A subnet is a smaller section carved out of your VPC. If a VPC is a big office building, subnets are the individual floors or departments inside it.
VPC: 10.0.0.0/16 → entire building (65,536 IPs)
Subnet 1: 10.0.1.0/24 → floor 1 (256 IPs)
Subnet 2: 10.0.2.0/24 → floor 2 (256 IPs)
Subnet 3: 10.0.3.0/24 → floor 3 (256 IPs)
Each subnet lives inside the VPC and gets a slice of its IP range.
No matter what size subnet you create, AWS always holds back 5 IP addresses. You cannot use them.
Example using subnet 10.0.0.0/24:
| IP Address | Reserved For |
|---|---|
| 10.0.0.0 | Network address (building's main address) |
| 10.0.0.1 | VPC Router (AWS internal routing) |
| 10.0.0.2 | DNS Server (AWS DNS service) |
| 10.0.0.3 | Future use (reserved by AWS) |
| 10.0.0.255 | Broadcast address (not used, still reserved) |
Formula:
Usable IPs = Total IPs - 5
| Subnet | Total IPs | Minus Reserved | Usable IPs |
|---|---|---|---|
| /24 | 256 | 5 | 251 |
| /27 | 32 | 5 | 27 |
| /28 | 16 | 5 | 11 |
IPv4 has 32 bits total. The number after the slash tells you how many bits are used for the network. The remaining bits are for host IPs.
Formula:
Total IPs = 2 ^ (32 - CIDR number)