A subnet in AWS VPC (Virtual Private Cloud) is a range of IP addresses in your VPC that you can use to launch your resources, such as EC2 instances or RDS databases. A subnet is a subdivision of an IP network, which enables you to segment and isolate different parts of your network.
When you create a VPC, you can create one or more subnets within it. Each subnet must be associated with a specific availability zone within a region. Availability zones are physically separate locations within a region, each with its own power source, network, and connectivity to other availability zones.
In computer networking, a subnet is a subset of a larger network that has been partitioned into smaller, more manageable sub-networks. A subnet is identified by its own unique network address, which is a part of the larger network’s address range, and it can contain a range of individual host addresses.
Subnets are used to improve network performance and security by reducing the amount of broadcast traffic on a network and limiting the scope of network communications to a specific group of devices. By segmenting a larger network into smaller subnets, administrators can manage network traffic more efficiently, reduce the risk of unauthorized access to sensitive data, and improve overall network performance.
Each subnet is typically associated with a specific physical or logical network, and devices within the subnet share the same network prefix. This means that they have the same initial bits in their IP address, which determines which subnet they belong to.
Fig 1.1
Subnets are typically used in conjunction with a subnet mask, which is a 32-bit value that is used to divide an IP address into network and host portions. The subnet mask identifies the network portion of the IP address and specifies the range of IP addresses that belong to the subnet.
In AWS VPC (Virtual Private Cloud), subnets are used to segment a VPC into smaller, more manageable parts. Each subnet is associated with a specific availability zone within a region, and resources within a subnet can communicate with each other directly. Subnets can also be used to isolate resources and apply different security policies and access controls to different parts of a VPC.
Subnets provide several benefits in AWS VPC:
-
-
- Network Segmentation: By creating multiple subnets within a VPC, you can segment your network into smaller, more manageable pieces. This enables you to apply different security policies, routing tables, and access controls to different parts of your network.
- Resource Isolation: By placing resources within a specific subnet, you can isolate them from other resources in the VPC. This can help to improve security and reduce the impact of any potential security breaches.
- Availability: By placing resources within different availability zones, you can improve availability and fault tolerance. If one availability zone goes down, resources in other availability zones can continue to function without interruption.
- IP Address Management: By creating subnets with different IP address ranges, you can more effectively manage your IP addresses and avoid conflicts between resources.
-
In AWS VPC, each subnet is identified by a unique ID and a range of IP addresses. You can configure network access control lists (ACLs) and security groups to control traffic flow to and from resources within a subnet. You can also configure routing tables to direct traffic between subnets and to external networks.