Subnet Overview

A subnet (short for subnetwork) is a smaller network within a larger network. In the context of networking, a subnet is a range of IP addresses that divides a larger network (such as a Virtual Private Cloud, or VPC, in AWS) into smaller, more manageable pieces. Each subnet in a network operates as a distinct, isolated segment, which can help organize, secure, and manage traffic within the larger network.

Why Do We Need Subnetting?

Subnetting is the process of splitting a large network into smaller, more efficient sub-networks (subnets). It’s useful for several reasons:

  1. Efficient IP Management: Subnetting helps in efficiently allocating IP addresses within an organization, ensuring that IPs are not wasted.
  2. Improved Security: By segmenting the network, sensitive resources can be placed in separate subnets with different security controls, reducing exposure to potential threats.
  3. Network Traffic Control: It helps isolate different sections of a network, which minimizes network congestion by limiting unnecessary broadcast traffic to other subnets.
  4. Resource Organization: Subnetting allows different departments or services within an organization to be logically separated while still being part of the same overall network.
  5. Better Performance: Splitting a large network into subnets reduces the amount of broadcast traffic, improving the overall performance and manageability of the network.

What is CIDR?

CIDR (Classless Inter-Domain Routing) is a method for allocating IP addresses and IP routing. It is more flexible and efficient than the traditional class-based IP addressing system.

192.168.1.0/24: This means that The CIDR notation, '/24' indicate that the first 24 bits are reserved for the network portion, leaving the rest 8 bits for host addresses.

The "/24" in this example tells us that 24 bits are used to identify the network, and the remaining bits (32 - 24 = 8 bits) are for identifying the hosts within that network.

Subnetting Example

Let’s break this down with a simple example:

  1. A Large Network (VPC): Suppose you have a network with the IP address range 192.168.0.0/16. This means that the first 16 bits (192.168) define the network, and you have 16 bits available for hosts (which gives you a maximum of 65,536 IP addresses).
  2. Subnetting the Network: You want to divide this network into smaller subnets. For example, you could split it into subnets of /24, meaning each subnet can have up to 256 IP addresses.
  3. The first subnet could be 192.168.0.0/24: This allows IP addresses from 192.168.0.0 to 192.168.0.255.
  4. The second subnet could be 192.168.1.0/24: This allows IP addresses from 192.168.1.0 to 192.168.1.255.
  5. And so on, allowing you to create multiple smaller subnets (each with 256 addresses) within the original larger network.

This process of dividing a larger network into smaller subnets allows for better IP address management, security, and organization.

A Simple Scenario

Let’s say you have an organization with multiple departments, and you want to keep them logically separated:

  1. HR Department: You create a subnet 192.168.0.0/24 with 256 IP addresses.
  2. Finance Department: You create another subnet 192.168.1.0/24 with 256 IP addresses.
  3. IT Department: You create a third subnet 192.168.2.0/24 with 256 IP addresses.

Each department can operate independently in its subnet, with separate security rules, and its own allocation of IP addresses, but they are still part of the same larger network 192.168.0.0/16.

Summary

  1. Subnet: A smaller, logically separated portion of a larger network.
  2. Subnetting: The process of dividing a network into smaller subnets for better management, security, and traffic control.
  3. CIDR: A way of representing IP addresses and their associated routing prefix (e.g., /24 means the first 24 bits represent the network, and the rest are for hosts).
  4. Why Use Subnetting: For better IP address management, improved security, and reduced network congestion.

Simple Example

If you have the network 192.168.0.0/16 (65,536 IP addresses), subnetting it into smaller subnets like 192.168.0.0/24 means you have smaller networks with 256 addresses each (e.g., 192.168.0.0 to 192.168.0.255). This makes it easier to manage and secure different sections of the network.