Вы находитесь на странице: 1из 77
● ● ● ● ● ●

● ● ● ● ● ●
● ● ● ● ● ●
● ● ● ● ● ●
● ● ● ● ● ●
● ● ● ● ● ●
● ● ● ● ● ●
Octet 8 bits 2 8 = 256 0–255 10.20.0.1 “Dot-decimal notation” Four Octets 4 ×8
Octet 8 bits 2 8 = 256 0–255 10.20.0.1 “Dot-decimal notation” Four Octets 4 ×8

Octet 8 bits 2 8 = 256

0–255

Octet 8 bits 2 8 = 256 0–255 10.20.0.1 “Dot-decimal notation” Four Octets 4 ×8 =

10.20.0.1

Octet 8 bits 2 8 = 256 0–255 10.20.0.1 “Dot-decimal notation” Four Octets 4 ×8 =
Octet 8 bits 2 8 = 256 0–255 10.20.0.1 “Dot-decimal notation” Four Octets 4 ×8 =

“Dot-decimal notation”

Four Octets

4×8 = 32 bits 2 32 = 4,294,967,296

“ Classless Inter-Domain Routing ” Frozen Bits “ Leading Bits ” 10.0.0.0/16 10.0.0.0 – 10.0.255.255

Frozen Bits

Leading Bits

Inter-Domain Routing ” Frozen Bits “ Leading Bits ” 10.0.0.0/16 10.0.0.0 – 10.0.255.255 65,536 addresses*

10.0.0.0/16

Routing ” Frozen Bits “ Leading Bits ” 10.0.0.0/16 10.0.0.0 – 10.0.255.255 65,536 addresses* “CIDR
10.0.0.0 – 10.0.255.255
10.0.0.0 – 10.0.255.255
Routing ” Frozen Bits “ Leading Bits ” 10.0.0.0/16 10.0.0.0 – 10.0.255.255 65,536 addresses* “CIDR notation”

65,536 addresses*

“CIDR notation”

“ Classless Inter-Domain Routing ” Frozen Bits “ Leading Bits ” 10.0.0.0/24 10.0.0.0 – 10.0.0.255

Frozen Bits

Leading Bits

Inter-Domain Routing ” Frozen Bits “ Leading Bits ” 10.0.0.0/24 10.0.0.0 – 10.0.0.255 256 addresses “CIDR

10.0.0.0/24

Routing ” Frozen Bits “ Leading Bits ” 10.0.0.0/24 10.0.0.0 – 10.0.0.255 256 addresses “CIDR notation”
10.0.0.0 – 10.0.0.255
10.0.0.0 – 10.0.0.255
Routing ” Frozen Bits “ Leading Bits ” 10.0.0.0/24 10.0.0.0 – 10.0.0.255 256 addresses “CIDR notation”

256 addresses

“CIDR notation”

Private network ranges CIDR Block IP Addresses Start address End address 10.0.0.0/8 16,777,216 10.0.0.0

Private network ranges

CIDR Block

IP Addresses

Start address

End address

10.0.0.0/8

16,777,216

10.0.0.0

10.255.255.255

172.16.0.0/12

1,048,576

172.16.0.0

172.31.255.255

192.168.0.0/16

65,536

192.168.0.0

192.168.255.255

RFC1918 of Internet Engineering Task Force (IETF)

CIDR Block IP Addresses* Start address End address 10.0.0.0/8 16,777,216 10.0.0.0 10.255.255.255

CIDR Block

IP Addresses*

Start address

End address

10.0.0.0/8

16,777,216

10.0.0.0

10.255.255.255

10.0.0.0/16

65,536

10.0.0.0

10.0.255.255

10.0.0.0/17

32,768

10.0.0.0

10.0.127.255

10.0.0.0/24

256

10.0.0.0

10.0.0.255

10.0.0.0/28

16

10.0.0.0

10.0.0.15

128-bit Number 340,282,366,920,938,463,463,374,607,431,768,211,456 “undecillion”
128-bit Number 340,282,366,920,938,463,463,374,607,431,768,211,456 “undecillion”

128-bit Number

340,282,366,920,938,463,463,374,607,431,768,211,456

“undecillion”

16 Bits 2001:0db8:0000:0000:0000:ff00:0042:8329 2001:db8:0:0:0:ff00:42:8329 2001:db8::ff00:42:8329
16 Bits 2001:0db8:0000:0000:0000:ff00:0042:8329 2001:db8:0:0:0:ff00:42:8329 2001:db8::ff00:42:8329

16 Bits

16 Bits 2001:0db8:0000:0000:0000:ff00:0042:8329 2001:db8:0:0:0:ff00:42:8329 2001:db8::ff00:42:8329
2001:0db8:0000:0000:0000:ff00:0042:8329
2001:0db8:0000:0000:0000:ff00:0042:8329
2001:0db8:0000:0000:0000:ff00:0042:8329
2001:0db8:0000:0000:0000:ff00:0042:8329
2001:0db8:0000:0000:0000:ff00:0042:8329
2001:0db8:0000:0000:0000:ff00:0042:8329
2001:0db8:0000:0000:0000:ff00:0042:8329
2001:0db8:0000:0000:0000:ff00:0042:8329
2001:0db8:0000:0000:0000:ff00:0042:8329

2001:0db8:0000:0000:0000:ff00:0042:8329

2001:0db8:0000:0000:0000:ff00:0042:8329
2001:db8:0:0:0:ff00:42:8329
2001:db8:0:0:0:ff00:42:8329

2001:db8::ff00:42:8329

EC2 IPv6 Ranges in Us-East-2 Ohio 2600:1f00:6000::/40 2600:1f16::/36 2600:1fff:6000::/40
EC2 IPv6 Ranges in Us-East-2 Ohio 2600:1f00:6000::/40 2600:1f16::/36 2600:1fff:6000::/40

