OCI - Creating VCN & Subnets and How to Choose correct IPv4 CIDR ip (Very Easy & Clear Explanation)

Disclaimer:

There are lots of wrong and right articles in internet, when you try to execute Hands-on Labs by yourself, there is chance that you could get drifted away or get severely confused, We strictly adhere to Official Oracle Cloud Documentation, offering you reliable and precise information without personal interpretations. This means you can trust our content 100% Genuine.

Prerequisites

Before you start the Lab kindly ensure that you have the following:

• An active OCI account.
• Make sure you Loged in as Account user who has, necessary IAM policies to create and manage networking components and Resources.

Lab Task

Creating VCN & Subnets and How to Choose correct IPv4 CIDR ip in (OCI).

Lab Task Explanation

In this lab we will Try to create

• 1 VCN.
• VCN CIDR is 10.0.0.0/16
• 2 Public Subnets.
• Each Subnet should be capable of holding 5 host address.
• Create the whole structure inside a Compartment named Production Compartment.

Lab Task Flow

Task 1: Prepare a sample Architectural Diagram

Our OCI Architectural diagram for this Lab,
And make sure you have choosen the required IPV4 CIDR for both VCN and it's Subnet



If you want to create such Architectural / Logical Cloud diagrams check this link - Click here :

Task 2: Create Compartment

Be clear in the structure of your Project and how many Compartments you want, reagarding your need choose the compartment in which you are going to create the VCN. below is the Logical Compartment diagram which we implemented in Previous Lab.

• Lab - Kindly Refer our previous Lab and finish this Task of Creating a Compartment

We are going to create in our Architecture within this Production Compartment.



Task 3: CIDR Calculator

This is the Online CIDR calculator i Personally use,
I dont know the Creaters of this website so kindly use at your Risk.

• Lab - This is a sample the CIDR Online calculator (use at your Risk).

Rememeber, each Subnet should be capable of holding 5 host address, thus we need to choose subnets CIDR accordigly.



So if we create all the subnets in same AD it will look like this.



Task 4: Let us Setup our Lab Goal:

For this Lab we only need to create 2 Public Subnets.



Let us select two usable CIDR range for our two Subnets, and understand how many host address it can hold.

Subnetting

Each of the Above

• 10.0.1.0/29
• 10.0.1.8/29

In general a Subnet of /29 Can accommodate 6 host address but OCI will Reserve one more Address thus we will get 5 Host Address to use for Resources.

Calculating Number of Usable Host

In above Available addresses OCI reserves first 2 & last 1 IP in each subnet (10.0.1.0/29).

• The first host IP is the network address (10.0.1.0).
• The Second host IP is the default gateway address (10.0.1.1).
• The last host IP is the broadcast address (10.0.1.7).



Task 5: Creating a VCN & a public Subnet Manually with CIDR Ip

1. Login to OCI: Start by logging into your Oracle Cloud Infrastructure account.
2. Navigate to Compartments: Use the top-left Navigation menu to select the “Identity & security > Identity > Compartments” option.
3. Choose the Correct Compartment: Now note the Name of the Compartment, what it's nature (child or parent) and where it present path is, because you may have to choose the same compartment in following steps.
4. Get to VCN: Use the top-left Navigation menu to select the “Networking > Virtual Cloud Network ” option.
5. Select the Compartment: In resulting window, at left side, choose the correct compartment
6. Creating VCN: click the "Create VCN" button and fill the required configurations with choosen IPV4 CIDR address and then click "Create VCN"
7. Get to Subnet: after the VCN is created on the VCN page at left side you can see the list of resources created, choose subnet from it.
8. Creating Subnet: click the "Create Subnet" button and fill the required configurations with Region and AD, put the choosen IPV4 CIDR address and then click "Create Subnet"


Common Errors: Some common errors you might encounter include
• CIDR Overlap: This occurs when the CIDR block of your VCN overlaps with one of your other networks.
• Insufficient Permissions: You might not have the necessary IAM policies to create or manage networking components.

Detailed Video Explanation:

Required concept knowledge

Need of VCN & Subnet

VCNs and Subnets are fundamental to your cloud infrastructure. They provide the first layer of security and help in logically isolating your resources. Whether you’re setting up a single instance or a complex, multi-tiered application, you’ll need to create a VCN and Subnets.

