Virtual Private Clouds (Amazon VPC) let you launch AWS resources within a defined virtual network. AWS’ scalable infrastructure closely resembles a traditional data center network that you’d operate in your own data center.
Each subnet CIDR block’s first four IP addresses and last IP address can’t be assigned to a resource, including an EC2 instance, and cannot be used. The following five IP addresses are reserved in a subnet with CIDR block 10.0.0.0/24:
- 10.0.0.0: Network address.
- 10.0.0.1: Reserved by AWS for the VPC router.
- 10.0.0.2: Reserved by AWS. The IP address of the DNS server is the base of the VPC network range plus two. For VPCs with multiple CIDR blocks, the IP address of the DNS server is located in the primary CIDR. We also reserve the base of each subnet range plus two for all CIDR blocks in the VPC. For more information, see Amazon DNS server.
- 10.0.0.3: Reserved by AWS for future use.
- 10.0.0.255: Network broadcast address. We do not support broadcast in a VPC, therefore we reserve this address.
If you create a subnet using a command line tool or the Amazon EC2 API, the CIDR block is automatically modified to its canonical form. For example, if you specify 100.68.0.18/18 for the CIDR block, we create a CIDR block of 100.68.0.0/18.