EC2 IPv6 Ranges in Us-East-2 Ohio

2600:1f00:6000::/40

2600:1f16::/36

2600:1fff:6000::/40

Viewing Public IP Ranges in AWS https://ip-ranges.amazonaws.com/ip-ranges.json

Viewing Public IP Ranges in AWS

https://ip-ranges.amazonaws.com/ip-ranges.json

● ● ● ● ● ● ● ● ● ●

● ● ● ● ● ● ● ● ● ●
● ● ● ● ● ● ● ● ● ●
● ● ● ● ● ● ● ● ● ●
● ● ● ● ● ● ● ● ● ●
● ● ● ● ● ● ● ● ● ●
● ● ● ● ● ● ● ● ● ●
● ● ● ● ● ● ● ● ● ●
● ● ● ● ● ● ● ● ● ●
● ● ● ● ● ● ● ● ● ●
● ● ● ● ● ● ● ● ● ●
● ● ● ● ● ● ● ● ● ●
VPC 10.2.0.0/16 VPC 10.2.0.0/21 VPC 10.4.0.0/20 (IPv6 /56)
VPC 10.2.0.0/16 VPC 10.2.0.0/21
VPC
10.2.0.0/16
VPC
10.2.0.0/21
VPC 10.4.0.0/20 (IPv6 /56)
VPC
10.4.0.0/20
(IPv6 /56)
Development Test Production VPC VPC VPC
Development Test Production VPC VPC VPC
Development
Test
Production
VPC
VPC
VPC
Shared Services VPC App 1 VPC App 2 VPC
Shared Services VPC
Shared Services VPC
Shared Services VPC

Shared Services VPC

Shared Services VPC
Shared Services VPC
Shared Services VPC
App 1 VPC
App 1 VPC
App 1 VPC

App 1

VPC

App 1 VPC
App 1 VPC
App 1 VPC
App 2 VPC
App 2 VPC
App 2 VPC

App 2

VPC

App 2 VPC
App 2 VPC
App 2 VPC
Finance VPC Engineering VPC Business Unit X VPC
Finance VPC
Finance VPC
Finance VPC

Finance

VPC

Finance VPC
Finance VPC
Finance VPC
Engineering VPC
Engineering VPC
Engineering VPC

Engineering

VPC

Engineering VPC
Engineering VPC
Engineering VPC
Business Unit X VPC
Business Unit X VPC
Business Unit X VPC

Business Unit X VPC

Business Unit X VPC
Business Unit X VPC
Business Unit X VPC
us-west-2a us-west-2b us-west-2c (IPv6 /64) Subnet Subnet Subnet 10.2.0.0/24 10.2.1.0/24 10.2.2.0/28 10.2.0.0/16
us-west-2a us-west-2b us-west-2c (IPv6 /64) Subnet Subnet Subnet 10.2.0.0/24 10.2.1.0/24 10.2.2.0/28 10.2.0.0/16
us-west-2a us-west-2b us-west-2c (IPv6 /64) Subnet Subnet Subnet 10.2.0.0/24 10.2.1.0/24 10.2.2.0/28 10.2.0.0/16
us-west-2a
us-west-2b
us-west-2c
(IPv6 /64)
Subnet
Subnet
Subnet
10.2.0.0/24
10.2.1.0/24
10.2.2.0/28
10.2.0.0/16
● ● ● us-west-2a us-west-2b us-west-2c ELB ELB ELB Subnet Subnet Subnet App Server App
● ● ● us-west-2a us-west-2b us-west-2c ELB ELB ELB Subnet Subnet Subnet App Server App
●

● ● ● us-west-2a us-west-2b us-west-2c ELB ELB ELB Subnet Subnet Subnet App Server App Server
● ● ● us-west-2a us-west-2b us-west-2c ELB ELB ELB Subnet Subnet Subnet App Server App Server
us-west-2a us-west-2b us-west-2c ELB ELB ELB Subnet Subnet Subnet App Server App Server App Server
us-west-2a
us-west-2b
us-west-2c
ELB
ELB
ELB
Subnet
Subnet
Subnet
App Server
App Server
App Server
Subnet
Subnet
Subnet
DB
DB
DB
Subnet
Subnet
Subnet
us-west-2a us-west-2b us-west-2c
us-west-2a us-west-2b us-west-2c
us-west-2a
us-west-2b
us-west-2c
us-west-2a us-west-2b us-west-2c
10.2.0.0/16 local
10.2.0.0/16
local
10.2.0.0/24 10.2.1.0/24 10.2.2.0/28 10.2.0.0/16
10.2.0.0/24
10.2.1.0/24
10.2.2.0/28
10.2.0.0/16
10.2.0.0/16 local 0.0.0.0/0 igw-1
10.2.0.0/16
local
0.0.0.0/0
igw-1
10.2.0.0/16 local 0.0.0.0/0 igw-1 igw-1 10.2.0.0/16 “Public” subnet 10.2.0.0/24 ☑ auto-assign  

