What is subnets in the context of AWS Well-Architected Framework ?

What is subnets in the context of AWS Well-Architected Framework ?


4 min read

What is AWS Well-Architected Framework?

The AWS Well-Architected Framework is a set of best practices and guidelines designed to help cloud architects build secure, high-performing, resilient, and efficient infrastructure for their applications. It provides a structured approach for evaluating architectures and implementing improvements based on AWS's experience working with thousands of customers.


To design a secure network infrastructure in AWS, one need to know the basics of VPC, Subnets, Route Tables, Security Groups, NAT Gateway and Internet Gateway. These technologies are the backbone to ensure network security in AWS world and cloud architect could utilise them to design a secure network infrastructure as per AWS Well-Architected Framework.

What is subnets and why it is important?

A subnet, short for subnetwork, is a segment of a larger network that is created by dividing a network into smaller, more manageable parts. Subnetting is a fundamental concept in networking, and it plays a crucial role in organising and optimising the use of IP addresses within a network. Here's why subnets are important:

1. IP Address Management:

  • Conservation of IP Addresses:

    • Subnetting allows for the efficient use of IP addresses. Instead of assigning a single network address to an entire organisation, subnetting enables the organisation to divide the available IP address space into smaller, more manageable blocks.

2. Network Organisation:

  • Logical Segmentation:

    • Subnets logically divide a larger network into smaller, isolated sections. Each subnet can represent a different department, project, or functional area within an organisation. This segmentation helps in organizing and managing network resources more effectively.

3. Security:

  • Isolation of Traffic:

    • Subnets provide a level of isolation between different parts of a network. Resources within a subnet can communicate with each other, but communication between different subnets may require additional routing. This isolation enhances security by controlling the flow of traffic.

4. Routing and Traffic Management:

  • Efficient Routing:

    • Subnetting enables the use of routing tables to efficiently direct traffic between subnets. Routers use information about the destination subnet to make routing decisions, allowing for more optimized and scalable network architectures.

5. Performance:

  • Localised Traffic:

    • Resources within the same subnet can communicate more efficiently since they are part of the same local network. This can lead to reduced latency and improved performance for internal communications.

6. Scalability:

  • Division of Networks:

    • As an organisation grows, subnetting allows for the logical division of networks without the need to reconfigure the entire IP addressing scheme. This scalability is particularly important in large and dynamic environments.

7. Broadcast Domain Management:

  • Reduced Broadcast Traffic:

    • Subnetting limits the scope of broadcast traffic. Broadcasts are confined to the devices within the same subnet, preventing unnecessary broadcast traffic from affecting the entire network.

8. Flexibility:

  • Address Space Allocation:

    • Subnetting provides flexibility in how IP address space is allocated. Different subnets can have different subnet mask lengths, allowing for a more granular distribution of IP addresses based on the specific needs of each subnet.

9. Ease of Troubleshooting:

  • Localisation of Issues:

    • When network issues arise, subnetting can help in localizing the problem. Troubleshooting is more focused within a specific subnet, making it easier to identify and resolve issues.

In summary, subnets are a fundamental building block of network design, providing efficient IP address management, logical organisation, security, and improved performance. They contribute to the scalability and flexibility of a network while aiding in effective traffic management and troubleshooting.

CIDR block in subnets

CIDR, which stands for Classless Inter-Domain Routing, is a notation used in internet protocol (IP) addressing to allocate IP addresses and route IP traffic efficiently. In the context of subnets, CIDR is used to represent the IP address range assigned to a particular subnet. CIDR notation is expressed by combining an IP address with a subnet mask length.

Here's how CIDR block notation is structured:


For example CIDR Notation: is the base IP address, and /24 indicates that the first 24 bits are fixed as the network address, leaving 8 bits for host addresses within the subnet.

IP: 11000000.10101000.00000001.00000000 (binary representative of

Subnet mask: 11111111.11111111.11111111.00000000 (

Range of available IP addresses in the subnet is from to which excluded as subnet ID and as broadcast address. Total 254 (2^8 -2) usable IP addresses available in for this CIDR block.

You can refer to this calculator when you're designing the subnets in your AWS infrastructure.