I got the following question and I have to choose two answers.
Which of these CIDR blocks and/or IP addresses are invalid for a private VPC or subnet on AWS
1. 192.168.1.2 255.255.255.0
I answered 2,4 but for some reason, the correct answer was 1,2. Why we can not use 192.168.1.2/255 and how we can use 126.96.36.199 in the internal subnet.
There’s a few bits missing in your question. I re-visited the quiz to double check the question and the values are:
192.168.1.2 within a /24
Easiest one to pick out as being invalid is 172.31.3.2/15. AWS only allow VPC/Subnets to be of size /28 to /16 therefore /15 is invalid. The other 3 are a little tricker and require a bit of thinking.
Instantly I looked at 10.2.4.255 and thought that was invalid as AWS reserve the broadcast address (last IP), but if you have VPC of 10.2.0.0/16 and single subnet with /16, then 10.2.4.255 is not a reserved IP so it’s valid.
188.8.131.52 is valid as .8 wouldn’t be any of AWS’s reserved IPs given its not one of the first 4 or last 1, so it’s valid. Whether you should use it is a different story (and you probably should never use it but besides the point it’s still technically valid).
Therefore it leaves 192.168.1.2 (within a /24) as invalid. And why is it invalid? It’s the use of .2 address within the /24 that makes this address invalid. A /24 network has the .0 -.4 and .255 reserved and as 192.168.1.2 is within the reserved range, it is invalid.
So, the invalid addresses/blocks are 192.168.1.2 within a /24 and 172.31.3.2/15.