igw-1

10.2.0.0/16 local 0.0.0.0/0 igw-1 igw-1 10.2.0.0/16 “Public” subnet 10.2.0.0/24 ☑ auto-assign  
10.2.0.0/16 local 0.0.0.0/0 igw-1 igw-1 10.2.0.0/16 “Public” subnet 10.2.0.0/24 ☑ auto-assign  
10.2.0.0/16 local 0.0.0.0/0 igw-1 igw-1 10.2.0.0/16 “Public” subnet 10.2.0.0/24 ☑ auto-assign  
10.2.0.0/16 local 0.0.0.0/0 igw-1 igw-1 10.2.0.0/16 “Public” subnet 10.2.0.0/24 ☑ auto-assign  
10.2.0.0/16 local 0.0.0.0/0 igw-1 igw-1 10.2.0.0/16 “Public” subnet 10.2.0.0/24 ☑ auto-assign  
10.2.0.0/16 local 0.0.0.0/0 igw-1 igw-1 10.2.0.0/16 “Public” subnet 10.2.0.0/24 ☑ auto-assign  
10.2.0.0/16 local 0.0.0.0/0 igw-1 igw-1 10.2.0.0/16 “Public” subnet 10.2.0.0/24 ☑ auto-assign  
10.2.0.0/16 local 0.0.0.0/0 igw-1 igw-1 10.2.0.0/16 “Public” subnet 10.2.0.0/24 ☑ auto-assign  
10.2.0.0/16 local 0.0.0.0/0 igw-1 igw-1 10.2.0.0/16 “Public” subnet 10.2.0.0/24 ☑ auto-assign  
10.2.0.0/16 local 0.0.0.0/0 igw-1 igw-1 10.2.0.0/16 “Public” subnet 10.2.0.0/24 ☑ auto-assign  
10.2.0.0/16 local 0.0.0.0/0 igw-1 igw-1 10.2.0.0/16 “Public” subnet 10.2.0.0/24 ☑ auto-assign  
10.2.0.0/16 local 0.0.0.0/0 igw-1 igw-1 10.2.0.0/16 “Public” subnet 10.2.0.0/24 ☑ auto-assign  
10.2.0.0/16 local 0.0.0.0/0 igw-1 igw-1 10.2.0.0/16 “Public” subnet 10.2.0.0/24 ☑ auto-assign  
10.2.0.0/16 local 0.0.0.0/0 igw-1 igw-1 10.2.0.0/16 “Public” subnet 10.2.0.0/24 ☑ auto-assign  
10.2.0.0/16 local 0.0.0.0/0 igw-1 igw-1 10.2.0.0/16 “Public” subnet 10.2.0.0/24 ☑ auto-assign  
10.2.0.0/16 local 0.0.0.0/0 igw-1 igw-1 10.2.0.0/16 “Public” subnet 10.2.0.0/24 ☑ auto-assign  
10.2.0.0/16 local 0.0.0.0/0 igw-1 igw-1 10.2.0.0/16 “Public” subnet 10.2.0.0/24 ☑ auto-assign  
10.2.0.0/16 local 0.0.0.0/0 igw-1 igw-1 10.2.0.0/16 “Public” subnet 10.2.0.0/24 ☑ auto-assign  
10.2.0.0/16 local 0.0.0.0/0 igw-1 igw-1 10.2.0.0/16 “Public” subnet 10.2.0.0/24 ☑ auto-assign  
10.2.0.0/16 local 0.0.0.0/0 igw-1 igw-1 10.2.0.0/16 “Public” subnet 10.2.0.0/24 ☑ auto-assign  
10.2.0.0/16 local 0.0.0.0/0 igw-1 igw-1 10.2.0.0/16 “Public” subnet 10.2.0.0/24 ☑ auto-assign  
10.2.0.0/16 local 0.0.0.0/0 igw-1 igw-1 10.2.0.0/16 “Public” subnet 10.2.0.0/24 ☑ auto-assign  
10.2.0.0/16 local 0.0.0.0/0 igw-1 igw-1 10.2.0.0/16 “Public” subnet 10.2.0.0/24 ☑ auto-assign  

10.2.0.0/16

10.2.0.0/16 local 0.0.0.0/0 igw-1 igw-1 10.2.0.0/16 “Public” subnet 10.2.0.0/24 ☑ auto-assign  
10.2.0.0/16 local 0.0.0.0/0 igw-1 igw-1 10.2.0.0/16 “Public” subnet 10.2.0.0/24 ☑ auto-assign  
10.2.0.0/16 local 0.0.0.0/0 igw-1 igw-1 10.2.0.0/16 “Public” subnet 10.2.0.0/24 ☑ auto-assign  

“Public” subnet

0.0.0.0/0 igw-1 igw-1 10.2.0.0/16 “Public” subnet 10.2.0.0/24 ☑ auto-assign   public IPv4
0.0.0.0/0 igw-1 igw-1 10.2.0.0/16 “Public” subnet 10.2.0.0/24 ☑ auto-assign   public IPv4
0.0.0.0/0 igw-1 igw-1 10.2.0.0/16 “Public” subnet 10.2.0.0/24 ☑ auto-assign   public IPv4
0.0.0.0/0 igw-1 igw-1 10.2.0.0/16 “Public” subnet 10.2.0.0/24 ☑ auto-assign   public IPv4
0.0.0.0/0 igw-1 igw-1 10.2.0.0/16 “Public” subnet 10.2.0.0/24 ☑ auto-assign   public IPv4
0.0.0.0/0 igw-1 igw-1 10.2.0.0/16 “Public” subnet 10.2.0.0/24 ☑ auto-assign   public IPv4

10.2.0.0/24

auto-assign

 

public IPv4

address

● ● ● ○ ● ○ ● ● ○ ○
● ● ● ○ ● ○ ● ● ○ ○

●

●
●

●

○

●

○

●
●

●

● ● ● ○ ● ○ ● ● ○ ○
● ● ● ○ ● ○ ● ● ○ ○
● ● ● ● ●
● ● ● ● ●

● ● ● ● ●
● ● ● ● ●
● ● ● ● ●

● ● ● ● ●
● ● ● ● ●
● ● ● ● ●
10.2.0.0/16 local 10.2.0.0/16 local 0.0.0.0/0 igw-1 0.0.0.0/0 ngw-1
10.2.0.0/16
local
10.2.0.0/16
local
0.0.0.0/0
igw-1
0.0.0.0/0
ngw-1
10.2.0.0/16 local 10.2.0.0/16 local 0.0.0.0/0 igw-1 0.0.0.0/0 ngw-1 igw-1 10.2.0.0/16 ngw-1 10.2.0.0/24 10.2.1.0/24

igw-1

10.2.0.0/16 local 10.2.0.0/16 local 0.0.0.0/0 igw-1 0.0.0.0/0 ngw-1 igw-1 10.2.0.0/16 ngw-1 10.2.0.0/24 10.2.1.0/24
10.2.0.0/16 local 10.2.0.0/16 local 0.0.0.0/0 igw-1 0.0.0.0/0 ngw-1 igw-1 10.2.0.0/16 ngw-1 10.2.0.0/24 10.2.1.0/24

10.2.0.0/16

ngw-1
ngw-1
ngw-1
ngw-1
ngw-1
ngw-1
ngw-1
ngw-1
ngw-1

ngw-1

ngw-1
ngw-1
ngw-1
ngw-1
ngw-1
ngw-1
ngw-1
ngw-1
ngw-1
ngw-1
ngw-1
ngw-1
ngw-1
ngw-1
ngw-1
ngw-1
ngw-1
ngw-1
ngw-1
ngw-1

