# VPC Subnets

* A **range of IP addresses for your VPC**.<br>

* VPC Subnet is **attached to an Availability Zone** - Subnet can span only a single Availability Zone.<br>

* To create a subnet, you **specify the CIDR block for the subnet**, which is a subset of the VPC CIDR block.<br>

* **Each VPC subnet is in a different Availability Zone** and **together, they span across all the Availability Zones in the region**.

* The **first 4 IP addresses and last IP address in each subnet CIDR block are not available for use:**<br>
  * For example, in a **subnet with CIDR block 10.0.0.0/24**, the following five IP addresses are reserved:

    * **10.0.0.0 = Network address**.
    * **10.0.0.1 = For the VPC router**.
    * **10.0.0.2 = Reserved for DNS Server**.
    * **10.0.0.3 = For future use**.
    * **10.0.0.255 = Network broadcast address**; AWS do not support broadcast in a VPC, so they reserve this address.

  * So, if you need 29 IP addresses for a VPC, a /27 CIDR block will only give you 32 IP addresses but you actually need 34 IP addresses, so you'd require a /26 CIDR block with 64 IP addresses.