Never Make VPCs With Overlapping CIDRs

aws networking don'ts

If you’re making new VPCs in your AWS account, don’t make VPCs with CIDR ranges that overlap with other VPCs.

If you don’t, you might run into the following issues:

  • Routing - You can run into issues routing requests to the correct network.
  • Security - It’s much more difficult to audit and review security groups based on CIDR blocks.
  • VPN issues - Your VPN software can also run into issues routing when services are on the same CIDR block.
  • Observability - When all your IPs are in the same CIDR block, observing and debugging your services is more difficult when all the logs are tagged with the same IP block.
  • Compliance - Certain compliance frameworks require clear segmentation of network resources.

For these reasons, I recommend you never make VPCs with overlapping CIDRs.

Master GitHub Actions with a Senior Infrastructure Engineer

As a senior staff infrastructure engineer, I share exclusive, behind-the-scenes insights that you won't find anywhere else. Get the strategies and techniques I've used to save companies $500k in CI costs and transform teams with GitOps best practices—delivered straight to your inbox.

Not sure yet? Check out the archive.

Unsubscribe at any time.