10.2.0.0/24

10.2.1.0/24

10.2.0.0/16 local 10.2.0.0/16 local 0.0.0.0/0 igw-1 0.0.0.0/0 ngw-1 igw-1 10.2.0.0/16 ngw-1 10.2.0.0/24 10.2.1.0/24
10.2.0.0/16 local 0.0.0.0/0 ngw-1 10.2.0.0/16 local ::/0 eigw-1 0.0.0.0/0 igw-1
10.2.0.0/16
local
0.0.0.0/0
ngw-1
10.2.0.0/16
local
::/0
eigw-1
0.0.0.0/0
igw-1
0.0.0.0/0 ngw-1 10.2.0.0/16 local ::/0 eigw-1 0.0.0.0/0 igw-1 eigw-1 igw-1 10.2.0.0/24 10.2.1.0/24 10.2.0.0/16
eigw-1 igw-1 10.2.0.0/24 10.2.1.0/24 10.2.0.0/16
eigw-1
igw-1
10.2.0.0/24
10.2.1.0/24
10.2.0.0/16
0.0.0.0/0 ngw-1 10.2.0.0/16 local ::/0 eigw-1 0.0.0.0/0 igw-1 eigw-1 igw-1 10.2.0.0/24 10.2.1.0/24 10.2.0.0/16
10.2.0.0/16 local 10.2.0.0/16 local 0.0.0.0/0 igw-1 0.0.0.0/0 ec2-id
10.2.0.0/16
local
10.2.0.0/16
local
0.0.0.0/0
igw-1
0.0.0.0/0
ec2-id
10.2.0.0/16 local 10.2.0.0/16 local 0.0.0.0/0 igw-1 0.0.0.0/0 ec2-id igw-1 10.2.0.0/16 10.2.0.0/24 10.2.1.0/24

igw-1

10.2.0.0/16 local 10.2.0.0/16 local 0.0.0.0/0 igw-1 0.0.0.0/0 ec2-id igw-1 10.2.0.0/16 10.2.0.0/24 10.2.1.0/24
10.2.0.0/16 local 10.2.0.0/16 local 0.0.0.0/0 igw-1 0.0.0.0/0 ec2-id igw-1 10.2.0.0/16 10.2.0.0/24 10.2.1.0/24

