About subnets
IBM Cloud® has specific terminology for the types, and uses, of subnets. Knowing their intended use helps you understand how best to use them in your cloud infrastructure.
To understand subnets and subnetting in general, review Subnetwork. Additionally, subnets are referred to in CIDR notation.
Subnets are networks created within a VPC. Subnets are a fundamental mechanism within VPC used to allocate addresses to individual resources (such as Virtual server instances), and enable various controls to these resources through the use of network ACLs, routing tables, resource groups.
Subnets are bound to a single zone; however, they can reach all other subnets within a VPC, across a region. They are created from a larger address space within the VPC called an address prefix; and you can provision multiple subnets per address prefix.
Subnets features
Subnets have the following features:
- Routable throughout your VPC across an entire region and further on-prem through Transit Gateway and Direct Link.
- Provide unique IP addresses to VPC resources including:
- Bare metal servers
- Virtual server instances
- Virtual private endpoints
- Appliances and virtual appliances
- IP range selection: Provision subnets of any size, as small as
/29
and up to/9
from any IP address space. - Network ACLs: Access control lists (ACLs) can be used to control all incoming and outgoing traffic in IBM Cloud VPC.
- Public gateways: Attaching a public gateway allows all attached resources to communicate with the public internet.
- Routing tables: IBM Cloud VPC automatically generates a default routing table for the VPC to manage traffic in the zone. By default, this routing table is empty. You can add routes to the default routing table, or create a custom routing table, and then add routes to the new table.