kwilczynski · October 9, 2018 01:19 · rkt2spc · Oct 9, 2018
diff --git a/network.txt b/network.txt
 VPC   Network (CIDR)    Designation   Region
 ===   ==============    ===========   ======
 1     10.100.0.0/16     Management    Asia Pacific (Tokyo)
 2     10.110.0.0/16     Production    Asia Pacific (Tokyo)
 3     10.120.0.0/16     Staging       Asia Pacific (Tokyo)

 Addressing scheme:

  10.XXX.YYY.0/16
      |   `------ Subnet (e.g. Public and/or Private) 
      `---------- VPC (e.g. Management, Production, etc.)

 Note: VPC peering is NOT possible across AWS regions.

 Subnet (CIDR)     Designation                Availability Zone
 =============     ===========                =================
 10.XXX.1.0/24     Public 1 (DMZ)             Asia Pacific (Tokyo) - A -.
 10.XXX.2.0/24     Public 2 (DMZ)             Asia Pacific (Tokyo) - B   |- Public network (NAT, bastion, etc.)
 10.XXX.3.0/24     Public 2 (DMZ)             Asia Pacific (Tokyo) - C -'
 10.XXX.10.0/24    Private 1 (Services)       Asia Pacific (Tokyo) - A -.
 10.XXX.20.0/24    Private 2 (Services)       Asia Pacific (Tokyo) - B   |- Web tier (front-end)
 10.XXX.30.0/24    Private 3 (Services)       Asia Pacific (Tokyo) - C _'
 10.XXX.110.0/24   Private 4 (Persistence)    Asia Pacific (Tokyo) - A -.
 10.XXX.120.0/24   Private 5 (Persistence)    Asia Pacific (Tokyo) - B   |- Database tier (back-end)
 10.XXX.130.0/24   Private 6 (Persistence)    Asia Pacific (Tokyo) - C _'

 Note: The subnet 10.XXX.0.0/24 was left alone as Amazon reserves first
      five (5) addresses for an internal use.

 Address allocation:

  10.XXX.YYY.0/24
   `- 10.XXX.YYY.1  - 10.XXX.YYY.10 (Reserved - Internal Use Only)
   `- 10.XXX.YYY.11 - 10.XXX.YYY.254

 Note: First ten usable IP addresses of each subnet are reserved for internal use
      only e.g. NAT instances, internal and/or external ELBs, utility servers, etc.

 Alternatively, this can be done using 172.16.0.0/12 range split into /16 which is then
 split into corresponding /24 e.g.

 * 172.16.0.0/16
   |
   +- 172.16.0.0/24
   +- 172.16.1.0/24
   `- 172.16.2.0/24
 * 172.17.0.0/16
 * 172.18.0.0/16
 * 172.19.0.0/16
	VPC Network (CIDR) Designation Region
	=== ============== =========== ======
	1 10.100.0.0/16 Management Asia Pacific (Tokyo)
	2 10.110.0.0/16 Production Asia Pacific (Tokyo)
	3 10.120.0.0/16 Staging Asia Pacific (Tokyo)

	Addressing scheme:

	10.XXX.YYY.0/16
	\| `------ Subnet (e.g. Public and/or Private)
	`---------- VPC (e.g. Management, Production, etc.)

	Note: VPC peering is NOT possible across AWS regions.

	Subnet (CIDR) Designation Availability Zone
	============= =========== =================
	10.XXX.1.0/24 Public 1 (DMZ) Asia Pacific (Tokyo) - A -.
	10.XXX.2.0/24 Public 2 (DMZ) Asia Pacific (Tokyo) - B \|- Public network (NAT, bastion, etc.)
	10.XXX.3.0/24 Public 2 (DMZ) Asia Pacific (Tokyo) - C -'
	10.XXX.10.0/24 Private 1 (Services) Asia Pacific (Tokyo) - A -.
	10.XXX.20.0/24 Private 2 (Services) Asia Pacific (Tokyo) - B \|- Web tier (front-end)
	10.XXX.30.0/24 Private 3 (Services) Asia Pacific (Tokyo) - C _'
	10.XXX.110.0/24 Private 4 (Persistence) Asia Pacific (Tokyo) - A -.
	10.XXX.120.0/24 Private 5 (Persistence) Asia Pacific (Tokyo) - B \|- Database tier (back-end)
	10.XXX.130.0/24 Private 6 (Persistence) Asia Pacific (Tokyo) - C _'

	Note: The subnet 10.XXX.0.0/24 was left alone as Amazon reserves first
	five (5) addresses for an internal use.

	Address allocation:

	10.XXX.YYY.0/24
	`- 10.XXX.YYY.1 - 10.XXX.YYY.10 (Reserved - Internal Use Only)
	`- 10.XXX.YYY.11 - 10.XXX.YYY.254

	Note: First ten usable IP addresses of each subnet are reserved for internal use
	only e.g. NAT instances, internal and/or external ELBs, utility servers, etc.

	Alternatively, this can be done using 172.16.0.0/12 range split into /16 which is then
	split into corresponding /24 e.g.

	* 172.16.0.0/16
	\|
	+- 172.16.0.0/24
	+- 172.16.1.0/24
	`- 172.16.2.0/24
	* 172.17.0.0/16
	* 172.18.0.0/16
	* 172.19.0.0/16