Networking for DevOps (Part 2): IP Fundamentals, Subnetting & VPC Explained

Dhruv JainDhruv Jain
6 min read

Topics Covered in This Blog

  • Fundamentals of IP

  • Subnetting

  • VPC and Tools

  • VPC Peering

Fundamentals of IP

What is IP & Why Do We Need It?

  • IP stands for Internet Protocol, and it's one of the core protocols that make the internet work.

  • It helps identify devices and route data between them — kind of like giving every device a unique address so they can talk to each other.

  • Without IP, your laptop wouldn't know where to send or receive data when you open a website or ping a server.

  • Real-World Analogy:
    Think of IP like a postal address. Just like a courier needs your home address to deliver a package, networks need an IP address to deliver data.

What is an IP Address?

An IP address is a temporary address assigned to a device based on the network it is connected to. It helps the device access the internet.

Types of IP addresses:

  • Public IP: Visible on the internet (e.g. your home router,Visible to websites and online services)

  • Private IP: Used within internal networks (e.g. Your phone or laptop connected to Wi-Fi not visible on the internet directly)

  • Static IP: Doesn’t change

  • Dynamic IP: Assigned automatically and can change over time

IPV-4

  • IPv4 is the older and most commonly used version of IP addressing.

  • Uses a 32-bit address format, split into 4 octets (like 192.168.0.1)

  • Maximum no. of ~4.3 billion unique addresses.

  • IPv4 addresses are written in decimal, and each number ranges from 0 to 255.

IPV-6

  • Pv6 is the newer version of IP, created to overcome the limitations of IPv4.

  • Uses a 128-bit address format — supports trillions of devices.

  • Written in hexadecimal, like: 2001:0db8:0000:0042:0000:8a2e:0370:7334

  • Also includes built-in features like better routing and security.

  • Maximum no. of 2^128 or ~ 340 undecillion (trillion trillion trillion) unique addresses.

Subnetting

What is Subnetting?

  • Subnetting is the process of dividing a larger network into smaller, manageable parts (called subnets).

  • Each subnet behaves like a mini-network inside the bigger one.

  • It helps in improving network performance, enhancing security, and organizing network structure.

  • Analogy:
    Imagine a company with 4 departments. Subnetting is like giving each department its own internal room number — so the building (network) is organized better.

Why Subnetting?

  • Conserves IP addresses by allocating them more efficiently

  • Enables better security and isolation between departments, teams, or services

  • Especially useful in DevOps environments where teams manage clusters, pods, services, and microservices — each may need its own isolated subnet.

Notes on IPv4 Subnets (Quick & Clear)

  • In IPv4, subnets can be created by changing the last octet of the address.

  • Typically, the first three octets represent the network, and the last octet is used for the host portion.

  • When a subnet has n total IP addresses, only n - 2 are usable:

    • The first address is the Subnet ID (identifies the subnet).

    • The last address is the Broadcast Address (used to broadcast messages to all hosts in that subnet).

  • The Subnet ID depends on the interface:

    • A mobile device typically has one interface (e.g., Wi-Fi).

    • A router usually has two or more interfaces, each belonging to a different subnet.

What is CIDR?

  • CIDR stands for Classless Inter-Domain Routing.

  • It is a method of IP addressing that allows more flexible allocation of IP addresses than traditional class-based IP.

  • CIDR notation looks like this: 192.168.1.0/24

    • The /24 means that the first 24 bits are used for the network, and the remaining 8 bits are for the host.

    • /24 allows 256 IPs total, out of which 254 are usable.

What is a Subnet Mask?

  • A subnet mask defines which part of an IP address refers to the network and which part refers to the host.

  • Common subnet masks:

    • 255.255.255.0 (for /24 subnet)

    • 255.255.0.0 (for /16 subnet)

VPC & Tools

VPC (Virtual Private Cloud) is a virtual network dedicated to your cloud account — isolated from other networks — where you can launch and manage your cloud resources (like EC2, RDS, etc.).
Think of it as your own private network inside the cloud, but fully configurable and scalable.

Why is VPC Needed?

  1. Private Space in the Cloud
    A VPC gives you your own secure space in the cloud to run your servers and apps — just like having your own floor in a building.

  2. Better Security
    You control who can enter, what they can access, and how data moves — using things like firewalls and access rules.

  3. Custom Network Setup
    You can decide how your network works — create public areas (for users) and private ones (for databases or internal services).

Easy to Grow
As your project grows, VPC makes it easy to add more services, connect with other networks, or even link with your office network.

Public VPC :

  • When your VPC has access of internet is known as public VPC.

  • For internet access we need a Internet Gateway & Route Table.

  • (you will further read about it in VPC Peering)

Private VPC:

  • When your VPC is not connected to internet is known as private VPC.

Tools for VPC

  • Subnet

    • Definition: A small section inside a VPC that divides the network into smaller logical parts.

    • Use: Helps you separate resources into public (internet-facing) and private (internal) zones. For example, a web server in a public subnet and a database in a private one.

  • Internet Gateway (IGW)

    • Definition: A gateway that allows internet traffic to enter or leave your VPC.

    • Use: Connects your public-facing resources (like web servers) to the internet.

  • Route Table

    • Definition: A set of rules that determine how traffic moves inside the VPC or to/from outside networks.

    • Use: Ensures the right path for traffic — for example, routing internet-bound traffic to the Internet Gateway or private traffic within the VPC.

  • NAT Gateway (Network Address Translation)

    • Definition: A service that lets private subnets access the internet without being directly exposed.

    • Use: Used when you want to download updates or packages from the internet without making private resources publicly available.

Real-world Analogy

Imagine building a private office inside a shared skyscraper. Others are in the same building (cloud), but your floor (VPC) is secure, has locked doors (firewalls), its own layout (subnets), and a reception (gateway) you control.

VPC Peering

VPC Peering is a way to connect two Virtual Private Clouds (VPCs) so that resources in one VPC can communicate with resources in another — just like they’re on the same private network.

Think of it as creating a direct bridge between two separate cloud networks.

Why VPC Peering is Useful:

  • Share services like databases, APIs, or authentication between environments.

  • Connect different teams or departments securely.

  • Enable cross-region or cross-account communication in AWS.

To get more detail about VPC Peering :
click the image or go to : https://youtu.be/UVNVPquIkXE?si=KXDUTLw4b3PB4k1F

0
Subscribe to my newsletter

Read articles from Dhruv Jain directly inside your inbox. Subscribe to the newsletter, and don't miss out.

Devopsvpcvpc peering

Written by

Dhruv Jain
Dhruv Jain

Full-stack developer on a mission to master the DevOps universe. I craft apps from frontend pixels to backend logic—and now I'm learning to deploy, scale, and automate like a pro. Join me as I document the journey, one commit at a time.