For this question
Which of these CIDR blocks and/or IP addresses are invalid for a private VPC or subnet on AWS? (Choose 3)
A. 10.2.4.255 –> If I create a VPC with this CIDR block 10.2.0.0/16 I could have the 10.2.4.255 in an instance
B. 8.8.8.8 –> This is clear, I could create a VPC with 8.8.8.0/24
C. 172.31.4.2/15 –> The greatest CIDR block allowed is /16
D. 192.168.1.2 with subnet mask 255.255.255.0 –> I cannot specify this in a VPC or subnet, I can change instead for 192.168.1.0/24 or 192.168.0.0/16
The answer marks the A as an invalid, but If I create a VPC with this CIDR block 10.2.0.0/16 I could have the 10.2.4.255 in an instance, Couldn’t I?
1 Answers
Hi Jheison,
You are right that 10.2.4.255 is a perfectly usable address if you create a VPC using 10.2.0.0/16 then maybe a single subnet for 10.2.0.0/16 to allocate all those addresses to that single subnet. I’ve updated that question to remove that as an invalid answer.
–Scott
Correct me if I am wrong but the wording "8.8.8.8 –> This is clear, I could create a VPC with 8.8.8.0/24" seems incorrect. 8.8.8.0/24 is not a private range for a VPC or subnet. It is a valid IP which can be referenced inside a VPC or subnet. Is that the point?
I think so, that’s referring to a valid IP range that you can set when define a VPC or subnet.
The IP address is physically part of the CIDR block however not every address in the CIDR block is usable. The first and last addresses are reserved for network address and broadcast in this case .255 is the boardcast IP. Also keep in mind AWS doesn’t allow broadcast traffic. So remember by default CIDR blocks have the number of possible addresses -2 BUT for the purposes of AWS keeps 3 reserved addresses too so for a total of 5 unsable IP’s in each CIDR block.
but if the CIDR block is 10.2.0.0/16 as he mentioned, 10.2.4.255 is not a broadcast address; it is a usable IP address. It really depends on the CIDR size
Why would 192.168.1.2 with subnet mask 255.255.255.0 be invalid? Doesn’t that translate to CIDR block 192.168.1.0/24?