10.2.0.0/16

10.2.0.0/16 local 10.2.0.0/16 local 0.0.0.0/0 igw-1 0.0.0.0/0 ec2-id igw-1 10.2.0.0/16 10.2.0.0/24 10.2.1.0/24
10.2.0.0/16 local 10.2.0.0/16 local 0.0.0.0/0 igw-1 0.0.0.0/0 ec2-id igw-1 10.2.0.0/16 10.2.0.0/24 10.2.1.0/24
10.2.0.0/16 local 10.2.0.0/16 local 0.0.0.0/0 igw-1 0.0.0.0/0 ec2-id igw-1 10.2.0.0/16 10.2.0.0/24 10.2.1.0/24
10.2.0.0/16 local 10.2.0.0/16 local 0.0.0.0/0 igw-1 0.0.0.0/0 ec2-id igw-1 10.2.0.0/16 10.2.0.0/24 10.2.1.0/24
10.2.0.0/16 local 10.2.0.0/16 local 0.0.0.0/0 igw-1 0.0.0.0/0 ec2-id igw-1 10.2.0.0/16 10.2.0.0/24 10.2.1.0/24
10.2.0.0/16 local 10.2.0.0/16 local 0.0.0.0/0 igw-1 0.0.0.0/0 ec2-id igw-1 10.2.0.0/16 10.2.0.0/24 10.2.1.0/24
10.2.0.0/16 local 10.2.0.0/16 local 0.0.0.0/0 igw-1 0.0.0.0/0 ec2-id igw-1 10.2.0.0/16 10.2.0.0/24 10.2.1.0/24
10.2.0.0/16 local 10.2.0.0/16 local 0.0.0.0/0 igw-1 0.0.0.0/0 ec2-id igw-1 10.2.0.0/16 10.2.0.0/24 10.2.1.0/24
10.2.0.0/16 local 10.2.0.0/16 local 0.0.0.0/0 igw-1 0.0.0.0/0 ec2-id igw-1 10.2.0.0/16 10.2.0.0/24 10.2.1.0/24
10.2.0.0/16 local 10.2.0.0/16 local 0.0.0.0/0 igw-1 0.0.0.0/0 ec2-id igw-1 10.2.0.0/16 10.2.0.0/24 10.2.1.0/24
10.2.0.0/16 local 10.2.0.0/16 local 0.0.0.0/0 igw-1 0.0.0.0/0 ec2-id igw-1 10.2.0.0/16 10.2.0.0/24 10.2.1.0/24
10.2.0.0/16 local 10.2.0.0/16 local 0.0.0.0/0 igw-1 0.0.0.0/0 ec2-id igw-1 10.2.0.0/16 10.2.0.0/24 10.2.1.0/24
10.2.0.0/16 local 10.2.0.0/16 local 0.0.0.0/0 igw-1 0.0.0.0/0 ec2-id igw-1 10.2.0.0/16 10.2.0.0/24 10.2.1.0/24
10.2.0.0/16 local 10.2.0.0/16 local 0.0.0.0/0 igw-1 0.0.0.0/0 ec2-id igw-1 10.2.0.0/16 10.2.0.0/24 10.2.1.0/24
10.2.0.0/16 local 10.2.0.0/16 local 0.0.0.0/0 igw-1 0.0.0.0/0 ec2-id igw-1 10.2.0.0/16 10.2.0.0/24 10.2.1.0/24
10.2.0.0/16 local 10.2.0.0/16 local 0.0.0.0/0 igw-1 0.0.0.0/0 ec2-id igw-1 10.2.0.0/16 10.2.0.0/24 10.2.1.0/24
10.2.0.0/16 local 10.2.0.0/16 local 0.0.0.0/0 igw-1 0.0.0.0/0 ec2-id igw-1 10.2.0.0/16 10.2.0.0/24 10.2.1.0/24
10.2.0.0/16 local 10.2.0.0/16 local 0.0.0.0/0 igw-1 0.0.0.0/0 ec2-id igw-1 10.2.0.0/16 10.2.0.0/24 10.2.1.0/24
10.2.0.0/16 local 10.2.0.0/16 local 0.0.0.0/0 igw-1 0.0.0.0/0 ec2-id igw-1 10.2.0.0/16 10.2.0.0/24 10.2.1.0/24
10.2.0.0/16 local 10.2.0.0/16 local 0.0.0.0/0 igw-1 0.0.0.0/0 ec2-id igw-1 10.2.0.0/16 10.2.0.0/24 10.2.1.0/24
10.2.0.0/16 local 10.2.0.0/16 local 0.0.0.0/0 igw-1 0.0.0.0/0 ec2-id igw-1 10.2.0.0/16 10.2.0.0/24 10.2.1.0/24
10.2.0.0/16 local 10.2.0.0/16 local 0.0.0.0/0 igw-1 0.0.0.0/0 ec2-id igw-1 10.2.0.0/16 10.2.0.0/24 10.2.1.0/24
10.2.0.0/16 local 10.2.0.0/16 local 0.0.0.0/0 igw-1 0.0.0.0/0 ec2-id igw-1 10.2.0.0/16 10.2.0.0/24 10.2.1.0/24
10.2.0.0/16 local 10.2.0.0/16 local 0.0.0.0/0 igw-1 0.0.0.0/0 ec2-id igw-1 10.2.0.0/16 10.2.0.0/24 10.2.1.0/24
10.2.0.0/16 local 10.2.0.0/16 local 0.0.0.0/0 igw-1 0.0.0.0/0 ec2-id igw-1 10.2.0.0/16 10.2.0.0/24 10.2.1.0/24
10.2.0.0/16 local 10.2.0.0/16 local 0.0.0.0/0 igw-1 0.0.0.0/0 ec2-id igw-1 10.2.0.0/16 10.2.0.0/24 10.2.1.0/24
10.2.0.0/16 local 10.2.0.0/16 local 0.0.0.0/0 igw-1 0.0.0.0/0 ec2-id igw-1 10.2.0.0/16 10.2.0.0/24 10.2.1.0/24
10.2.0.0/16 local 10.2.0.0/16 local 0.0.0.0/0 igw-1 0.0.0.0/0 ec2-id igw-1 10.2.0.0/16 10.2.0.0/24 10.2.1.0/24
10.2.0.0/16 local 10.2.0.0/16 local 0.0.0.0/0 igw-1 0.0.0.0/0 ec2-id igw-1 10.2.0.0/16 10.2.0.0/24 10.2.1.0/24
10.2.0.0/16 local 10.2.0.0/16 local 0.0.0.0/0 igw-1 0.0.0.0/0 ec2-id igw-1 10.2.0.0/16 10.2.0.0/24 10.2.1.0/24
10.2.0.0/16 local 10.2.0.0/16 local 0.0.0.0/0 igw-1 0.0.0.0/0 ec2-id igw-1 10.2.0.0/16 10.2.0.0/24 10.2.1.0/24
10.2.0.0/16 local 10.2.0.0/16 local 0.0.0.0/0 igw-1 0.0.0.0/0 ec2-id igw-1 10.2.0.0/16 10.2.0.0/24 10.2.1.0/24
10.2.0.0/16 local 10.2.0.0/16 local 0.0.0.0/0 igw-1 0.0.0.0/0 ec2-id igw-1 10.2.0.0/16 10.2.0.0/24 10.2.1.0/24
10.2.0.0/16 local 10.2.0.0/16 local 0.0.0.0/0 igw-1 0.0.0.0/0 ec2-id igw-1 10.2.0.0/16 10.2.0.0/24 10.2.1.0/24
10.2.0.0/16 local 10.2.0.0/16 local 0.0.0.0/0 igw-1 0.0.0.0/0 ec2-id igw-1 10.2.0.0/16 10.2.0.0/24 10.2.1.0/24

10.2.0.0/24

10.2.1.0/24

10.2.0.0/16 local 10.2.0.0/16 local 0.0.0.0/0 igw-1 0.0.0.0/0 ec2-id igw-1 10.2.0.0/16 10.2.0.0/24 10.2.1.0/24
igw-1 10.2.0.0/16 10.2.0.0/24 10.2.1.0/24
igw-1 10.2.0.0/16 10.2.0.0/24 10.2.1.0/24

igw-1

10.2.0.0/16

igw-1 10.2.0.0/16 10.2.0.0/24 10.2.1.0/24
igw-1 10.2.0.0/16 10.2.0.0/24 10.2.1.0/24
igw-1 10.2.0.0/16 10.2.0.0/24 10.2.1.0/24
igw-1 10.2.0.0/16 10.2.0.0/24 10.2.1.0/24
igw-1 10.2.0.0/16 10.2.0.0/24 10.2.1.0/24
igw-1 10.2.0.0/16 10.2.0.0/24 10.2.1.0/24
igw-1 10.2.0.0/16 10.2.0.0/24 10.2.1.0/24

10.2.0.0/24

10.2.1.0/24

vpce-1 vpce-2
vpce-1
vpce-2
vpce-1 vpce-2 igw-1 10.2.0.0/24 10.2.0.0/16 10.2.1.0/24

igw-1

vpce-1 vpce-2 igw-1 10.2.0.0/24 10.2.0.0/16 10.2.1.0/24
vpce-1 vpce-2 igw-1 10.2.0.0/24 10.2.0.0/16 10.2.1.0/24
vpce-1 vpce-2 igw-1 10.2.0.0/24 10.2.0.0/16 10.2.1.0/24
vpce-1 vpce-2 igw-1 10.2.0.0/24 10.2.0.0/16 10.2.1.0/24
vpce-1 vpce-2 igw-1 10.2.0.0/24 10.2.0.0/16 10.2.1.0/24
vpce-1 vpce-2 igw-1 10.2.0.0/24 10.2.0.0/16 10.2.1.0/24
vpce-1 vpce-2 igw-1 10.2.0.0/24 10.2.0.0/16 10.2.1.0/24
vpce-1 vpce-2 igw-1 10.2.0.0/24 10.2.0.0/16 10.2.1.0/24
vpce-1 vpce-2 igw-1 10.2.0.0/24 10.2.0.0/16 10.2.1.0/24
vpce-1 vpce-2 igw-1 10.2.0.0/24 10.2.0.0/16 10.2.1.0/24
vpce-1 vpce-2 igw-1 10.2.0.0/24 10.2.0.0/16 10.2.1.0/24