Virtual Cloud Network (VCN) :

• A VCN is a software-defined network that you set up in the Oracle Cloud Infrastructure data centers in a particular region.
• VCN resides in a single Oracle Cloud Infrastructure region.
• At the Time of Creation for the purposes of management access control, you must specify the compartment where you want the VCN to reside.
• Your VCN automatically comes with these default components:
• Default Route table, with no route rules.
• Default Security list, with default security rules.
• Default set of DHCP options, with default values.
• General Structure of Subnets within VCN


Subnet :

• A subnet is a subdivision of a VCN, You can create subnets to segment the network of your VCN.
• CIDRs of subnets in same VCN don’t overlap, e.g. 10.0.0.0/29 & 10.0.1.0/29.
• Can be either Regional or AD-specific (Regional subnets are recommended).
• AD-specific subnet exists in a single availability domain and spans all the available fault domains in that AD.
• Regional & AD-specific subnets can coexist in VCN.
• During subnet creation, you can choose which route table, security list, and set of DHCP options the subnet uses. If you don't specify a particular component, the subnet automatically uses the VCN's default component. You can change which components the subnet uses at any time.
• Thus each subnet always has these components associated with it:
• One Route table.
• One or more Security lists (for the maximum number, see Service Limits).
• One set of DHCP options.
• Subnets contain virtual network interface cards (VNICs), which attach to instances.
• Subnets act as a unit of configuration within the VCN: All VNICs in a given subnet use the same route table, security lists, and DHCP options.
• Subnets Can be public or private (Public by default). The choice of public or private happens during subnet creation, and you can't change it later.
• Private means VNICs in the subnet can't have public IPv4 addresses and internet communication with IPv6 endpoints will be prohibited.
• Public means VNICs in the subnet can have public IPv4 addresses and internet communication is permitted with IPv6 endpoints.

VCN and Subnet Limits



Permitted Range of CIDR Used Within Cloud

• For your VCN, Oracle recommends using the private IP address ranges specified in RFC 1918.
• The Reserved private IPv4 address space as per RFC 1918 (10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16).



Allowed VCN Size and Address Ranges

• For your VCN, Oracle recommends using the private IP address ranges specified in RFC 1918, but the RFC recommends /8 or /12 sizes, but Oracle doesn't support those sizes.
• OCI allowable VCN size range is /16 to /30, so use
• 10.0.0.0/16 to 10.0.0.0/30,
• 172.168.0.0/16 to 172.168.0.0/30,
• 192.168.0.0/16 to 192.168.0.0/30.
• However, you can use a publicly routable range too (but advisable not to use them).

VCN Disallowed range:

• 169.254.0.0/16: These addresses are used for iSCSI connections to the boot & block volumes, instance metadata, & other services.
• Class D IPs: 224.0.0.0 to 239.255.255.255 are reserved for multicast address assignments in the IP standards.
• Class E IPs: 240.0.0.0 to 255.255.255.255 are reserved for future use in the IP standards.
• Other Reserved Address : 127.0.0.0 is reserved for loopback and IPC on the local host.

Network Mask:

Prior to the introduction of CIDR, IPv4 network prefixes could be directly obtained from the IP address based on the class (A, B, or C, which vary based on the range of IP addresses they include) of the address and the network mask. Since the introduction of CIDRs, however, assigning an IP address to a network interface requires both an address and its network mask.



Learn Subnetting

IPV4

• A VCN can have multiple non-overlapping IPv4 CIDR blocks that you can change after you create the VCN.
• Regardless of the number of CIDR blocks, the max number of private IPs you can create within the VCN is 64,000.
• With IPv4 addresses as well as IPv6 addresses, the first two addresses and the last in the subnet's CIDR are reserved by the Networking service.
• OCI reserves first 2 & last IP in each subnet (192.168.0.0/24)
• The first host IP is the network address (192.168.0.0).
• The Second host IP is the default gateway address (192.168.0.1).
• The Last host IP is the broadcast address (192.168.0.255).

IPV6

• A VCN can optionally be enabled for IPv6 and Oracle will allocate a /56 prefix.
• You can also can import a BYOIP IPv6 prefix and assign it to an existing VCN or create a new VCN with a BYOIP or ULA IPv6 prefix.
• IPv6-enabled subnets will always be /64.
• With IPv4 addresses as well as IPv6 addresses, the first two addresses and the last in the subnet's CIDR are reserved by the Networking service.

Conclusion

In conclusion, VCN and Subnets in OCI are a powerful tool for Implementing and managing your cloud resources.

Reference

Stay tuned for more posts on managing your OCI resources effectively! Happy cloud computing!

1. Create VCN manually
2. Create VCN
3. OCI Network Overview
4. Managing VCN and Subnet Operations
5. IP Addresses Reserved for Use by Oracle

Previous Post

Goto Table Of Content

Next Post