Specifying the CIDR blocks is essential when you create a virtual private cloud (VPC) and vSwitches within it. Appropriate planning avoids network conflicts and ensures scalability, whereas failure to do so may incur significant re-creation costs. To enhance planning efficiency, you can use IP Address Manager (IPAM) to automatically assign IP addresses and detect address conflicts. This document introduces how to manage IP address pools and allocate IP addresses from an IPAM pool to create an IPv4 VPC.
Scenario
A company has several business departments, each with different security requirements and deployment strategies for production and testing environments. Strict isolation through VPCs is required. It falls upon administrators to manage address resources efficiently to accommodate current operational needs and future scalability.
By adopting IPAM, the company can automate IP address assignment and conflict detection. With a CIDR-based design, IPAM effectively manages address pools by dividing IP addresses into different levels, such as regions, departments, and business units.
This topic uses VPC1 in the production environment as an example and demonstrates how to utilize IPAM for network planning and set up an IPv4 VPC.
Create an IPAM and a private IPAM scope.
Create a top-level pool and subpools. Provision the CIDR blocks.
Assign a larger CIDR block
192.168.0.0/16to the top-level pool and assign192.168.0.0/20to subpool 1 in the production environment.When setting up VPC1, allocate a CIDR block from the subpool in the production environment.
Procedure
Step 1: Create an IPAM
Log on to the IPAM console. In the top navigation bar, select the region where you want to create the IPAM.
On the IPAM page, click Create IPAM and choose the Operating Region. Keep other parameters as default or modify them based on needs.
NoteWhen creating an IPAM, you must select at least one operating region, which must include the region where the IPAM is hosted.
You cannot delete the region where the IPAM is deployed.
Step 2: Create a top-level pool
In the left-side navigation pane, click IPAM Pool.
On the IPAM Pool page, click Create IPAM Pool. Set the parameters according to the figure. You may leave other parameters at default or adjust them according to your requirements.
The following section only lists parameters that are strongly related to this document. Other parameters that are not specified are kept at default values. For more information about parameters, see Create and manage an IPAM pool.IPAM Scope: Only private IPAM scopes are supported.
CIDR Range: Select IPAM. The IPAM pool being created is a top-level pool.
Operating Region: The operating region for the IPAM pool must be within the operating region of the IPAM to which the pool belongs. It cannot be modified once set.
Automatically Import Discovered Resource: When enabled, IPAM continuously searches for VPCs through resource discovery and automatically imports unallocated resources that fall within the CIDR block range of the current IPAM pool.
Provision CIDR Block: Click Add CIDR Block to add multiple CIDRs. Only IPv4 CIDRs are supported.
Allocate Rule: Configure the Minimum Mask Length, Default Mask Length, and Maximum Mask Length for resources allocated within the IPAM pool.
Step 3: Create a sub-address pool
Set the parameters according to the following figure. Subpool-1 with a CIDR block of 192.168.0.0/20 is created for the production environment.
The following section only lists parameters that are strongly related to this document. Other parameters that are not specified are kept at default values. For more information about parameters, see Create and manage an IPAM pool.
IPAM Scope: Only private IPAM scopes are supported.
CIDR Range: Select IPAM Pool. The IPAM pool created here is a sub-address pool.
Source IPAM Pool: Select the top-level pool created in Step 2.
Operating Region: The operating region set for the IPAM pool will automatically apply to the subpools. You do not need to configure the operating region separately.
Automatically Import Discovered Resource: When enabled, IPAM continuously searches for VPCs through resource discovery and automatically imports unallocated resources that fall within the CIDR block range of the current IPAM pool.
Provision CIDR Block: Click Add CIDR Block to add multiple CIDRs. Only IPv4 is supported.
Allocate Rule: Configure the Minimum Mask Length, Default Mask Length, and Maximum Mask Length for resources allocated within the IPAM pool.
After creation, the pool hierarchy is shown in the following figure:
Step 4: Create VPC1 and vSwitch and allocate CIDR block
Log on to the VPC console.
In the top navigation bar, select the region of the VPC. The Operating Region of the IPAM pool is selected in this example.
On the VPC page, click Create VPC. Configure the VPC and vSwitch based on the following information, then click OK:
The following section only lists parameters that are strongly related to this document. Default values are applied to other parameters that are not specified here. For more information about parameters, see Create and manage a VPC.IPv4 CIDR Block: Select the IPv4 CIDR block allocated by IPAM.
Select Pool: Select the subpool created in Step 3.
Network Mask: The system selects the first idle CIDR block that meets the allocation rules after you configure a network mask. You can also specify a IPv4 CIDR block as needed from the provisioned CIDR blocks of the IPAM pool.
IPv4 CIDR Block of vSwitch: The CIDR block needs to belong to the IPv4 CIDR blocks allocated by IPAM.
After creation, view the address allocation under the Details tab of the IPAM pool created in Step 3. As shown in the figure below, 1.6% of addresses have been allocated.
NoteThe CIDR block of the subpool is
192.168.0.0/20with 4,096 active IP addresses. When the subnet mask is set to/26, 64 IP addresses from the IPAM pool are allocated to VPC1. Therefore,64/4096 = 1.6%of addresses have been assigned to the VPC.
View the addresses assigned to the VPC under the Allocate tab.
References
For more information about features, applications, limits and billing of IPAM, see IPAM.
For more information about how to use IPAM to realize efficient, scalable, and safe CIDR block planning, see Plan and manage IP addresses by using IPAM.