10.2.0.0/24

10.2.0.0/16

10.2.1.0/24

10.2.1.0/24 10.2.2.0/28

10.2.1.0/24

10.2.2.0/28

•       Rule #   Type   Protocol   Port Range Source  
•       Rule #   Type   Protocol   Port Range Source  

•       Rule #   Type   Protocol   Port Range Source   Allow/Deny
•       Rule #   Type   Protocol   Port Range Source   Allow/Deny
•       Rule #   Type   Protocol   Port Range Source   Allow/Deny
•       Rule #   Type   Protocol   Port Range Source   Allow/Deny
•       Rule #   Type   Protocol   Port Range Source   Allow/Deny
•       Rule #   Type   Protocol   Port Range Source   Allow/Deny
•       Rule #   Type   Protocol   Port Range Source   Allow/Deny
 
     
   

Rule #

 

Type

 

Protocol

 

Port Range

Source

 

Allow/Deny

100

 

HTTP

 

TCP (6)

 

80

0.0.0.0/0

 

ALLOW

101

 

HTTPS

 

TCP (6)

 

443

0.0.0.0/0

 

ALLOW

110

 

SSH

 

TCP (6)

 

22

192.168.0.0/16

 

ALLOW

*

   

ALL

 

ALL

0.0.0.0/0

 

DENY

 
     
   

Rule #

 

Type

Protocol

 

Port Range

Destination

Allow/Deny

100

 

Custom

TCP (6)

 

1024-65535

0.0.0.0/0

ALLOW

*

 

ALL

 

ALL

0.0.0.0/0

DENY

• Type Protocol Port Range Source HTTP TCP (6) 80 0.0.0.0/0 HTTPS TCP (6) 443

Type Protocol Port Range Source HTTP TCP (6) 80 0.0.0.0/0 HTTPS TCP (6) 443 0.0.0.0/0
Type
Protocol
Port Range
Source
HTTP
TCP (6)
80
0.0.0.0/0
HTTPS
TCP (6)
443
0.0.0.0/0
Custom
TCP (6)
9999
sg-ihgfdcba
SSH
TCP (6)
22
192.168.0.0/16
TCP (6) 9999 sg-ihgfdcba SSH TCP (6) 22 192.168.0.0/16 Type Protocol Port Range Destination MySQL TCP
TCP (6) 9999 sg-ihgfdcba SSH TCP (6) 22 192.168.0.0/16 Type Protocol Port Range Destination MySQL TCP
Type Protocol Port Range Destination MySQL TCP (6) 3306 sg-abcdfghi
Type
Protocol
Port Range
Destination
MySQL
TCP (6)
3306
sg-abcdfghi
sg-ihgfdcba SSH TCP (6) 22 192.168.0.0/16 Type Protocol Port Range Destination MySQL TCP (6) 3306 sg-abcdfghi
sg-ihgfdcba SSH TCP (6) 22 192.168.0.0/16 Type Protocol Port Range Destination MySQL TCP (6) 3306 sg-abcdfghi
● ● ● ●

● ● ● ●
● ● ● ●
● ● ● ●
● ● ● ●
10.2.0.0/16 local 10.6.0.0/16 local 10.6.0.0/16 pcx-1 10.2.0.0/16 pcx-1 10.6.1.0/24 pcx-1 10.2.1.0/24 pcx-1
10.2.0.0/16
local
10.6.0.0/16
local
10.6.0.0/16
pcx-1
10.2.0.0/16
pcx-1
10.6.1.0/24
pcx-1
10.2.1.0/24
pcx-1
pcx-1
pcx-1
○ ○ ○ ○ ● ● ● ○ ○

○ ○ ○ ○ ● ● ● ○ ○
○ ○ ○ ○ ● ● ● ○ ○
○ ○ ○ ○ ● ● ● ○ ○
○ ○ ○ ○ ● ● ● ○ ○
○ ○ ○ ○ ● ● ● ○ ○

○ ○ ○ ○ ● ● ● ○ ○
○ ○ ○ ○ ● ● ● ○ ○
○

○ ○ ○ ○ ● ● ● ○ ○
Customer 10.2.0.0/16 local 192.168.0.0/16 vgw-1 cgw vgw-1 10.2.0.0/16 10.2.0.0/24 Customer cgw
Customer 10.2.0.0/16 local 192.168.0.0/16 vgw-1
Customer
10.2.0.0/16
local
192.168.0.0/16
vgw-1

cgw

Customer 10.2.0.0/16 local 192.168.0.0/16 vgw-1 cgw vgw-1 10.2.0.0/16 10.2.0.0/24 Customer cgw

vgw-1

Customer 10.2.0.0/16 local 192.168.0.0/16 vgw-1 cgw vgw-1 10.2.0.0/16 10.2.0.0/24 Customer cgw
Customer 10.2.0.0/16 local 192.168.0.0/16 vgw-1 cgw vgw-1 10.2.0.0/16 10.2.0.0/24 Customer cgw

10.2.0.0/16

Customer 10.2.0.0/16 local 192.168.0.0/16 vgw-1 cgw vgw-1 10.2.0.0/16 10.2.0.0/24 Customer cgw
Customer 10.2.0.0/16 local 192.168.0.0/16 vgw-1 cgw vgw-1 10.2.0.0/16 10.2.0.0/24 Customer cgw
Customer 10.2.0.0/16 local 192.168.0.0/16 vgw-1 cgw vgw-1 10.2.0.0/16 10.2.0.0/24 Customer cgw

