Tutorial: Bring your IP addresses to IPAM - Amazon Virtual Private Cloud

Tutorial: Bring your IP addresses to IPAM

The tutorials in this section walk you through the process of bringing public IP address space to AWS and managing the space with IPAM.

Managing public IP address space with IPAM has the following benefits:

  • Improves public IP addresses utilization across your organization: You can use IPAM to share IP address space across AWS accounts. Without using IPAM, you cannot share your public IP space across AWS Organizations accounts.

  • Simplifies the process of bringing public IP space to AWS: You can use IPAM to onboard public IP address space once, and then use IPAM to distribute your public IPs across Regions. Without IPAM, you have to onboard your public IPs for each AWS Region.

Important
  • Before you begin this tutorial, complete the steps in Onboarding prerequisites for your BYOIP address range in the Amazon EC2 User Guide for Linux Instances.

    When you create the ROAs, for IPv4 CIDRs you must set the maximum length of an IP address prefix to /24. For IPv6 CIDRs, if you are adding them to an advertisable pool, the maximum length of an IP address prefix must be /48. This ensures that you have full flexibility to divide your public IP address across AWS Regions. IPAM enforces the maximum length you set. The maximum length is the smallest prefix length announcement you will allow for this route. For example, if you bring a /20 CIDR block to AWS, by setting the maximum length to /24, you can divide the larger block any way you like (such as with /21, /22, or /24) and distribute those smaller CIDR blocks to any Region. If you were to set the maximum length to /23, you would not be able to divide and advertise a /24 from the larger block. Also, note that /24 is the smallest IPv4 block and /48 is the smallest IPv6 block you can advertise from a Region to the internet.

  • Once you bring an IPv4 address range to AWS, you can use all of the IP addresses in the range, including the first address (the network address) and the last address (the broadcast address).