP address belong to the Network and Host portion. You will convert both the IP address and Subnet Mask in the binary notation and perform an AND Operation the value that you get is the Network Portion and the remaining is the Host Portion for that given IP given the subnet mask.

So this means that our Network Address will be 192.168.1.0 and if we wanna assign an IP to our hosts under this network those IP would look like 192.168.1.1 , 192.168.1.2, 192.168.1.3 ……… 192.168.1.254. The IP 192.168.1.255 is reserved for broadcast messages or rather the last host address 255 is reserved for broadcast. So you can assign 254 host inside this network since 0 is reserved for Network IP and 255 is reserved for broadcasting.

Eassyy!!! Now you know given a IP address and Subnet Mask how to identify Network and Host IP and how you can assign a Host an IP given a Network IP just remember that 0 and 255 is reserved for Network and Broadcast respectively.

Now let’s can try and experiment with different subnet masks. In this example we have a subnet mask of 255.255.0.0 . So now our Host Portion has increased and the Network Portion of the IP address has decreased.

Let’s try with 255.0.0.0 . Now you can see that only 1 octet in the IP address represents the Network Portion and the remaining 3 represent the Host portion. So now you can see that as the subnet mask goes down the available bits for network goes down as well but the host portion size increases.

Let’s take an example and look at this. Now suppose you have a company where you have let’s say 12 host but they are group under 3 different departments represented by the colour of the monitor in the below given image. You want to create a Subnet for each department and place the corresponding devices under their respective Subnet. The IP address for your organisation is 192.168.1.0 and the default Subnet Mask is 255.255.255.0. Now let’s see how we can create 3 subnets one for each department and place 4 hosts under each of these subnets.

If we use the default subnet of 255.255.255.0 we now know that only the last octet can be used for hosts and all the remaning 3 octets are used for network. This means that from the given IP 192.168.1.0 we can only get 1 Subnet that is 192.168.1.0 itself and then we can have hosts ip under that like 192.168.1.1, 192.168.1.2 and so on..

But we want 3 Subnets. So what we do is we can make changes to the default subnet mask. We can borrow few bits from the host portion and assign them to the network portion.

For example if we select the first bit from the last octet and move it to the network portion our subnet mask will become 255.255.255.128 and this will give us 2 networks with 126 hosts each.

We can take this down further and borrow 2 bits from the last octet now our subnet mask will look like 255.255.255.192 which will give us 4 network and 62 hosts.

If we continue down this line we can see as the number of networks increases by the factor of 2 the number of hosts decreases by the factor 2. Now depending upon the use case and your requirements you can select which subnet mask you would want to use.

In our scenario we needed 3 networks so we will for a subnet mask 255.255.255.192 this will give us 4 networks with 62 hosts each.

Note: I know there is lot more to subnetting than what I have written over here, but as I said right now my goal is not to be an expert in Network rather understand some basic concepts of it so that I can progress further in AWS and come back and refine my understanding in these kinds of specific topics in detail when required.

CIDR Notation

Well now we know that we need an IP Address and a Subnet Mask to under various things about the network like the Network and Host Address, number of networks and host available.

But as we humans want to shorten everything and make our life easier we have something called as CIDR notation which essentially is the IP and Subnet Mask combined into a single notation

If you have an IP 192.168.1.0 and a subnet mask 255.255.255.0 the following will be it’s CIDR notation.

Why? let’s see the CIDR notation begins with a starting IP address and is separated by a forward slash (the / character) followed by a number. The number at the end specifies how many bits of the subnet mask are 1 or how many of the bits of the IP address are fixed( which is the network portion of the IP address). In this example, the first 24 bits of the IP address are fixed. The rest (the last 8 bits) are flexible.

32 total bits subtracted by 24 fixed bits leaves 8 flexible bits. Each of these flexible bits can be either 0 or 1, because they are binary. That means that you have two choices for each of the 8 bits, providing 256 IP addresses in that IP range. And thats what we have seen in the above examples as well that we get a total of 256 address for host in which 2 are reserved one for network and one for broadcast so we have 254 address available for hosts under that network.

The higher the number after the /, the smaller the number of IP addresses in your network. For example, a range of 192.168.1.0/24 is smaller than 192.168.1.0/16.

When working with networks in the AWS Cloud, you choose your network size by using CIDR notation. In AWS, the smallest IP range you can have is /28, which provides 16 IP addresses. The largest IP range you can have is a /16, which provides 65,536 IP addresses.

I know this article does not feel like the usual ones for AWS but these concepts are necessary for the upcoming topics of AWS and I promise those will be a breeze of understand and implement if you are comfortable with these topics.

Disclaimer

Most but not all of the content in this article along with the images are taken directly from the course. But as I have added my flavour to these notes. Since I am on a journey to learn these concepts my learning is not restricted just to this course. I regularly search the web to get my questions answered and I have presented all those explanations over here as well along with the images as well .As I said I wanted to create this article for the purpose of taking my own personal notes that I can come back to later on, also since I try to image things in a simpler manner which I saw the internet lacked when it comes to AWS I thought of sharing this article with public as well.

So let me you thoughts on this. Give a clap if you found this helpful and easy to understand. Always open for feedback and looking for improving my writing skills and stay tuned for next article!!

Hopefully with this series I will be able to explain you a lot of AWS concepts in detail and with easy to understand terminologies :D

Resources

For more information, see the following resources:

External website: Stanford: Introduction to Computer Networking(opens in a new tab)
AWS user guide: How Amazon VPC Works(opens in a new tab)
External website: Wikipedia: Classless Inter-Domain Routing(opens in a new tab)
External website: CIDR.xyz: An interactive IP Address and CIDR Range Visualizer
Subnet Mask Explained: https://www.youtube.com/watch?v=s_Ntt6eTn94