VPC subnet optimization

Task Statement 3.3: Optimize AWS networks for performance, reliability, and cost-effectiveness.

📘AWS Certified Advanced Networking – Specialty

1. What is a Subnet in a VPC?

A subnet is a smaller network inside a Virtual Private Cloud (VPC). It divides the VPC into multiple isolated sections.

  • Each subnet is tied to one Availability Zone (AZ)
  • Subnets help organize and control network traffic
  • Resources (EC2, RDS, etc.) are launched inside subnets

👉 Think of a subnet as a logical grouping of resources with similar networking needs

🔹 2. Why Subnet Optimization is Important

Subnet optimization helps improve:

✔ Performance

  • Efficient routing and reduced latency
  • Better traffic flow between services

✔ Reliability

  • High availability across multiple AZs
  • Fault isolation

✔ Cost-effectiveness

  • Efficient IP usage
  • Reduced unnecessary infrastructure

🔹 3. Subnet Design Best Practices

3.1 Use Multiple Availability Zones

  • Always create subnets in at least 2 AZs
  • This ensures high availability and fault tolerance

Example (IT scenario):

  • Application servers in AZ1 and AZ2
  • If AZ1 fails → AZ2 continues serving traffic

3.2 Separate Public and Private Subnets

Public Subnet

  • Has a route to Internet Gateway (IGW)
  • Used for:
    • Load Balancers
    • Bastion hosts

Private Subnet

  • No direct internet access
  • Used for:
    • Application servers
    • Databases

Why this matters:

  • Improves security
  • Reduces attack surface

3.3 Proper CIDR Block Planning

Each subnet uses a CIDR block (IP range).

Key rules:

  • AWS reserves 5 IP addresses per subnet
  • Subnets cannot overlap
  • Plan for future scaling

Example:

  • VPC CIDR: 10.0.0.0/16
  • Subnets:
    • 10.0.1.0/24 (AZ1)
    • 10.0.2.0/24 (AZ2)

Optimization tip:

  • Avoid very small subnets → may run out of IPs
  • Avoid very large subnets → wastes IP space

3.4 Use Subnet Sizing Strategically

Small Subnets

  • Better isolation
  • Easier management
  • Risk: IP exhaustion

Large Subnets

  • Good for scaling
  • Less management overhead
  • Risk: inefficient IP usage

Best Practice:

  • Use moderate-sized subnets based on workload

🔹 4. Route Table Optimization

Each subnet is associated with a route table.

Key Idea:

Control where traffic goes

Best Practices:

  • Use separate route tables for:
    • Public subnets
    • Private subnets
  • Keep routing simple and efficient

Example:

  • Public subnet → route to IGW
  • Private subnet → route to NAT Gateway

🔹 5. NAT Gateway Optimization

Private subnets use a NAT Gateway for outbound internet access.

Optimization tips:

  • Place NAT Gateway in same AZ as subnet
    → reduces latency and cost
  • Avoid cross-AZ traffic (extra cost)

🔹 6. Subnet Placement Strategy

Group resources by function:

Subnet TypeExample Resources
Web TierLoad Balancers
App TierApplication servers
Data TierDatabases

Why?

  • Improves security
  • Simplifies routing and firewall rules

🔹 7. Network ACL Optimization

Each subnet uses a Network ACL (NACL).

Key Features:

  • Stateless firewall
  • Controls inbound and outbound traffic

Optimization tips:

  • Keep rules simple
  • Avoid too many entries (performance impact)
  • Use Security Groups for fine-grained control

🔹 8. Subnet IP Address Optimization

Avoid IP wastage:

  • Plan IP ranges carefully
  • Use smaller CIDR blocks when possible

Consider:

  • Auto Scaling growth
  • Future expansion

🔹 9. High Availability Design with Subnets

Best Practice:

  • Duplicate subnets across AZs

Example:

  • Public Subnet AZ1 + Public Subnet AZ2
  • Private Subnet AZ1 + Private Subnet AZ2

Benefit:

  • Ensures service continues during AZ failure

🔹 10. Cost Optimization in Subnet Design

Reduce costs by:

  • Minimizing cross-AZ traffic
  • Using NAT Gateway efficiently
  • Avoiding unused IP space

Important:

Cross-AZ traffic = extra data transfer cost

🔹 11. Advanced Optimization Concepts (Exam Important)

11.1 VPC Endpoints

  • Access AWS services without internet
  • Reduce NAT Gateway usage

Benefits:

  • Lower cost
  • Better security

11.2 Elastic Network Interfaces (ENI)

  • Attach multiple network interfaces to EC2
  • Useful for:
    • Traffic separation
    • High-performance networking

11.3 Subnet Auto Scaling Consideration

  • Ensure enough IPs for:
    • Auto Scaling Groups
  • Otherwise → instance launch failures

🔹 12. Common Mistakes (Exam Traps)

❌ Using only one AZ
❌ Creating very small subnets
❌ Not separating public and private subnets
❌ Cross-AZ NAT usage
❌ Overlapping CIDR blocks
❌ Not planning for scaling

🔹 13. Quick Exam Summary (Must Remember)

  • Subnets are AZ-specific
  • Always design for multi-AZ
  • Separate public vs private subnets
  • Plan CIDR blocks carefully
  • Optimize route tables and NAT usage
  • Avoid cross-AZ traffic
  • Use VPC endpoints to reduce cost
  • Ensure enough IPs for scaling

🔹 Final Thought

Subnet optimization is about smart design decisions:

  • Right size
  • Right placement
  • Right routing

If you design subnets properly, you automatically improve:
✅ Performance
✅ Reliability
✅ Cost efficiency

Buy Me a Coffee

Powered by
Necessary cookies enable essential site features like secure log-ins and consent preference adjustments. They do not store personal data.
None
Functional cookies support features like content sharing on social media, collecting feedback, and enabling third-party tools.
None
Analytical cookies track visitor interactions, providing insights on metrics like visitor count, bounce rate, and traffic sources.
None
Advertisement cookies deliver personalized ads based on your previous visits and analyze the effectiveness of ad campaigns.
None
Powered by