10.2.0.0/24

Customer cgw
Customer
cgw
Customer cgw vgw

Customer

cgw
cgw
cgw
cgw
cgw
cgw
cgw

cgw

cgw
cgw
cgw
cgw
cgw
cgw
cgw
cgw
cgw
cgw
cgw
cgw
cgw
cgw
cgw
cgw
Customer cgw vgw
Customer cgw vgw
Customer cgw vgw
vgw

vgw

vgw
vgw
vgw
Customer cgw vgw
Customer cgw vgw
Customer cgw vgw
Customer cgw vgw cgw
Customer cgw vgw cgw
Customer cgw vgw cgw
Customer
cgw
vgw
cgw
10.2.0.0/16 local 10.2.0.0/16 local 0.0.0.0/0 igw-1 192.168.0.0/20 ec2-id Customer Internet igw-1 10.2.0.0/24
10.2.0.0/16 local 10.2.0.0/16 local 0.0.0.0/0 igw-1 192.168.0.0/20 ec2-id
10.2.0.0/16
local
10.2.0.0/16
local
0.0.0.0/0
igw-1
192.168.0.0/20
ec2-id

Customer

Internet

0.0.0.0/0 igw-1 192.168.0.0/20 ec2-id Customer Internet igw-1 10.2.0.0/24 10.2.0.0/16 10.3.0.0/24 192.168.0.0/20 cgw

igw-1

0.0.0.0/0 igw-1 192.168.0.0/20 ec2-id Customer Internet igw-1 10.2.0.0/24 10.2.0.0/16 10.3.0.0/24 192.168.0.0/20 cgw
0.0.0.0/0 igw-1 192.168.0.0/20 ec2-id Customer Internet igw-1 10.2.0.0/24 10.2.0.0/16 10.3.0.0/24 192.168.0.0/20 cgw
0.0.0.0/0 igw-1 192.168.0.0/20 ec2-id Customer Internet igw-1 10.2.0.0/24 10.2.0.0/16 10.3.0.0/24 192.168.0.0/20 cgw
0.0.0.0/0 igw-1 192.168.0.0/20 ec2-id Customer Internet igw-1 10.2.0.0/24 10.2.0.0/16 10.3.0.0/24 192.168.0.0/20 cgw
0.0.0.0/0 igw-1 192.168.0.0/20 ec2-id Customer Internet igw-1 10.2.0.0/24 10.2.0.0/16 10.3.0.0/24 192.168.0.0/20 cgw
0.0.0.0/0 igw-1 192.168.0.0/20 ec2-id Customer Internet igw-1 10.2.0.0/24 10.2.0.0/16 10.3.0.0/24 192.168.0.0/20 cgw
0.0.0.0/0 igw-1 192.168.0.0/20 ec2-id Customer Internet igw-1 10.2.0.0/24 10.2.0.0/16 10.3.0.0/24 192.168.0.0/20 cgw

10.2.0.0/24

10.2.0.0/16

10.3.0.0/24

192.168.0.0/20

cgw

0.0.0.0/0 igw-1 192.168.0.0/20 ec2-id Customer Internet igw-1 10.2.0.0/24 10.2.0.0/16 10.3.0.0/24 192.168.0.0/20 cgw
192.168.0.0/16 local 192.168.0.0/16 local 10.2.0.0/16 local 10.2.0.0/16 ec2-id 0.0.0.0/0 igw 192.168.0.0/16
192.168.0.0/16
local
192.168.0.0/16
local
10.2.0.0/16
local
10.2.0.0/16
ec2-id
0.0.0.0/0
igw
192.168.0.0/16
vgw-1

192.168.1.0/24

igw

AWS

Oregon

192.168.0.0/24
192.168.0.0/24
192.168.0.0/24
192.168.0.0/24
192.168.0.0/24
192.168.0.0/24
192.168.0.0/24
192.168.0.0/24
192.168.0.0/24
192.168.0.0/24
192.168.0.0/24
192.168.0.0/24
192.168.0.0/24
192.168.0.0/24
192.168.0.0/24
192.168.0.0/24
192.168.0.0/24
192.168.0.0/24
192.168.0.0/24
192.168.0.0/24
192.168.0.0/24
192.168.0.0/24

192.168.0.0/24

192.168.0.0/24
192.168.0.0/24
192.168.0.0/24
192.168.0.0/24
192.168.0.0/24
192.168.0.0/24
192.168.0.0/24

Internet

AWS Virginia vgw
AWS
Virginia
vgw

10.2.0.0/24

10.2.0.0/16

• • • • • • • ○ ○ ○ ○ ○
• • • • • • • ○ ○ ○ ○ ○

• • • • • •
• • • • • •

• ○ ○ ○ ○ ○

• ○ ○ ○ ○ ○
• ○ ○ ○ ○ ○
• ○ ○ ○ ○ ○
• ○ ○ ○ ○ ○
• ○ ○ ○ ○ ○
aws Colocation cgw DX
aws Colocation cgw DX
aws
Colocation
cgw
DX
aws Customer cgw DX
aws Customer cgw DX
aws
Customer
cgw
DX
DX vgw vgw

DX

DX vgw vgw

vgw

DX vgw vgw

vgw

● ● ● ● ● ● ● ○ ○ ○ us-west-2a eth0 eth1 eth2 eth3

● ● ● ● ● ● ● ○ ○ ○ us-west-2a eth0 eth1 eth2 eth3
● ● ● ● ● ● ● ○ ○ ○ us-west-2a eth0 eth1 eth2 eth3
● ● ● ● ● ● ● ○ ○ ○ us-west-2a eth0 eth1 eth2 eth3
○ ○ ○
us-west-2a eth0 eth1 eth2 eth3
us-west-2a
eth0
eth1
eth2
eth3
○ ○ ○ ● ○
○ ○

