Subnets in a VPC are created within the network that's defined in the VPC and are defined as Classless Inter-Domain Routing (CIDR) subset ranges within the VPC network. By default, addressing in the VPC uses the IPv4 protocol, but IPv6 can be configured separately. When defining the network with the CIDR, IP addresses are described as consisting of two groups of bits in the address – the network address and the host address. To define the number of bits used in the network address, we use / (slash) with a number. Let's look at an example:

• In an IP address where the first 16 bits represent the network address, we use a CIDR of /16
• The remaining 16 bits can be used for host addresses
• Since bits can be 0 or 1, we have 2 on the power of 16 available addresses
• A /16 network can thus support 65,536 hosts

The number of usable addresses is smaller than the theoretical maximum because of the following:

• The first (for example, 10.0.0.0) host address is used for the network
• The last (for example, 10.0.255.255) host address is used for broadcasting
• Some services are reserved by AWS – for instance, the internet gateway, DHCP service, and NAT gateway