The building block of the cloud infrastructure is setting up the VNET/VCN which will hold all the other elements of your cloud infrastructure. So it is pertinent to understand the basics of the address spaces as we step into the CloudVerse.
Understanding the CIDR notations of IP addresses
CIDR notation stands for Classless Inter-Domain Routing This is the building blocks of the network that will dwell on the cloudscape. By assigning an appropriate IP address range to the Network that you create you can have more control and understanding of your cloud deployments.
IP Address can be divided into two parts.
- The leftmost bits are the most important bits, which is the network prefix, and identify the network or the subnet, as the case may be.
- The rightmost bits are the least significant bits, and forms the host identifier and defines the particular interface of a host on the network.
It can be seen as <Network> <host> and in some cases <network><subnet><host>
This brings us to another important aspect of the network which is “Subnet”. Subnets are used to divide the bigger network into small chunks, which may be required to fulfill the infrastructure requirement and further bring the granularity in the network.
Further, it aids in improving the security posture of the network as a whole.
Subnet divides the host part of the address space into a <subnet> and <host> address. Which results in the ultimate structure of IP address as <network><subnet><host>.
It is important to know that 2 addresses can not be assigned to any subnet
- “0” address is reserved for network address
- and “255” is meant for network broadcast address.
The notation for the subnet comprises an IP address + “/” and a decimal number, that defines the number of bits used as the subnet mask. For example 192.168.1.0/24 here 24 is the subnet mask.
Some commonly used network masks for classed networks are 8-bits (Class A), 16-bits (Class B), and 24-bits(Class C)
Further IP Address basics
Before going into the example of the subnets, it is important to understand the translation of the network address in the binary.
As we know IPv4 consists of 32 bits, with 4 octets, i.e 4 groups of 8 bits. All ones in all 8 bits will give you 255 as you sum up all the bits.
setting all corresponding bits to 1 will give you a sum of 255. Similarly for depicting 192 will need 1 1 0 0 0 0 0 0, thus resulting in the sum of 128 + 64 giving 192.
Going further, 192.168.1.0 will be represented as follows in binary
1 1 0 0 0 0 0 0 1 0 1 0 1 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0
For /24 mask of the same network we will make first 24 bits all one i.e
1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 0 0 0 0 0 0 0 0
For translating network address from a given address we do a logical and of address and the mask which will give you the network part of the address.
Hence it would be clear from this example that you can have 254 hosts in a subnet address of 192.168.1.0/24. As it leaves only the last octet for the hosts and we cannot use 255 because it is a network broadcast address.
Taking another example will make it clearer. Let’s say we want to further subdivide the above address and we use 192.168.1.0/27. Here, the first thing we notice is that it is not class full subnet as it is neither of /8, /16 or /24 subnet. It is borrowing 3 bits from the parent network to create 8 subnets with 32 hosts each. How we can come to this? First 3 bits will give you 2 x 2 x 2 = 8 subnets and rest 5 bits will give you 2 x 2 x 2 x 2 x 2 = 32 hosts.
The different subnets we can have from this arrangement will be like 192.168.1.0/27, 192.168.1.32/27, 192.168.1.64/27, and so on.
Why all this is important?
While making different VNETs in Azure or VCNs in OCI it is important to understand that we can’t peer two networks with overlapping address space. Also while using a subnet mask it is important to understand how many hosts it will allow being deployed in it.
Address reservations in Azure and OCI
It is also important to know that Azure reserves 5 IP addresses in each subnet for different purposes, which is defined as follows:
- x.x.x.0 is as we know is the Network address
- x.x.x.1 Azure reserves this address for the default gateway
- x.x.x.2, x.x.x.3 is reserved by Azure to map the Azure DNS IPs to the VNet space
- and finally x.x.x.255 is Network broadcast address as we learned earlier.
Similarly, OCI also reserves 3 IP addresses in each subnet. Hence it is important to keep this into consideration while choosing the subnet mask for your subnet to calculate how many addresses will be left to be used by your resources.
I hope this article will give you clarity in understanding the networking basics of the cloud and also networking in general.