○ ○
○ ○

○ ○
○ ○
○ ○
○ ○ ○ ● ○
○ ○ ○ ● ○

○ ○ ○ ● ○
○ ○ ○ ● ○

○ ○ ○ ● ○

○ ○ ○ ● ○
○ ○ ○ ● ○
● ● ● ● ● ● ● ●
● ● ● ● ● ● ● ●
● ● ● ● ● ● ● ●

● ● ● ● ● ● ● ●
● ● ● ● ● ● ● ●
● ● ● ● ● ● ● ●
● ● ● ● ● ● ● ●
● ● ● ● ● ● ● ●
● ● ● ● ● ● ● ●
● ● ● ● ● ● ● ●
● ● ● ● ● ● ● ●
● ● ● ○ ○ ○ ● ● ● ●
● domain-name-servers=AmazonProvidedDNS ● domain-name=domain-name-per-region ●
domain-name-servers=AmazonProvidedDNS
domain-name=domain-name-per-region

● domain-name-servers=AmazonProvidedDNS ● domain-name=domain-name-per-region ● ● ● ● ● ●
● domain-name-servers=AmazonProvidedDNS ● domain-name=domain-name-per-region ● ● ● ● ● ●
● domain-name-servers=AmazonProvidedDNS ● domain-name=domain-name-per-region ● ● ● ● ● ●
● domain-name-servers=AmazonProvidedDNS ● domain-name=domain-name-per-region ● ● ● ● ● ●
● domain-name-servers=AmazonProvidedDNS ● domain-name=domain-name-per-region ● ● ● ● ● ●
● ● ● ● ● ● 172.31.0.0/16 local 0.0.0.0/0 igw-1 ☑ auto-assign public IPv4 igw-1

● ● ● ● ● ● 172.31.0.0/16 local 0.0.0.0/0 igw-1 ☑ auto-assign public IPv4 igw-1 address
● ● ● ● ● ● 172.31.0.0/16 local 0.0.0.0/0 igw-1 ☑ auto-assign public IPv4 igw-1 address
● ● ● ● ● ● 172.31.0.0/16 local 0.0.0.0/0 igw-1 ☑ auto-assign public IPv4 igw-1 address
● ● ● ● ● ● 172.31.0.0/16 local 0.0.0.0/0 igw-1 ☑ auto-assign public IPv4 igw-1 address
172.31.0.0/16 local 0.0.0.0/0 igw-1
172.31.0.0/16 local 0.0.0.0/0 igw-1
172.31.0.0/16 local 0.0.0.0/0 igw-1

172.31.0.0/16

local

0.0.0.0/0

igw-1

☑ auto-assign public IPv4 igw-1 address 172.31.0.0/16
auto-assign
public IPv4
igw-1
address
172.31.0.0/16
aws DX DX Customer cgw cgw
aws DX DX Customer cgw cgw
aws DX DX
aws
DX
DX
aws DX DX Customer cgw cgw

Customer

cgw

cgw

aws DX DX Customer cgw cgw
Class # Networks Addresses per network Start address End address Class A /8 128 16,777,216
Class # Networks Addresses per network Start address End address Class A /8 128 16,777,216

Class

# Networks

Addresses per network

Start address

End address

Class A

/8

128

16,777,216

0.0.0.0

127.255.255.255

[a]

Class B

/16

16,384

65,536

128.0.0.0

191.255.255.255

Class C

/24

2,097,152

256

192.0.0.0

223.255.255.255

Internet network addressing architecture used 1981–1993

cgw
cgw
igw 10.2.0.0/24 10.2.0.0/16 10.2.1.0/24 vgw
igw 10.2.0.0/24 10.2.0.0/16 10.2.1.0/24 vgw
igw 10.2.0.0/24 10.2.0.0/16 10.2.1.0/24 vgw
igw 10.2.0.0/24 10.2.0.0/16 10.2.1.0/24 vgw
igw 10.2.0.0/24 10.2.0.0/16 10.2.1.0/24 vgw
igw 10.2.0.0/24 10.2.0.0/16 10.2.1.0/24 vgw
igw 10.2.0.0/24 10.2.0.0/16 10.2.1.0/24 vgw
igw 10.2.0.0/24 10.2.0.0/16 10.2.1.0/24 vgw
igw 10.2.0.0/24 10.2.0.0/16 10.2.1.0/24 vgw
igw 10.2.0.0/24 10.2.0.0/16 10.2.1.0/24
igw 10.2.0.0/24 10.2.0.0/16 10.2.1.0/24
igw 10.2.0.0/24 10.2.0.0/16 10.2.1.0/24

igw

igw 10.2.0.0/24 10.2.0.0/16 10.2.1.0/24

10.2.0.0/24

10.2.0.0/16

10.2.1.0/24

10.2.0.0/24 10.2.0.0/16 10.2.1.0/24
igw 10.2.0.0/24 10.2.0.0/16 10.2.1.0/24 vgw

vgw

igw 10.2.0.0/24 10.2.0.0/16 10.2.1.0/24 vgw
igw 10.2.0.0/24 10.2.0.0/16 10.2.1.0/24 vgw
igw 10.2.0.0/24 10.2.0.0/16 10.2.1.0/24 vgw
igw 10.2.0.0/24 10.2.0.0/16 10.2.1.0/24 vgw
igw 10.2.0.0/24 10.2.0.0/16 10.2.1.0/24 vgw
igw 10.2.0.0/24 10.2.0.0/16 10.2.1.0/24 vgw
igw 10.2.0.0/24 10.2.0.0/16 10.2.1.0/24 vgw
igw 10.2.0.0/24 10.2.0.0/16 10.2.1.0/24 vgw
igw 10.2.0.0/24 10.2.0.0/16 10.2.1.0/24 vgw
igw 10.2.0.0/24 10.2.0.0/16 10.2.1.0/24 vgw
igw 10.2.0.0/24 10.2.0.0/16 10.2.1.0/24 vgw
igw 10.2.0.0/24 10.2.0.0/16 10.2.1.0/24 vgw
igw 10.2.0.0/24 10.2.0.0/16 10.2.1.0/24 vgw
igw 10.2.0.0/24 10.2.0.0/16 10.2.1.0/24 vgw
igw 10.2.0.0/24 10.2.0.0/16 10.2.1.0/24 vgw
10.2.2.0/28

10.2.2.0/28

10.2.2.0/28
10.2.2.0/28